urlscan.io logo urlscan.io
SecurityTrails logo

heraldcourier.com Open in urlscan Pro
192.104.183.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email.mail.heraldcourier.com/e/c/eyJlbWFpbF9pZCI6ImRnVE84d2NBQUphaEFwV2hBZ0dNQ0xicEJrdWZHTW5ST3YyTzFvWT0iLCJocmVmIjoiaHR0cHM6...
Effective URL: https://heraldcourier.com/terms/
Submission: On November 29 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 6 countries across 90 domains to perform 264 HTTP transactions. The main IP is 192.104.183.209, located in United States and belongs to LEE-ASN, US. The main domain is heraldcourier.com.
TLS certificate: Issued by GTS CA 1P5 on October 31st 2023. Valid for: 3 months.
This is the only time heraldcourier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 9 192.104.183.209 10668 (LEE-ASN)
25 104.16.132.24 13335 (CLOUDFLAR...)
2 108.138.107.138 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
5 18.67.65.21 16509 (AMAZON-02)
6 2607:f8b0:402... 15169 (GOOGLE)
22 2607:f8b0:402... 15169 (GOOGLE)
1 18.160.10.101 16509 (AMAZON-02)
4 2607:f8b0:402... 15169 (GOOGLE)
10 10 15.197.193.217 16509 (AMAZON-02)
1 52.85.130.144 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 35.245.15.98 396982 (GOOGLE-CL...)
1 52.85.131.58 16509 (AMAZON-02)
1 2600:9000:250... 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 2600:9000:219... 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 108.138.85.84 16509 (AMAZON-02)
1 2600:9000:247... 16509 (AMAZON-02)
1 2607:f8b0:402... 15169 (GOOGLE)
4 18.238.55.155 16509 (AMAZON-02)
3 2607:f8b0:402... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 54.175.178.6 14618 (AMAZON-AES)
1 54.144.144.142 14618 (AMAZON-AES)
5 2607:f8b0:402... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
8 11 162.19.138.118 16276 (OVH)
9 10 68.67.160.132 29990 (ASN-APPNEX)
7 10 3.225.218.10 14618 (AMAZON-AES)
1 23.44.201.172 20940 (AKAMAI-ASN1)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.213.22.88 14618 (AMAZON-AES)
1 35.190.39.111 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 10 2607:f8b0:402... 15169 (GOOGLE)
2 42 172.66.41.9 13335 (CLOUDFLAR...)
2 18.205.61.228 14618 (AMAZON-AES)
3 2607:f8b0:402... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 4 35.244.159.8 15169 (GOOGLE)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
3 18.233.217.217 14618 (AMAZON-AES)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 44.240.52.117 16509 (AMAZON-02)
1 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2 52.46.151.131 16509 (AMAZON-02)
1 2 69.173.151.100 26667 (RUBICONPR...)
10 12 142.250.80.34 15169 (GOOGLE)
3 11 172.64.151.101 13335 (CLOUDFLAR...)
1 74.119.119.139 19750 (AS-CRITEO)
1 67.202.105.31 32748 (STEADFAST)
1 51.222.239.230 16276 (OVH)
5 5 162.248.18.32 62713 (AS-PUBMATIC)
2 3 162.248.18.37 62713 (AS-PUBMATIC)
2 2 8.28.7.84 62713 (AS-PUBMATIC)
1 1 18.204.149.50 14618 (AMAZON-AES)
1 1 2600:1f18:765... 14618 (AMAZON-AES)
1 1 23.83.76.38 395954 (LEASEWEB-...)
5 8 34.111.113.62 396982 (GOOGLE-CL...)
8 9 199.127.204.171 26120 (RHYTHMONE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 2 50.31.142.127 23352 (SERVERCEN...)
2 3 35.71.139.29 16509 (AMAZON-02)
2 2 69.166.1.66 27630 (AS-XFERNET)
2 2 44.217.34.149 14618 (AMAZON-AES)
2 2 63.251.86.51 10913 (INTERNAP-BLK)
1 1 23.197.44.21 16625 (AKAMAI-AS)
1 1 8.2.110.161 46636 (NATCOWEB)
2 2 2620:116:800b... 14618 (AMAZON-AES)
1 1 199.38.167.131 54312 (ROCKETFUEL)
1 1 52.71.26.24 14618 (AMAZON-AES)
5 5 147.28.129.140 54825 (PACKET)
1 1 131.153.242.59 19437 (SS-ASH)
1 1 35.227.252.103 15169 (GOOGLE)
1 37.157.6.237 198622 (ADFORM)
1 67.202.105.21 32748 (STEADFAST)
3 3 2600:9000:207... 16509 (AMAZON-02)
3 52.85.132.4 16509 (AMAZON-02)
1 1 74.119.119.150 19750 (AS-CRITEO)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 104.18.35.167 13335 (CLOUDFLAR...)
1 108.138.64.70 16509 (AMAZON-02)
1 162.19.138.83 16276 (OVH)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 35.214.249.145 15169 (GOOGLE)
2 4 35.244.193.51 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 1 147.135.71.152 16276 (OVH)
2 2 174.137.133.32 27257 (WEBAIR-IN...)
1 1 159.89.246.130 14061 (DIGITALOC...)
1 35.173.27.72 14618 (AMAZON-AES)
1 34.96.70.202 396982 (GOOGLE-CL...)
1 2600:1f18:235... 14618 (AMAZON-AES)
1 1 8.28.7.81 62713 (AS-PUBMATIC)
1 1 52.1.148.234 14618 (AMAZON-AES)
2 3 63.251.86.49 10913 (INTERNAP-BLK)
2 35.227.210.113 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
3 2001:4998:14:... 14777 (YAHOO)
1 2 44.206.156.153 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 2600:9000:247... 16509 (AMAZON-02)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
1 172.217.13.102 15169 (GOOGLE)
2 6 34.98.64.218 396982 (GOOGLE-CL...)
3 5 35.244.154.8 396982 (GOOGLE-CL...)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 151.101.66.49 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.65.226 15169 (GOOGLE)
22 25 34.150.170.96 396982 (GOOGLE-CL...)
1 1 2600:9000:230... 16509 (AMAZON-02)
1 141.226.224.48 200478 (TABOOLA-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 13.225.214.117 16509 (AMAZON-02)
1 1 2600:9000:219... 16509 (AMAZON-02)
1 63.251.28.133 26558 (FREEWHEEL)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 2 52.0.156.250 14618 (AMAZON-AES)
1 52.206.243.9 14618 (AMAZON-AES)
1 23.47.69.85 ()
1 1 172.217.13.194 15169 (GOOGLE)
264 94
1    2600:9000:20e2:2c00:d:e169:8180:93a1 (United States)

ASN16509 (AMAZON-02, US)
email.mail.heraldcourier.com
9    192.104.183.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com
heraldcourier.com
25    104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.newyork1.vip.townnews.com
bloximages.chicago2.vip.townnews.com
2    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
2    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    18.67.65.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-21.iad89.r.cloudfront.net
tagan.adlightning.com
6    2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    18.160.10.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-101.iad12.r.cloudfront.net
config.aps.amazon-adsystem.com
4    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    52.85.130.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-130-144.iad50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
2    2a03:2880:f082:108:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    35.245.15.98 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.15.245.35.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
1    52.85.131.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-131-58.iad50.r.cloudfront.net
cdn.parsely.com
1    2600:9000:2509:ae00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    2600:9000:2199:5600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    108.138.85.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-84.iad12.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2479:8000:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
connectid.analytics.yahoo.com
1    2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
33e5e787848bfcd152663152def0ae2c.safeframe.googlesyndication.com
4    18.238.55.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-155.jfk52.r.cloudfront.net
cdn.segment.com
3    2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
analytics.google.com
4    2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    54.175.178.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-178-6.compute-1.amazonaws.com
www.i.matheranalytics.com
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
5    2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
11    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
10    68.67.160.132 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
10    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
cms.analytics.yahoo.com
1    23.44.201.172 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-172.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:1f18:730:b130:f3cf:b4f3:7358:30cb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    3.213.22.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-22-88.compute-1.amazonaws.com
rp4.liadm.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
42    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3006.infolinks.com
2    18.205.61.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-61-228.compute-1.amazonaws.com
bcp.crwdcntrl.net
3    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f175:181:face:b00c:0:25de (Chicago, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    18.233.217.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-217-217.compute-1.amazonaws.com
i.liadm.com
1    2600:141b:1c00:22::1730:e071 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
sli.heraldcourier.com
1    44.240.52.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-117.us-west-2.compute.amazonaws.com
api.segment.io
1    2600:1f18:4e9:5a05:5fe:b313:24e7:89dd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
12    142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
11    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
1    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
5    162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    18.204.149.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-149-50.compute-1.amazonaws.com
match.sharethrough.com
1    2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pxl.iqm.com
1    23.83.76.38 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
8    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
9    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    50.31.142.127 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    44.217.34.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-34-149.compute-1.amazonaws.com
ad.360yield.com
2    63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
1    23.197.44.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-44-21.deploy.static.akamaitechnologies.com
cs.media.net
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com
2    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    52.71.26.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-26-24.compute-1.amazonaws.com
ssp.disqus.com
5    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
3    2600:9000:2073:e800:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
3    52.85.132.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-4.iad50.r.cloudfront.net
syncv4.intentiq.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    2600:1f18:ed:550a:3539:381b:7999:2df1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    108.138.64.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-70.iad12.r.cloudfront.net
api.intentiq.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    35.214.249.145 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 145.249.214.35.bc.googleusercontent.com
csync.loopme.me
4    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    2607:f8b0:4020:806::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    147.135.71.152 (United States)

ASN16276 (OVH, FR)
PTR: ns105964.ip-147-135-71.us
tracker.exchange.amitydigital.io
2    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
1    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    35.173.27.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-27-72.compute-1.amazonaws.com
idx.liadm.com
1    34.96.70.202 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.70.96.34.bc.googleusercontent.com
ox-rtb-us-west1.openx.net
1    2600:1f18:2352:af01:a505:9a1:892d:586b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pn.ybp.yahoo.com
1    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.1.148.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-148-234.compute-1.amazonaws.com
rtb.gumgum.com
3    63.251.86.49 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
2    35.227.210.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.210.227.35.bc.googleusercontent.com
a.ctnsnet.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
3    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
cdn.js7k.com
beap-bc.yahoo.com
2    44.206.156.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-156-153.compute-1.amazonaws.com
fw.adsafeprotected.com
1    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cdn.ctnsnet.com
1    2600:9000:247b:9800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net
ad.doubleclick.net
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
5    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2607:f8b0:4006:80f::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
googleads4.g.doubleclick.net
25    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:2305:2400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    2600:1f18:612b:4216:c60f:823f:3002:28a0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
1    13.225.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net
aa.agkn.com
1    2600:9000:2199:9800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
1    52.206.243.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-243-9.compute-1.amazonaws.com
sync.bfmio.com
1    23.47.69.85 (None, )

ASN- ()
stags.bluekai.com
1    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
42 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6655
router.infolinks.com — Cisco Umbrella Rank: 2919
rt3006.infolinks.com — Cisco Umbrella Rank: 59601
325 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
227 KB
27 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4323
i.simpli.fi — Cisco Umbrella Rank: 3693
um.simpli.fi — Cisco Umbrella Rank: 795
12 KB
25 townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 15421
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 19880
323 KB
23 googlesyndication.com
33e5e787848bfcd152663152def0ae2c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
663 KB
14 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
u.openx.net — Cisco Umbrella Rank: 659
rtb.openx.net — Cisco Umbrella Rank: 695
ox-rtb-us-west1.openx.net — Cisco Umbrella Rank: 6608
4 KB
14 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
pn.ybp.yahoo.com — Cisco Umbrella Rank: 1473
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ads.yahoo.com — Cisco Umbrella Rank: 7567
beap-bc.yahoo.com — Cisco Umbrella Rank: 1556
16 KB
12 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
47 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 898
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 570
101 KB
11 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
image6.pubmatic.com — Cisco Umbrella Rank: 823
3 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
8 KB
11 heraldcourier.com
email.mail.heraldcourier.com
heraldcourier.com
sli.heraldcourier.com
79 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
8 KB
10 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 584
match.adsrvr.org — Cisco Umbrella Rank: 353
5 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
2 KB
8 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3063
rp.liadm.com — Cisco Umbrella Rank: 1574
rp4.liadm.com — Cisco Umbrella Rank: 6581
i.liadm.com — Cisco Umbrella Rank: 539
i6.liadm.com — Cisco Umbrella Rank: 2731
idx.liadm.com — Cisco Umbrella Rank: 2376
19 KB
7 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
syncv4.intentiq.com — Cisco Umbrella Rank: 15800
api.intentiq.com — Cisco Umbrella Rank: 1400
2 KB
7 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
lexicon.33across.com — Cisco Umbrella Rank: 1497
9 KB
7 google.com
analytics.google.com — Cisco Umbrella Rank: 157
ampcid.google.com — Cisco Umbrella Rank: 2931
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
521 KB
5 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
idsync.rlcdn.com — Cisco Umbrella Rank: 415
1 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
3 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
223 KB
5 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2185
146 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
71 KB
4 ctnsnet.com
a.ctnsnet.com — Cisco Umbrella Rank: 25404
i.ctnsnet.com — Cisco Umbrella Rank: 5849
cdn.ctnsnet.com — Cisco Umbrella Rank: 24800
4 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com — Cisco Umbrella Rank: 597
8 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1657
35 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
22 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
3 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11441
www.i.matheranalytics.com — Cisco Umbrella Rank: 11241
43 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1743
2 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2436
820 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
d.agkn.com — Cisco Umbrella Rank: 755
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
621 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
892 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1007 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 781
670 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1023 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
216 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3071
p1.parsely.com — Cisco Umbrella Rank: 2363
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
92 KB
2 gstatic.com
www.gstatic.com
13 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
545 B
1 bluekai.com
stags.bluekai.com
445 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
653 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6321
175 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1322
375 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
531 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
51 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 988
634 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 1846
15 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1589
275 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2175
380 B
1 amitydigital.io
tracker.exchange.amitydigital.io — Cisco Umbrella Rank: 10306
447 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
126 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
290 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1489
424 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
277 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1267
106 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3513
923 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
474 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
730 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 6847
565 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1513
874 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1733
295 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
326 B
1 iqm.com
pxl.iqm.com — Cisco Umbrella Rank: 4168
504 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
233 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
864 B
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1605
414 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1276
175 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
4 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4524
494 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
659 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
902 B
1 cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
668 B
264 90
Domain Requested by
29 router.infolinks.com 2 redirects resources.infolinks.com
tagan.adlightning.com
router.infolinks.com
ssum-sec.casalemedia.com
heraldcourier.com
25 um.simpli.fi 22 redirects
24 bloximages.newyork1.vip.townnews.com heraldcourier.com
12 pagead2.googlesyndication.com tagan.adlightning.com
ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
blank
securepubads.g.doubleclick.net
www.googletagservices.com
11 cm.g.doubleclick.net 9 redirects google-bidout-d.openx.net
ssum-sec.casalemedia.com
11 id5-sync.com 8 redirects cdn.id5-sync.com
resources.infolinks.com
heraldcourier.com
10 tpc.googlesyndication.com 2 redirects heraldcourier.com
ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
tagan.adlightning.com
10 securepubads.g.doubleclick.net heraldcourier.com
tagan.adlightning.com
securepubads.g.doubleclick.net
9 resources.infolinks.com tagan.adlightning.com
resources.infolinks.com
9 heraldcourier.com 1 redirects heraldcourier.com
8 dt.adsafeprotected.com heraldcourier.com
8 pixel.tapad.com 5 redirects router.infolinks.com
us-u.openx.net
8 us-u.openx.net 2 redirects google-bidout-d.openx.net
blank
us-u.openx.net
8 ups.analytics.yahoo.com 5 redirects connectid.analytics.yahoo.com
us-u.openx.net
8 match.adsrvr.org 8 redirects
8 ib.adnxs.com 7 redirects
7 dsum-sec.casalemedia.com 1 redirects google-bidout-d.openx.net
ssum-sec.casalemedia.com
6 sync.1rx.io 6 redirects
6 www.googletagmanager.com heraldcourier.com
www.googletagmanager.com
5 prebid.a-mo.net 5 redirects
5 image8.pubmatic.com 5 redirects
5 www.googletagservices.com tagan.adlightning.com
blank
fw.adsafeprotected.com
ad.doubleclick.net
5 tagan.adlightning.com heraldcourier.com
tagan.adlightning.com
4 lexicon.33across.com 2 redirects heraldcourier.com
4 rt3006.infolinks.com resources.infolinks.com
tagan.adlightning.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 cdn.segment.com heraldcourier.com
cdn.segment.com
tagan.adlightning.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 idsync.rlcdn.com 1 redirects
3 ce.lijit.com 2 redirects
3 syncv4.intentiq.com router.infolinks.com
heraldcourier.com
3 sync.intentiq.com 3 redirects
3 eb2.3lift.com 2 redirects
3 sync.targeting.unrulymedia.com 2 redirects
3 ad.turn.com 3 redirects
3 image2.pubmatic.com 2 redirects
3 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
3 i.liadm.com tagan.adlightning.com
i.liadm.com
ssum-sec.casalemedia.com
3 www.google.com heraldcourier.com
tagan.adlightning.com
3 analytics.google.com www.googletagmanager.com
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 px.ads.linkedin.com 1 redirects us-u.openx.net
2 id.rlcdn.com 2 redirects
2 fw.adsafeprotected.com 1 redirects a.ctnsnet.com
2 a.ctnsnet.com pn.ybp.yahoo.com
a.ctnsnet.com
2 sync.adkernel.com 2 redirects
2 secure.adnxs.com 2 redirects
2 cdn-ima.33across.com resources.infolinks.com
2 cms.quantserve.com 2 redirects
2 ap.lijit.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.go.sonobi.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 image4.pubmatic.com 2 redirects
2 pixel.rubiconproject.com 1 redirects
2 s.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
2 gum.criteo.com 1 redirects tagan.adlightning.com
2 www.facebook.com heraldcourier.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 oajs.openx.net 1 redirects heraldcourier.com
2 js.matheranalytics.com 1 redirects heraldcourier.com
2 connect.facebook.net heraldcourier.com
connect.facebook.net
2 insight.adsrvr.org 2 redirects
2 www.gstatic.com heraldcourier.com
2 c.amazon-adsystem.com heraldcourier.com
c.amazon-adsystem.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 ads.stickyadstv.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.taboola.com
1 s.ad.smaato.net 1 redirects
1 i.simpli.fi tagan.adlightning.com
1 beap-bc.yahoo.com cdn.js7k.com
1 s0.2mdn.net ad.doubleclick.net
1 pippio.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 static.adsafeprotected.com blank
1 cdn.ctnsnet.com blank
1 cdn.js7k.com pn.ybp.yahoo.com
1 ads.yahoo.com blank
1 i.ctnsnet.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 pn.ybp.yahoo.com blank
1 ox-rtb-us-west1.openx.net blank
1 idx.liadm.com b-code.liadm.com
1 e.serverbid.com 1 redirects
1 tracker.exchange.amitydigital.io 1 redirects
1 imasdk.googleapis.com tagan.adlightning.com
1 csync.loopme.me 1 redirects
1 s.company-target.com 1 redirects
1 lb.eu-1-id5-sync.com resources.infolinks.com
1 api.intentiq.com resources.infolinks.com
1 i6.liadm.com i.liadm.com
1 dis.criteo.com 1 redirects
1 ssc-cms.33across.com router.infolinks.com
1 cm.adform.net router.infolinks.com
1 ssum.casalemedia.com 1 redirects
1 rtb.openx.net 1 redirects
1 id.a-mx.com 1 redirects
1 ssp.disqus.com 1 redirects
1 p.rfihub.com 1 redirects
1 cm-x.mgid.com 1 redirects
1 cs.media.net 1 redirects
1 pixel.advertising.com 1 redirects
1 u.openx.net 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 pxl.iqm.com 1 redirects
1 match.sharethrough.com 1 redirects
1 onetag-sys.com router.infolinks.com
1 de.tynt.com router.infolinks.com
1 mug.criteo.com heraldcourier.com
1 pr-bh.ybp.yahoo.com google-bidout-d.openx.net
1 api.segment.io cdn.segment.com
1 sli.heraldcourier.com heraldcourier.com
1 google-bidout-d.openx.net tagan.adlightning.com
1 cdnjs.cloudflare.com bloximages.newyork1.vip.townnews.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 rp4.liadm.com heraldcourier.com
1 rp.liadm.com 1 redirects
1 hb.yahoo.net d1eoo1tco6rr5e.cloudfront.net
1 p1.parsely.com heraldcourier.com
1 www.i.matheranalytics.com heraldcourier.com
1 ampcid.google.com www.google-analytics.com
1 33e5e787848bfcd152663152def0ae2c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com tagan.adlightning.com
1 tags.crwdcntrl.net tagan.adlightning.com
1 invstatic101.creativecdn.com tagan.adlightning.com
1 cdn.prod.uidapi.com tagan.adlightning.com
1 static.criteo.net tagan.adlightning.com
1 oa.openxcdn.net tagan.adlightning.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 cdn.id5-sync.com tagan.adlightning.com
1 b-code.liadm.com www.googletagmanager.com
1 cdn.parsely.com www.googletagmanager.com
1 tag.simpli.fi www.googletagmanager.com
1 d1eoo1tco6rr5e.cloudfront.net www.googletagmanager.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 bloximages.chicago2.vip.townnews.com heraldcourier.com
1 email.mail.heraldcourier.com 1 redirects
264 148
Subject Issuer Validity Valid
heraldcourier.com
GTS CA 1P5		 2023-10-31 -
2024-01-29		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-07 -
2023-12-06		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-14		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
sli.leetemplates.com
R3		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M01		 2023-02-10 -
2024-02-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2023-12-27		 2 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
www.cdn77.com
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 21 frames:

Primary Page: https://heraldcourier.com/terms/
Frame ID: EC1E4DA054CFE17832690A25EE8B1528
Requests: 160 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 63070A03D37963B152FAEE9BCCA8AB16
Requests: 2 HTTP requests in this frame

Frame: https://33e5e787848bfcd152663152def0ae2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F673B90B524929B8A1C3742879FC2128
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Frame ID: FB251CE869CA94FE4552FE0B867545C8
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Frame ID: EC173AA66A075EB02986C853346B5429
Requests: 6 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 92B0C42CC2262DA9FB666432D86EC593
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=heraldcourier.com
Frame ID: 3CD010B0CF17A859D4D6FD09A23C2886
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-058n?duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&euns=0&s=&version=v2.11.1&
Frame ID: 34E4AA4ED94B7ABEB356251948686630
Requests: 3 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Frame ID: 3A72EF5170300EA1F285C46F1491EB33
Requests: 24 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 5A8E497EF1CD6DD4E7E2D2BDE55FC7AD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: C3254BF08E4F06320F0EF030B915B08F
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 50835509F305E6AD1490A9A6B0618DBE
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-3.0.html
Frame ID: 7CB455545D59281E597F90E655C79D58
Requests: 5 HTTP requests in this frame

Frame: https://ox-rtb-us-west1.openx.net/win/infolinks?p=0.142&t=2DAABBgABAAECAAIBAAsAAgAAAf8cGAoxYzdybnViVlJtHBaMp-Ly5uuevdoBFvvZtPHVpoH-jAEAHBa4usK-vP2lzuABFrfY2oP8uqPTnAEAFvK5u9YMFQY4JDAxMTBlMjkzLTU5ZWQtNDJlOS05NjUwLTE3MmUyZjU1NGRlMxwVAhgZQUxXQVlTX0ZFRVNfVklBX01MX05PTl9PQhgLMjVfMjVfMjVfMjUAACwcFQIAHBUCABwVAgAAHCbW0rWIBBUEFQQmztK1iAQWlruBhgQlAhUCppwCFpwCFpwCFhQWFBYUFhQWgAMAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWqtqYgAQW_MGbgAQWirHAgwQW_rDAgwQVGBwUtAEUsAsAFQQmgAMWgAMWgAMRNQ4mgAM0AgAsLBa-pqqswOi03jYWq_ux-9Sw7bf1AQAW8rm71gwGKKramIAEFvzBm4AEFv6wwIMEFoqxwIMEGAc2NzM4Mzc0FvDpVBaAAyUEFmAYAzI3OBUCoSgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAR0cnVlAKw4JGNyaW10YW4uY29tQHNvbWVsaWtlaXRob3RtdXNpY2FsLmNvbQAAAA&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Frame ID: FD3162B86FCCCE64E529F0C0B049B2F6
Requests: 11 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 437A339401FF47B1B9CD8A5AB567B7D6
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Frame ID: 3EEFF0E39BB4178592C186182324BD8E
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Frame ID: 03219E64C1931D04222434E01081711D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A9C972EA89720B412C50BF5453E86432
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 6E6020AEBA2FE1B974638660A035FC46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B88E94C1A5A92808A5F5B052D39F234
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D680E297E7742C26143BD23F604E58A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Terms | heraldcourier.com

Page URL History Show full URLs

  1. https://email.mail.heraldcourier.com/e/c/eyJlbWFpbF9pZCI6ImRnVE84d2NBQUphaEFwV2hBZ0dNQ0xicEJrdWZHTW5ST3YyTzFvWT0i... HTTP 302
    https://heraldcourier.com/terms HTTP 301
    https://heraldcourier.com/terms/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

264
Requests

70 %
HTTPS

32 %
IPv6

90
Domains

148
Subdomains

94
IPs

6
Countries

3250 kB
Transfer

8879 kB
Size

168
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email.mail.heraldcourier.com/e/c/eyJlbWFpbF9pZCI6ImRnVE84d2NBQUphaEFwV2hBZ0dNQ0xicEJrdWZHTW5ST3YyTzFvWT0iLCJocmVmIjoiaHR0cHM6Ly9oZXJhbGRjb3VyaWVyLmNvbS90ZXJtcyIsImludGVybmFsIjoiY2VmMzA3MDFlNTM2OTZhMTAyIiwibGlua19pZCI6Nn0/31436cc9e964e1a6a0cdd4cb5c0477d10ec23b78f9cfa27a6196bef68a74933a HTTP 302
    https://heraldcourier.com/terms HTTP 301
    https://heraldcourier.com/terms/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 301
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Request Chain 53
  • https://js.matheranalytics.com/s/ma1527/725149306/lee/ml.js?cb=1641 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Request Chain 79
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rid=esp&cc=1
Request Chain 81
  • https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Df667bb86-d4bf-4480-bd1b-33d60c80f690 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3620806462578181671&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f667bb86-d4bf-4480-bd1b-33d60c80f690&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=f667bb86-d4bf-4480-bd1b-33d60c80f690&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Vc1lZM1B4RTJ1SGJLUlE0ejA2eFNzWXh1TUVTRC5xcn5B&gdpr=0&ovsid=f667bb86-d4bf-4480-bd1b-33d60c80f690&dpid=55953
Request Chain 82
  • https://rp.liadm.com/j?dtstmp=1701277304107&aid=a-058n&se=e30&duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&tna=v2.11.1&pu=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&ext__pubcid=45cb42a4-2460-4599-990a-e428e7e44862&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRlcm1zIHwgaGVyYWxkY291cmllci5jb208L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tL3Rlcm1zLyI-PGgxPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iL3Rlcm1zIj4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgVGVybXMKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICA8L2gxPg HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&aid=a-058n&tna=v2.11.1&dtstmp=1701277304107&n3pc=true&wpn=lc-bundle&ext__pubcid=45cb42a4-2460-4599-990a-e428e7e44862&i6=MjAwMTo1NTA6MWQwNToxOjo1&pu=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRlcm1zIHwgaGVyYWxkY291cmllci5jb208L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tL3Rlcm1zLyI-PGgxPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iL3Rlcm1zIj4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgVGVybXMKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICA8L2gxPg
Request Chain 95
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOC58J6_iwEQARgBMgjMPxPejxejtg HTTP 301
  • https://tpc.googlesyndication.com/simgad/11019718898807259284
Request Chain 96
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOC58PGdiQEQARgBMgiY49jY5iw_7Q HTTP 301
  • https://tpc.googlesyndication.com/simgad/5123380353344155839
Request Chain 119
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8a6aa1b7-ecc0-c6e4-0c88-5d512341b5fe HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8a6aa1b7-ecc0-c6e4-0c88-5d512341b5fe&dcc=t
Request Chain 120
  • https://match.adsrvr.org/track/cmf/openx?oxid=d2bcddca-f06a-7d1e-cc86-dfc64b727e1e&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f667bb86-d4bf-4480-bd1b-33d60c80f690&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690&google_gid=CAESEI5EyCMyMFzwUIe2BnYdzvg&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&expiration=1703869305&gdpr=0&gdpr_consent=
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED1T6eua972vhzhYhOu3y9E&google_cver=1
Request Chain 123
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=heraldcourier.com&sn=ChromeSyncframe&so=0&topUrl=heraldcourier.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=k9awJnxFV21TamxSNGFmRXowNlRFcERBOUZxOGtGQUVvOGN4TFRpSS9TbG9KcEJUT1BTRmgwN2Rua0ZSelZDUGJKaVllYzB1UnNuek8zcDdLVzVwYWhGS3d2azNVSUM1UVZRcjV2ZGNpN3FyeUlxRWpkOGxDVzd4WDFlSGI2NjJrbUFlVis4d2VwNnh2ZVlaWDZFb2hhbFRDNWlyWTRTVVl5cEpkbDk3VmNsQ3MzWHpVemRRREtEZ2M3dDNGTFlJNmdNd2tTSFZCakU5RGVWTzlpbzg1LzJnV09LZm5YL2FWV0NXOXlOdFRRWVBaSVpXOTZxK3ZPYVF4M3QwZHJqd29GeGU0V0IwendUelBBTUZwSVJ2aU5BUkt4UE5yc1VqY0g0T0hiZVUyd3h2VmluND18&cppv=2
Request Chain 127
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 129
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0FFOEYxNDUtNEExQi00ODM2LUFBRDEtQzAzOTkwNjRGMzRD&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DEC0DE233-2EF3-44EE-9B5B-047A2F057529&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
Request Chain 130
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=3620806462578181671
Request Chain 131
  • https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g HTTP 302
  • https://router.infolinks.com/dyn/sthr-us?user_id=25254dbf-6fae-4c94-b482-b957062a5d4a
Request Chain 132
  • https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20 HTTP 302
  • https://router.infolinks.com/dyn/iqm-us?uid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d
Request Chain 133
  • https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent= HTTP 302
  • https://router.infolinks.com/dyn/eqv-us?user_id=5275041080711347650&gdpr=0&gdpr_consent=
Request Chain 134
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b
Request Chain 135
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm~A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm~A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3399&partner_device_id=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttd_puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%2C%2C
Request Chain 136
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1701277305057 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=230476075 HTTP 302
  • https://sync.1rx.io/usersync/turn/7597861881269437439?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005 HTTP 302
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Request Chain 137
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__&s=2 HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=Jdi-O3-nPqSJOSeXUTQZ
Request Chain 138
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/tplift?uid=1099236787450585329372
Request Chain 139
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/sonobi-usync?uid=10374ec6-5eb8-464f-9db3-01113411b037
Request Chain 140
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=48873cc0-6d77-4347-8843-af66d1f8a092&partner_id=1531
Request Chain 141
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG~A
Request Chain 142
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=HvP9jLZHhwIVHYYIRGe3_3HF
Request Chain 143
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUMwREUyMzMtMkVGMy00NEVFLTlCNUItMDQ3QTJGMDU3NTI5&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DEC0DE233-2EF3-44EE-9B5B-047A2F057529&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
Request Chain 144
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP 302
  • https://router.infolinks.com/dyn/mnet-usync?uid=3442789051523532000V10
Request Chain 145
  • https://cm-x.mgid.com/5abf3d2eff2f70c0a0669cd9f0f84ba0.gif?puid=[UID]&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmgid-us%3Fuser_id%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/mgid-us?user_id=b22f9e7a-aa62-4982-974d-099b3ceff054
Request Chain 146
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6048209932 HTTP 302
  • https://sync.1rx.io/usersync/turn/7669919475307365375?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005 HTTP 302
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Request Chain 147
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP 302
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e
Request Chain 148
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=968907272820722518
Request Chain 149
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wOGZkNjExYi1kNTc0LTNmMTAtYWI1NS0xMzM0MjNmMjI3OWUQ____________ASpSaHR0cHM6Ly9yb3V0ZXIuaW5mb2xpbmtzLmNvbS9keW4vZGlzdXM_dWlkPXVhLTA4ZmQ2MTFiLWQ1NzQtM2YxMC1hYjU1LTEzMzQyM2YyMjc5ZTICBgw4AQ==%26buyeruid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/5002?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%3D&uid=3620806462578181671 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/1/5002?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=amx_com&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%3D&uid=86030873-84ae-45c7-afc4-b6be0127f315 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/2/5002?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=openx&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%3D&uid=eb625205-49f5-4ef7-a70a-1fd3ca29bc93 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/4/5002?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%3D&uid=ZWduecYvyfVFyPgUHOy9qAAA%265559 HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%253D%26uid%3D%24UID
Request Chain 151
  • https://router.infolinks.com/dyn/iq-usync HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=94126c18-eb99-4941-96e8-02924107fb5a&3rddpi=2023874098&3rdpcid=ZWduecYvyfVFyPgUHOy9qAAA%265559&3rddpi=1810047279&3rdpcid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d&3rddpi=1639354730&3rdpcid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG%7EA&3rddpi=1634346717&3rdpcid=Jdi-O3-nPqSJOSeXUTQZ&3rddpi=1213503647&3rdpcid=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm%7EA&3rddpi=1239766150&3rdpcid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b&3rddpi=443164713&3rdpcid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=94126c18-eb99-4941-96e8-02924107fb5a&3rddpi=2023874098&3rdpcid=ZWduecYvyfVFyPgUHOy9qAAA%265559&3rddpi=1810047279&3rdpcid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d&3rddpi=1639354730&3rdpcid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG%7EA&3rddpi=1634346717&3rdpcid=Jdi-O3-nPqSJOSeXUTQZ&3rddpi=1213503647&3rdpcid=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm%7EA&3rddpi=1239766150&3rdpcid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b&3rddpi=443164713&3rdpcid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e&ripv6=2001:550:1d05:1::5
Request Chain 152
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-XiFY7G6HfzxW0044sOTJNG8nijtB8bCzzSYazQ
Request Chain 159
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=190702&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&tsrnd=178_1701277305006&fbp=646215235&jsver=5.36&abtp=100&abtg=A HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=190702&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&tsrnd=178_1701277305006&fbp=646215235&jsver=5.36&abtp=100&abtg=A&ripv6=2001:550:1d05:1::5
Request Chain 161
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWduecYvyfVFyPgUHOy9qAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEgQ1DKmXNCqYeIezTgz_8Y&google_cver=1
Request Chain 162
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690&google_gid=CAESEI5EyCMyMFzwUIe2BnYdzvg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWduecYvyfVFyPgUHOy9qAAAFbcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtn7McQ42N-i29mkSPdCiw&google_cver=1
Request Chain 165
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717002105&external_user_id=85cf0e2b-4285-4f6d-b6d7-4d2330e0ec47
Request Chain 166
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vWHZab0x2GemYd1tvGHCbbsw22amZNppvTZBJuQ-
Request Chain 167
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=145c1539-aaff-492e-b552-edc3189dcb6b&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 168
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3620806462578181671
Request Chain 170
  • https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.2.0 HTTP 307
  • https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.2.0&b=1&g=Bah3e5fJ3VOtMZ%2FrqybsIqwydArwBqX2uNEDTBAbd9I%3D&fp=m65fKPeRDxkrmHHD3VO6n2Nzaj3CMyZSp5ARh%2Fw2LkOd%2FS554NnjoNbN1t35hEauBbIEGylss0wLI6o4cx4HBA%3D%3D
Request Chain 171
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.2.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.2.0&b=1&g=PAjeBsXKuqEHT20A%2FbqV8sznVeVMZTPrLizwO543hPQ%3D
Request Chain 177
  • https://tracker.exchange.amitydigital.io/sync?id=11&uid=94126c18-eb99-4941-96e8-02924107fb5a HTTP 302
  • https://router.infolinks.com/dyn/amd-us?user_id=ce7defb9-4001-130a-f063-c77e322fa4a6
Request Chain 178
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=94126c18-eb99-4941-96e8-02924107fb5a=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd0473bc4-61f1-4807-bfdc-b530f2b53b7b%252Chttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fta-usync%25253Fuid%25253Dd0473bc4-61f1-4807-bfdc-b530f2b53b7b%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3620806462578181671&pt=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%2Chttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fta-usync%253Fuid%253Dd0473bc4-61f1-4807-bfdc-b530f2b53b7b%2C HTTP 302
  • https://router.infolinks.com/dyn/ta-usync?uid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b
Request Chain 179
  • https://sync.adkernel.com/user-sync?zone=202694&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F152mus%3Fuid%3D%7BUID%7D HTTP 302
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202694%26dsp%3D639242%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=202694&dsp=639242&t=image&uid=3620806462578181671 HTTP 302
  • https://router.infolinks.com/dyn/152mus?uid=A9185376858540384715
Request Chain 180
  • https://e.serverbid.com/usersync?cspi=154&ttt=1&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fcons-us%3Fuser_id%3D%24%7BUID%7D HTTP 302
  • https://router.infolinks.com/dyn/cons-us?user_id=9f104f8a99a3464f904f8a99a3264fa0
Request Chain 188
  • https://id5-sync.com/i/535/8.gif?id5id=ID5*PMSfnDbaJNnlKxxHP7P7rlKmHTcYKWaZnz3qdsw8VFRxf6464nXibPAAhp5j4gO6cYCwrCL4EvlyLjEafJuaSw&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/535/429/7/2.gif?puid=EC0DE233-2EF3-44EE-9B5B-047A2F057529&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/535/108/6/3.gif?puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/535/441/5/4.gif?puid=u_0d257e7c-a118-4a85-805d-87b17384eb86&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/535/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/535/2/4/5.gif?puid=3620806462578181671&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=EC0DE233-2EF3-44EE-9B5B-047A2F057529&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1242%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/535/1242/3/6.gif?puid=HvP9jLZHhwIVHYYIRGe3_3HF&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=3620806462578181671&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1246%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/535/1246/2/7.gif?puid=HvP9jLZHhwIVHYYIRGe3_3HF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/535/434/1/8.gif?puid=10374ec6-5eb8-464f-9db3-01113411b037&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttl=%%TTL%%
Request Chain 190
  • https://cms.analytics.yahoo.com/cms?partner_id=CRIMT&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58680/cms?partner_id=CRIMT&gdpr_consent= HTTP 302
  • https://i.ctnsnet.com/int/cm?prv=yh&crdp=true&uid=y-4BBvlFpE2pOLL4i2MxRcpapjJGoV55AbPjE-~A HTTP 302
  • https://ads.yahoo.com/cms/v1?sigv=1&nwid=10000010147&eid=c93fc6010f654086b30572bc36252244&esig=2~8a80e4236f70e1a41347a376f5ad11ad86d1de12
Request Chain 195
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1341524/76240919/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&adsafe_type=abeq&adsafe_jsinfo=,id:8b1d601e-b277-b683-64a8-9f01895b59ab,c:vkYGg5,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5f456796bd-88crx,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:A.us.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:34,oid:faa7e048-8ed8-11ee-9d8a-925d24af9327,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 205
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=877aa2ac-3d2d-4b7e-93ff-5f3572e91fc6 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokODc3YWEyYWMtM2QyZC00YjdlLTkzZmYtNWYzNTcyZTkxZmM2EAAaDQj73J2rBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&rand=07742699 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&rand=07742699&expected_cookie=82b988db-4915-42c6-9266-56eb1d05c528
Request Chain 206
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3620806462578181671
Request Chain 207
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7669919475307365375&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 208
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZWduewADRb6lpgBU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWduewADRb6lpgBU&_test=ZWduewADRb6lpgBU
Request Chain 229
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=206C99B048774CB99E9DDE3E967775E8 HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=b79e8eed1d&gdpr=0&gdpr_consent=
Request Chain 230
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/206C99B048774CB99E9DDE3E967775E8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Request Chain 231
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=206C99B048774CB99E9DDE3E967775E8&dongle=yf3
Request Chain 232
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=206C99B048774CB99E9DDE3E967775E8
Request Chain 233
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=206C99B048774CB99E9DDE3E967775E8
Request Chain 234
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=206C99B048774CB99E9DDE3E967775E8 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1701277309031&ip=38.132.118.67&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214690604715007429985 HTTP 302
  • https://um.simpli.fi/aa_px?sk=214690604715007429985 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 235
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=206C99B048774CB99E9DDE3E967775E8 HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=206C99B048774CB99E9DDE3E967775E8&ripv6=2001:550:1d05:1::5
Request Chain 236
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:206C99B048774CB99E9DDE3E967775E8
Request Chain 237
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=206C99B048774CB99E9DDE3E967775E8
Request Chain 238
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=206C99B048774CB99E9DDE3E967775E8;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=206C99B048774CB99E9DDE3E967775E8;mimetype=img;sr HTTP 302
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-5832167249831704185
Request Chain 239
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=206C99B048774CB99E9DDE3E967775E8&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=206C99B048774CB99E9DDE3E967775E8&j=0&xl8blockcheck=1
Request Chain 240
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=206C99B048774CB99E9DDE3E967775E8
Request Chain 241
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=206C99B048774CB99E9DDE3E967775E8
Request Chain 242
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=206C99B048774CB99E9DDE3E967775E8
Request Chain 243
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=206C99B048774CB99E9DDE3E967775E8
Request Chain 244
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=206C99B048774CB99E9DDE3E967775E8
Request Chain 245
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=206C99B048774CB99E9DDE3E967775E8 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=877aa2ac-3d2d-4b7e-93ff-5f3572e91fc6
Request Chain 246
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1701277308622&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=565617423&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=fG5nZdKUNaiSoPMPq46UoA8&sscte=1&crd=&pscrd=IhMI0sKj7dfpggMVKAloCB0rBwX0 HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=565617423&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI0sKj7dfpggMVKAloCB0rBwX0&is_vtc=1&ocp_id=fG5nZdKUNaiSoPMPq46UoA8&cid=CAQSKQDICaaNPEw2vIQvaqwV1qM_poik1WL5_HNITP1kguqXyEP1jRc38btf&random=538164355
Request Chain 248
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=206C99B048774CB99E9DDE3E967775E8
Request Chain 249
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=206C99B048774CB99E9DDE3E967775E8&expires=365
Request Chain 250
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=206C99B048774CB99E9DDE3E967775E8
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEJgPZhCMUjRNnQTVapvC_C8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=206C99B048774CB99E9DDE3E967775E8 HTTP 302
  • https://um.simpli.fi/g_match?id=

264 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heraldcourier.com/terms/
Redirect Chain
  • https://email.mail.heraldcourier.com/e/c/eyJlbWFpbF9pZCI6ImRnVE84d2NBQUphaEFwV2hBZ0dNQ0xicEJrdWZHTW5ST3YyTzFvWT0iLCJocmVmIjoiaHR0cHM6Ly9oZXJhbGRjb3VyaWVyLmNvbS90ZXJtcyIsImludGVybmFsIjoiY2VmMzA3MDFl...
  • https://heraldcourier.com/terms
  • https://heraldcourier.com/terms/
146 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
342dbd3a86ee265d0ad082f4056e43266d64b4be6b5bc010c78ac2035ae35845
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
39350
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 17:01:42 GMT
etag
W/e94869b38951c267615eefff511687df
last-modified
Wed, 29 Nov 2023 17:01:42 GMT
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.71.9; app2; 0.24s; 3.1M
x-ua-compatible
IE=edge
x-vcache
MISS
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
1469
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 17:01:42 GMT
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location
https://heraldcourier.com/terms/
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.71.9; app10; 0.02s; 1.3M
x-vcache
MISS
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
830266
cross-origin-resource-policy
cross-origin
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069ff25c76-MIA
expires
Wed, 30 Oct 2024 07:39:49 GMT
user.js
heraldcourier.com/shared-content/art/tncms/user/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldcourier.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/terms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:58:22 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 21:44:45 GMT
x-vcache
HIT
age
200
etag
W/"65568d4d-c46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1437
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1141575
cross-origin-resource-policy
cross-origin
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a06c8475c76-MIA
expires
Sat, 09 Nov 2024 08:36:07 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
32021
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:14 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a922-841f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a06c8455c76-MIA
expires
Thu, 28 Nov 2024 07:08:19 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1589642
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069ff75c76-MIA
expires
Sun, 10 Nov 2024 07:01:11 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
2359823
cross-origin-resource-policy
cross-origin
last-modified
Fri, 23 Jun 2023 18:40:28 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6495e71c-10fa"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069ff45c76-MIA
expires
Sat, 22 Jun 2024 19:01:35 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
12087
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da2-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a06c84b5c76-MIA
expires
Fri, 01 Nov 2024 08:08:59 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
2220823
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:37 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da1-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069fee5c76-MIA
expires
Thu, 31 Oct 2024 06:21:08 GMT
layout.9509b461cedc7767649ee83a5b35c177.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
75041
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a924-26683"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069fef5c76-MIA
expires
Wed, 27 Nov 2024 20:01:22 GMT
lee.ds.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 		97 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1701241205
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c357a5e69089e5088279fc5aaa5663d088815b3408a005dd6bc93b50bf7745
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
32021
cross-origin-resource-policy
cross-origin
last-modified
Wed, 29 Nov 2023 07:00:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566e175-18487"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069ff05c76-MIA
expires
Thu, 28 Nov 2024 07:05:11 GMT
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
98681
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:41 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da5-183e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069ff15c76-MIA
expires
Fri, 01 Nov 2024 07:32:39 GMT
access.d7adebba498598b0ec2c.js
heraldcourier.com/shared-content/art/tncms/api/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldcourier.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer
https://heraldcourier.com/terms/
Origin
https://heraldcourier.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:58:22 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 14:48:42 GMT
x-vcache
HIT
age
200
etag
W/"654b9fca-1164b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
29242
service-worker-allowed
/
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:36:35 GMT
content-encoding
gzip
via
1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront), 1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
1508
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
BI-pW6l_8Rv4yFkwKGzoDRWfynxpE_OxuaKkcww8Al2THJfMuhcP_w==
heraldcourier.com.js
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/heraldcourier.com.js?_dc=1701277302
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a31894ecca45b8d1c2a155ceca79ba3acbb405e81e179d6949bd75d6e54dd55
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
last-modified
Wed, 29 Nov 2023 06:01:43 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566d3c7-178c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a067dbf31cc-MIA
expires
Thu, 28 Nov 2024 17:01:42 GMT
tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
97839
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da2-dbe"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a07da595c76-MIA
expires
Fri, 01 Nov 2024 06:15:46 GMT
tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1731164
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294203-1baf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a07da5c5c76-MIA
expires
Wed, 30 Oct 2024 11:20:19 GMT
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3945
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 21:11:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 09:11:47 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8653
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 12:52:44 GMT
messaging.js
heraldcourier.com/shared-content/art/tncms/api/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldcourier.com/shared-content/art/tncms/api/messaging.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/terms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:58:56 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 21:44:45 GMT
x-vcache
HIT
age
166
etag
W/"65568d4d-9cb"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
885
service-worker-allowed
/
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
32021
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:34 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294206-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a06c8485c76-MIA
expires
Wed, 30 Oct 2024 08:12:09 GMT
tracking.js
heraldcourier.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldcourier.com/shared-content/art/tncms/tracking.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/terms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:00:40 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 21:44:45 GMT
x-vcache
HIT
age
61
etag
W/"65568d4d-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
prebid7.9.0.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 		197 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid7.9.0.js?_dc=1696436849
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
104675
cross-origin-resource-policy
cross-origin
last-modified
Wed, 04 Oct 2023 16:27:29 GMT
x-vcache
MISS
server
cloudflare
etag
W/"651d9271-313f5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a06c84d5c76-MIA
expires
Sun, 10 Nov 2024 06:31:57 GMT
lee.common.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1701241205
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
32021
cross-origin-resource-policy
cross-origin
last-modified
Wed, 29 Nov 2023 07:00:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566e175-2459"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a069ff65c76-MIA
expires
Thu, 28 Nov 2024 07:05:11 GMT
fontawesome.568f3d1ab17b33ce05854081baadadac.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		268 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1572611
cross-origin-resource-policy
cross-origin
last-modified
Thu, 14 Sep 2023 21:59:36 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65038248-43130"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a07da5f5c76-MIA
expires
Wed, 18 Sep 2024 19:01:28 GMT
tracker.js
heraldcourier.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heraldcourier.com/shared-content/art/stats/common/tracker.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/terms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:59:14 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 08:22:23 GMT
x-vcache
HIT
age
148
etag
W/"654b453f-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
e0d66240-6be2-11ec-a380-ff649233b50f.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/e0d66240-6be2-11ec-a380-ff649233b50f.png
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88bc41dfc3e11b318a5a3eeeb403b70f98705db64962f4647a3ad2cb9083aa6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1731162
cf-polished
origFmt=png, origSize=5857
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="e0d66240-6be2-11ec-a380-ff649233b50f.webp"
content-length
4166
cf-bgj
imgq:85,h2pri
last-modified
Sun, 02 Jan 2022 15:44:32 GMT
server
cloudflare
x-vcache
MISS
etag
"61d1c860-16e1"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
82dc6a06f8985c76-MIA
expires
Thu, 31 Oct 2024 10:36:20 GMT
user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 		978 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
830267
cf-polished
origFmt=png, origSize=3610
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="user_no_avatar.webp"
content-length
978
cf-bgj
imgq:85,h2pri
last-modified
Thu, 02 Apr 2015 21:53:54 GMT
server
cloudflare
x-vcache
MISS
etag
"551dba72-e1a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
82dc6a07da615c76-MIA
expires
Tue, 15 Oct 2024 16:37:45 GMT
logo-tagline.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1701241205
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
32021
cf-polished
origFmt=png, origSize=10949
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="logo-tagline.webp"
content-length
5302
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Nov 2023 07:00:05 GMT
server
cloudflare
x-vcache
MISS
etag
"6566e175-2ac5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
82dc6a06f89c5c76-MIA
expires
Thu, 28 Nov 2024 07:05:11 GMT
op.js
tagan.adlightning.com/leeenterprises/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/op.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-21.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fdef11b3bd321cfa04ac052c402517bbeb47a3ce342d862e2fd536357083c41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
sqP2puKKUIZcBBCgzbYvXFE2gJryMllX
content-encoding
gzip
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
date
Wed, 29 Nov 2023 16:31:47 GMT
x-amz-cf-pop
IAD89-P1
age
1797
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19216
x-amz-meta-git_commit
e09f10f
last-modified
Wed, 29 Nov 2023 07:36:19 GMT
server
AmazonS3
etag
"6c3a702dc81dc350d30d1d9c3ce64b4e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
qhnLnsHldGkNqmgWQ8mYc8WAJSzW0nOOebtoJhW4TACBXrlbRvBoBg==
heraldcourier.com.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 		1 KB
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/heraldcourier.com.js?_dc=1696436850
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76460f1cd530a92dcb3d35468233b10d40dcb0ea7595aceb225104e63c3b78bc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:42 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
2527757
cross-origin-resource-policy
cross-origin
last-modified
Wed, 04 Oct 2023 16:27:30 GMT
x-vcache
MISS
server
cloudflare
etag
W/"651d9272-5b9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a0769895c76-MIA
expires
Thu, 03 Oct 2024 16:32:56 GMT
dfp.lazy.pbjs.js
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.pbjs.js?_dc=1696436849
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9453c81287d37b52d6364987b4fe7618de7f9761f3d6805432132efa7d5d2c60
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
101041
cross-origin-resource-policy
cross-origin
last-modified
Wed, 04 Oct 2023 16:27:29 GMT
x-vcache
MISS
server
cloudflare
etag
W/"651d9271-4477"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
82dc6a07da585c76-MIA
expires
Tue, 19 Nov 2024 23:13:27 GMT
gtm.js
www.googletagmanager.com/ 		231 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
547a72f5d48add2256dff4288ae01474b730771417eb6617b15a0ce32e76e6ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79168
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 17:01:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63af77ea83054bc496c80a959cdc083aff021ddabc09ddd062e83387793b7672
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30332
x-xss-protection
0
server
cafe
etag
476 / 19690 / m202311150101 / config-hash: 3080115608911758694
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:01:43 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 05:03:00 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
43124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
sXZW7EvqpC6LkszMEVvFOqRBRdVFbX4v0hdrvHzeJ3yPoBDGs_P3XQ==
3266
config.aps.amazon-adsystem.com/configs/ 		505 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3266
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-101.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
cb27a1a24844c4ee744ea6e0d609dcbd9c01f09cfdf64d993e0dceb15fb725e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:30:51 GMT
via
1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
age
1852
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
1uQt_7NlD-TSQWGEZpeIDexeay4GgeHpU37FMn0C4Cx25Op0MnTIfQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
tracker.gif
heraldcourier.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heraldcourier.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1701277303005160012001417725332407&tnms_dt=Terms%20%7C%20heraldcourier.com&tnms_upage=1&tnms_do=heraldcourier.com&tnms_uri=/terms/&tnms_ref=&rt=1701277303007
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/terms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gtm.js
www.googletagmanager.com/ 		546 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de0ce030643fe155dcd3d3dd803b7f90cb7aee4ef7460efe314609f41e128311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138315
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 17:01:43 GMT
e0d66240-6be2-11ec-a380-ff649233b50f.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/custom/image/e0d66240-6be2-11ec-a380-ff649233b50f.png
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88bc41dfc3e11b318a5a3eeeb403b70f98705db64962f4647a3ad2cb9083aa6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1731163
cf-polished
origFmt=png, origSize=5857
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="e0d66240-6be2-11ec-a380-ff649233b50f.webp"
content-length
4166
cf-bgj
imgq:85,h2pri
last-modified
Sun, 02 Jan 2022 15:44:32 GMT
server
cloudflare
x-vcache
MISS
etag
"61d1c860-16e1"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
82dc6a07ea945c76-MIA
expires
Thu, 31 Oct 2024 10:36:20 GMT
logo-tagline.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/logo-tagline.png?_dc=1701241205
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
32022
cf-polished
origFmt=png, origSize=10949
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="logo-tagline.webp"
content-length
5302
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Nov 2023 07:00:05 GMT
server
cloudflare
x-vcache
MISS
etag
"6566e175-2ac5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
82dc6a07fa9e5c76-MIA
expires
Thu, 28 Nov 2024 07:05:11 GMT
user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 		978 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
830267
cf-polished
origFmt=png, origSize=3610
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="user_no_avatar.webp"
content-length
978
cf-bgj
imgq:85,h2pri
last-modified
Thu, 02 Apr 2015 21:53:54 GMT
server
cloudflare
x-vcache
MISS
etag
"551dba72-e1a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
82dc6a07faa05c76-MIA
expires
Tue, 15 Oct 2024 16:37:45 GMT
b-e09f10f-fd9abb4c.js
tagan.adlightning.com/leeenterprises/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-21.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 12:15:31 GMT
content-encoding
gzip
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
x-amz-version-id
zhzD0.k4yK1QATUF8Zyk6eChx2be4yrB
x-amz-cf-pop
IAD89-P1
age
1917973
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31504
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:07 GMT
server
AmazonS3
etag
"9906aff1d286210259bcaf608003dd01"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CzUMenVmDKlZ_SDorSybP-5zra9WtsA3yhRRkF2kkTU_ee2RZEm3EA==
bl-b80957a-a5875e82.js
tagan.adlightning.com/leeenterprises/ 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-b80957a-a5875e82.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-21.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53dc734ffb59d12c95d43922e11e095f08dd7b31434e7a148eb25da6b89b2c0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:53:33 GMT
content-encoding
gzip
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
x-amz-version-id
OBoUIZ6KuMduqi7L77LxK5J9R_tpwAVx
x-amz-cf-pop
IAD89-P1
age
32891
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32983
x-amz-meta-git_commit
b80957a
last-modified
Wed, 29 Nov 2023 07:36:00 GMT
server
AmazonS3
etag
"04692f1819d3fec5d54d9abd3de97d14"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
V-6os0z-i3-HoYQlu67M49EN00w4exv6eDUqov3I8qCTj1JPOQFj9g==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:56:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
43487
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 28 Nov 2024 04:56:56 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 16:52:28 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
555
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 29 Nov 2023 18:52:28 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
31f93bcb8996d23740082c728e84f43c45b9ca6f10bbc7c9fad5c230ab13f77f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64875
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 17:01:43 GMT
gtm.js
www.googletagmanager.com/ 		217 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c634d2011384186b21f8beba49e2f033f046fdf6f212c6fe2166302af82804bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70453
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 17:01:43 GMT
iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 6307
Redirect Chain
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
138 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.130.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-130-144.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
10556
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Wed, 29 Nov 2023 14:05:48 GMT
ETag
"50351b1f6590b5c4886c111874e016a0"
Last-Modified
Fri, 01 Oct 2021 23:50:10 GMT
Server
AmazonS3
Via
1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront)
X-Amz-Cf-Id
KKm-nBCFiAghd1Jabjs_X_U3ms9OwbkexmyEpe9mzPsl5AMxXXnqSA==
X-Amz-Cf-Pop
IAD50-C2
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
0
date
Wed, 29 Nov 2023 17:01:43 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 17:01:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
6TKyZ3/EoniR1+f95V68p0ukiWThr8SuhjUMbY8EYX2+e7bDYq56aYMeaDJPiUc7I/8t2UYtUUoBEbiwGYBTgA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
5b5dc540-ca6c-013a-51e3-0cc47a8ffaac
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/5b5dc540-ca6c-013a-51e3-0cc47a8ffaac
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.15.245.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
57f295553fdda2a7f1ee0e5dab92d82f2bace1df0a781117dee1cb06eacbf891

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F5wmsauEWTY7_R_KU17E
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		263 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9d12e73ab23d20eeae3dd8e215f653e1952cc9c99a56d003950c82493b5ae5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90404
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 17:01:43 GMT
p.js
cdn.parsely.com/keys/heraldcourier.com/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/heraldcourier.com/p.js?gtm_ver=3.1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.131.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-131-58.iad50.r.cloudfront.net
Software
nginx /
Resource Hash
4c0867ff49805574426a7a89e712807767fa9b2452c526736947e2b897a080ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
public
date
Wed, 29 Nov 2023 08:49:16 GMT
content-encoding
gzip
via
1.1 67711c5cba0352ee130f60f6cc103e0a.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 15:21:06 GMT
server
nginx
x-amz-cf-pop
IAD50-C2
age
29553
etag
W/"65241a62-e28b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
MtOyuS66TXZduXKDjEutqeD1adqa8rWNOuZrHxniGpb_9IQDklT2kg==
expires
Thu, 30 Nov 2023 08:49:10 GMT
a-058n.min.js
b-code.liadm.com/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-058n.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:ae00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a2abf60298591077c6d5b81d97380295dd942ef36095adf4de1ee06f90077545

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 19:15:47 GMT
content-encoding
gzip
via
1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2
age
78356
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
fMOjZfgZkNcowGfsKUrNEJAHRbeMtlBrzSUZ23iEpG3SYQfu9JaJ8Q==
ml.br.js
js.matheranalytics.com/static/ltm/ma1527/lee/5/
Redirect Chain
  • https://js.matheranalytics.com/s/ma1527/725149306/lee/ml.js?cb=1641
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:19:53 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 04 Aug 2021 03:52:13 GMT
server
nginx
age
45710
etag
"96d23de5d1ede166c2abc188adf1ebd7"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 05:14:32 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43093

Redirect headers

date
Wed, 29 Nov 2023 17:01:43 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
0-gc-useast1-22ng1030
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
5C3FFQQ82B9MCEFS
age
1757
etag
W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82dc6a0cdf4f0329-MIA
x-amz-id-2
4/km+Ck3ryzba0Vej4lvZypvkPIPYg5MH7ThxLue97J6mzGGp/mK3DfPEMU6VSJ+WtfJhc5GpC4=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:01:43 GMT
x-content-type-options
nosniff
content-encoding
br
age
30890
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-mia-kmia1760069-MIA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:15:44 GMT
content-encoding
gzip
age
1428359
x-guploader-uploadid
ABPtcPrlTY7Lk9V50UCwU6xMu8Yhtx1WhLFIEiCMUymMqH8AynuI8bX_CUHHr623qLh424AE963tHEF3GgdOfbDSYHz9R_FphxJZ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Nov 2024 04:15:44 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 30 Nov 2023 17:01:44 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:5600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 29 Nov 2023 12:11:10 GMT
Via
1.1 f8558580f66929e19ed69bba2e85da74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD79-C1
Age
17434
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
QmnVKwiiJ9ZfGlv5sYx0wAasUg_j3NDhJXH7Cqa939Hb2rBAjxV2Ng==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
bbdb273d3b70a055f521c06efae099ea
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-84.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 01:13:57 GMT
content-encoding
gzip
via
1.1 3542174e2d71e2c3dffc0069aa7cbb34.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD12-P2
age
56867
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
MUEeNy_AbJbBicUc3yYlScqBb-726UhfCf8e03AEG3nB7r-2cB6MEA==
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2479:8000:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:45:30 GMT
via
1.1 25dd17c88d0158942eb6f00c94f5f0c0.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
IAD61-P3
age
974
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
yip1R4NUb7FLzlAcxZ7ELhO9LCdtbCAG4pwqQMC0Koumhd-eWQnymw==
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2449946456929069&correlator=3519231592585159&eid=31077976%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=8438%2Cheraldcourier.com%2Cterms&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701277303665&lmt=1701277302&adxs=799&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=1461267770.1701277304&ga_sid=1701277304&ga_hid=82830140&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjuhp7gwTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjuhp7gwTFIAFICCGQSGQoKcHViY2lkLm9yZxjuhp7gwTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y7oae4MExSABSAghkEhcKCHJ0YmhvdXNlGO6GnuDBMUgAUgIIZBIUCgVvcGVueBjuhp7gwTFIAFICCGQSGQoKdWlkYXBpLmNvbRjuhp7gwTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO2GnuDBMUgAUgIIZA..&dlt=1701277302669&idt=947&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D5%26lee_hours%3D17%26lee_day%3D3&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dthe%2520bristol%2520herald%2520courier%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=2438802059&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
064d52b83d70e05ddccb8aec25977b6505b9352e9c09f0a871521935f33c33bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16494
x-xss-protection
0
google-lineitem-id
6413255239
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138455095240
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2449946456929069&correlator=165465181481667&eid=31077976%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=8438%2Cheraldcourier.com%2Cterms&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701277303678&lmt=1701277302&adxs=800&adys=1&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=1461267770.1701277304&ga_sid=1701277304&ga_hid=82830140&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjuhp7gwTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjuhp7gwTFIAFICCGQSGQoKcHViY2lkLm9yZxjuhp7gwTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y7oae4MExSABSAghkEhcKCHJ0YmhvdXNlGO6GnuDBMUgAUgIIZBIUCgVvcGVueBjuhp7gwTFIAFICCGQSGQoKdWlkYXBpLmNvbRjuhp7gwTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO2GnuDBMUgAUgIIZA..&dlt=1701277302669&idt=947&prev_scp=pos%3Dfixed-impact-bottom%2Cbtf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D9%26lee_hours%3D17%26lee_day%3D3&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dthe%2520bristol%2520herald%2520courier%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=3294672869&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1e1016e4763ab12a380d88045f29a23cb9b335fa809dd407f709deb5128ee3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12356
x-xss-protection
0
google-lineitem-id
6391993898
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138448691138
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		557 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2449946456929069&correlator=1168171786658597&eid=31077976%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=8438%2Cheraldcourier.com%2Cterms&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=6x1&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701277303684&lmt=1701277302&adxs=797&adys=139&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=1461267770.1701277304&ga_sid=1701277304&ga_hid=82830140&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjuhp7gwTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjuhp7gwTFIAFICCGQSGQoKcHViY2lkLm9yZxjuhp7gwTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y7oae4MExSABSAghkEhcKCHJ0YmhvdXNlGO6GnuDBMUgAUgIIZBIUCgVvcGVueBjuhp7gwTFIAFICCGQSGQoKdWlkYXBpLmNvbRjuhp7gwTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO2GnuDBMUgAUgIIZA..&dlt=1701277302669&idt=947&prev_scp=pos%3Dsponsor-logo-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D3%26lee_hours%3D17%26lee_day%3D3&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dthe%2520bristol%2520herald%2520courier%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=1905965220&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac8f4f4da1c6f25f2a15dc81b1930426ef200d4f3dca714de99fb836e064b87a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
263
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		557 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2449946456929069&correlator=698561626290035&eid=31077976%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fif&iu_parts=8438%2Cheraldcourier.com%2Cterms&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701277303691&lmt=1701277302&adxs=798&adys=9030&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=1461267770.1701277304&ga_sid=1701277304&ga_hid=82830140&ga_fc=false&a3p=EhgKCXlhaG9vLmNvbRjuhp7gwTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjuhp7gwTFIAFICCGQSGQoKcHViY2lkLm9yZxjuhp7gwTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y7oae4MExSABSAghkEhcKCHJ0YmhvdXNlGO6GnuDBMUgAUgIIZBIUCgVvcGVueBjuhp7gwTFIAFICCGQSGQoKdWlkYXBpLmNvbRjuhp7gwTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO2GnuDBMUgAUgIIZA..&dlt=1701277302669&idt=947&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D17%26lee_day%3D3&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dthe%2520bristol%2520herald%2520courier%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&adks=3367230094&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f51a6c198098962b9964f82a32f054e1c72b4b68e2a2a908be3c4dbef300198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
33e5e787848bfcd152663152def0ae2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F673 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://33e5e787848bfcd152663152def0ae2c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 17:01:43 GMT
expires
Thu, 28 Nov 2024 17:01:43 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		107 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-155.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1186699d4cc78d7acd98f87883b1434fa96f46c29aafba60659b1f97814fd3d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
hsqC1M3zTyLz6Qc8AwMehTiEPIw.GNBf
content-encoding
br
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
date
Wed, 29 Nov 2023 16:59:52 GMT
x-amz-cf-pop
JFK52-P4
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 16 Nov 2023 19:51:47 GMT
server
AmazonS3
etag
W/"dbada6b699a28dea7a0791c760c06cca"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
WjIBrhlkCdqFS0RJL3U_NloKcEv0FPfHtmA_2KcHbKm5nWkZ3f5xvA==
destination
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ead0377f42c765956c3ad32bff805976210cd302b7e1254e06603675d733f247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88963
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 17:01:43 GMT
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-S5LKEZJN96&gtm=45je3b81v893785645z86749731&_p=1701277302927&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1461267770.1701277304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701277303&sct=1&seg=0&dl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&dt=Terms%20%7C%20heraldcourier.com&en=page_view&_fv=1&_ss=1&ep.domain=heraldcourier.com&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.page_type=index&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=terms&ep.url_fragment=&ep.author=Undefined&ep.eedition_view_type=Page%20View&ep.asset_app=editorial&ep.asset_has_paywall=notset&ep.asset_has_video=no&up.user_status=anonymous&up.user_subscription=No&up.user_ppid=&up.user_uuid=false&up.user_subscription_date=false&tfd=2241
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S5LKEZJN96&cid=1461267770.1701277304&gtm=45je3b81v893785645z86749731&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Nov 2023 17:53:02 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://heraldcourier.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Terms%20%7C%20heraldcourier.com&sec=terms&pubname=The%20Bristol%20Herald%20Courier&ptype=index&metered=0%7C3&hier=terms&cms=townnews%2Fblox&arttype=editorial&tv=js-3.0.136&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=5&tvcfg=lee&tid=43954cc1-6270-4399-a9c2-01791934d388&pid=1764d78a-c34b-4e0e-ab53-ee4171380838&dtm=1701277303880&qnm=_matherq&visible=1&tabid=2c6be927-1031-4cbb-bc0c-85bb1fc67d3e&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&vp=1600x1200&ds=1600x9051&tofa=1701277304&vid=1&lvidt=1701277304&duid=c47fda6240fd23af&fp=1094989375&cid=ma1527&mrk=725149306&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwMTI3NzMwMTU1OCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNC41bWIiLCJoZWFwVCI6IjMzLjFtYiIsImZzdFBhaW50IjoiMTUzMiIsImZldGNoUyI6IjY5NyIsImRvbWFpblMiOiI2OTciLCJkb21haW5FIjoiNjk3IiwiY29ublMiOiI2OTciLCJjb25uRSI6IjY5NyIsInJlcXVTIjoiNjk4IiwicmVzcFMiOiIxMTA2IiwicmVzcEUiOiIxMTY4IiwiZG9tTG9hZCI6IjExMTEiLCJkb21JbnRlciI6IjE2NzAiLCJkb21Mb2FkUyI6IjE2NzMiLCJkb21Mb2FkRSI6IjE2NzYifSwia2V5d29yZHMiOlsidGhlIiwiYnJpc3RvbCIsImhlcmFsZCIsImNvdXJpZXIiXSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxNDYxMjY3NzcwIiwicmVmVGltZSI6IjE3MDEyNzczMDM4NzkifV19
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.178.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-178-6.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 29 Nov 2023 17:01:44 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p1.parsely.com/px/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/px/?rand=1701277303891&plid=35cebbea-4287-4ee0-b013-a8d625729599&idsite=heraldcourier.com&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22user_subscription%22%3A%22No%22%7D&sid=1&surl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&sref=&sts=1701277303851&slts=0&title=Terms+%7C+heraldcourier.com&date=Wed+Nov+29+2023+07%3A01%3A43+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&js=1&pvid=ee3cd222-224c-41f7-a0cd-c594dcac772a&u=pid%3Dd766750c-b9b7-4c07-b2f0-6a3f4cf3ffda
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 17:01:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
b-e09f10f-fd9abb4c.js
tagan.adlightning.com/leeenterprises/ Frame FB25 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-21.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 12:15:31 GMT
content-encoding
gzip
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
x-amz-version-id
zhzD0.k4yK1QATUF8Zyk6eChx2be4yrB
x-amz-cf-pop
IAD89-P1
age
1917974
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31504
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:07 GMT
server
AmazonS3
etag
"9906aff1d286210259bcaf608003dd01"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bdtRR5GucEeAKIhkeJ7Pz5YAhpxnQPWwyDArT4pg3jmBk0EDEwJbSA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FB25 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:01:44 GMT
b-e09f10f-fd9abb4c.js
tagan.adlightning.com/leeenterprises/ Frame EC17 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-21.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 12:15:31 GMT
content-encoding
gzip
via
1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
x-amz-version-id
zhzD0.k4yK1QATUF8Zyk6eChx2be4yrB
x-amz-cf-pop
IAD89-P1
age
1917974
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31504
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:07 GMT
server
AmazonS3
etag
"9906aff1d286210259bcaf608003dd01"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OghtIXk_8orUWFfzSxlCGqBeH7xEsm7NCExeLQsrjy593l25WQaexw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EC17 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:01:44 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rid=esp&cc=1
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
d6875d8168455f3b7d2e088dac0d6c6fd00113b44e1486c98d962720346755ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-OSUy9BOujg5spyQVdi5ouyjzBTE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heraldcourier.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://heraldcourier.com
location
/esp?url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heraldcourier.com
date
Wed, 29 Nov 2023 17:01:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
cksync
hb.yahoo.net/ Frame 6307
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Df667bb86-d4bf-4480-bd1b-33d60c80f690
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3620806462578181671&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=f667bb86-d4bf-4480-bd1b-33d60c80f690&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=f667bb86-d4bf-4480-bd1b-33d60c80f690&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Vc1lZM1B4RTJ1SGJLUlE0ejA2eFNzWXh1TUVTRC5xcn5B&gdpr=0&ovsid=f667bb86-d4bf-4480-bd1b-33d60c80f690&dpid=55953
53 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Vc1lZM1B4RTJ1SGJLUlE0ejA2eFNzWXh1TUVTRC5xcn5B&gdpr=0&ovsid=f667bb86-d4bf-4480-bd1b-33d60c80f690&dpid=55953
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol
H2
Server
23.44.201.172 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-201-172.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 29 Nov 2023 17:01:45 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 29 Nov 2023 17:01:45 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Vc1lZM1B4RTJ1SGJLUlE0ejA2eFNzWXh1TUVTRC5xcn5B&gdpr=0&ovsid=f667bb86-d4bf-4480-bd1b-33d60c80f690&dpid=55953
date
Wed, 29 Nov 2023 17:01:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1701277304107&aid=a-058n&se=e30&duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&tna=v2.11.1&pu=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&ext__pubcid=45cb42a4-2460-4599-...
  • https://rp4.liadm.com/j?se=e30&duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&aid=a-058n&tna=v2.11.1&dtstmp=1701277304107&n3pc=true&wpn=lc-bundle&ext__pubcid=45cb42a4-2460-4599-990a-e428e7e44862&i6=...
50 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&aid=a-058n&tna=v2.11.1&dtstmp=1701277304107&n3pc=true&wpn=lc-bundle&ext__pubcid=45cb42a4-2460-4599-990a-e428e7e44862&i6=MjAwMTo1NTA6MWQwNToxOjo1&pu=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRlcm1zIHwgaGVyYWxkY291cmllci5jb208L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tL3Rlcm1zLyI-PGgxPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iL3Rlcm1zIj4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgVGVybXMKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICA8L2gxPg
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
3.213.22.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-22-88.compute-1.amazonaws.com
Software
/
Resource Hash
bf8a676a7f02c526c2946d58540257c34ef4a32ccd46787e08a031073b4ff642

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-pixel-event-id
20854fe5-47fb-4e9c-89d3-26f1dd74a22b
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
50

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&aid=a-058n&tna=v2.11.1&dtstmp=1701277304107&n3pc=true&wpn=lc-bundle&ext__pubcid=45cb42a4-2460-4599-990a-e428e7e44862&i6=MjAwMTo1NTA6MWQwNToxOjo1&pu=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlPlRlcm1zIHwgaGVyYWxkY291cmllci5jb208L3RpdGxlPjxsaW5rIHJlbD0iY2Fub25pY2FsIiBocmVmPSJodHRwczovL2hlcmFsZGNvdXJpZXIuY29tL3Rlcm1zLyI-PGgxPgogICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgPGEgaHJlZj0iL3Rlcm1zIj4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgVGVybXMKICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgIDwvYT4KICAgICAgICAgICAgICAgIAogICAgICAgICAgICA8L2gxPg
access-control-allow-origin
https://heraldcourier.com
date
Wed, 29 Nov 2023 17:01:44 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
961211893969940
connect.facebook.net/signals/config/ 		144 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/961211893969940?v=2.9.138&r=stable&domain=heraldcourier.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:108:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2fab007bf0e62a9458be4c17ddc938c6ca5e2338a7ff316652a42e69104175f7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 Nov 2023 17:01:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37859
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
JTcpZvE/jS09G41MCcj1j2ufNSv0w542I/UlNy3re/4IkN6LICP3LugscpgjK14MWNWLecRfV9xtIaXsV2vhTg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je3b81v887101457z8861227858&_p=1701277302927&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1461267770.1701277304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Terms&dl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&sid=1701277304&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&ep.content_group=%2Fterms&ep.townnews_crm_group_id=272&ep.generator=BLOX&ep.generator_version=1.71.9&tfd=2603
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1461267770.1701277304&gtm=45je3b81v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=82830140&t=pageview&_s=1&dl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&dp=%2Fterms%2F&ul=en-us&de=UTF-8&dt=Terms%20%7C%20heraldcourier.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUAjAAQCACAAI~&jid=782277161&gjid=263522208&cid=1461267770.1701277304&tid=UA-54716522-7&_gid=1803799661.1701277304&_slc=1&gtm=45He3b81n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&cd16=No&cd17=Page%20View&cm1=237&gcd=11l1l1l1l1&dma=0&z=1586650218
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=1461267770.1701277304&jid=782277161&gjid=263522208&_gid=1803799661.1701277304&_u=aCDAgUAjAAQCAGAAI~&z=1711926925
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=82830140&t=pageview&_s=1&dl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&ul=en-us&de=UTF-8&dt=Terms%20%7C%20heraldcourier.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiUAjBAQCAGAEKAB~&jid=1616251314&gjid=962649920&cid=1461267770.1701277304&tid=UA-54716522-2&_gid=1803799661.1701277304&_slc=1&gtm=45He3b81n71TDWDC2v6749731&cd1=desktop&cd2=heraldcourier.com&cd3=editorial&cd4=index&cd6=terms&cd14=Undefined&cd17=null&cd20=anonymous&cd23=terms&gcd=11l1l1l1l1&dma=0&cg1=terms&cd21=Bristol&cd22=flex-editorial&cd30=36&cd31=Sunny&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd85=no&cd86=no&cd102=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F119.0.6045.199%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=3&cd106=Page%20View&cd107=0&cd111=undefined&cd115=notset&cd116=No&cd117=No&cd124=dsv3&cd129=0&cd130=no&cd89=1461267770.1701277304&z=551065654
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-2&cid=1461267770.1701277304&jid=1616251314&gjid=962649920&_gid=1803799661.1701277304&_u=aCDAiUAjBAQCAGAEKAB~&z=163386273
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ 		221 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
299276c9934ddc6d2d9f129004e6f0bf3008e0a265568e19c5c6ea9e8afe0b78

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
4417501150196436d06924678f331a8f
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fed
ups.analytics.yahoo.com/ups/58813/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://heraldcourier.com
content-type
application/json
access-control-allow-credentials
true
content-length
0
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-155.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
8wBdC1fvjthSTrFspxDO4VzVvdAFdrfL
content-encoding
br
via
1.1 4416a31c9d77f8f8b877d81f840c88c8.cloudfront.net (CloudFront)
date
Wed, 29 Nov 2023 16:28:02 GMT
x-amz-cf-pop
JFK52-P4
age
2023
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 09 Oct 2023 16:01:47 GMT
server
AmazonS3
etag
W/"b1f2fbddf3135863ad45acc993d27497"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
qu-OgAZPW7equhDS0lGsFdRRpFO0OOlfAMuruoJrjEhgrB9SaOrBrA==
view
securepubads.g.doubleclick.net/pcs/ Frame FB25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmXoa2cqTBTyXlfDxa6RaicLoJgWtNRrxQ6cxVxFXWD8DdelcibnCTUTSyHutw0s3G8Bxm6TVUsg8yoipPksY0EUl4uQocDrbDZjT6Q7-vPEArX_ikX2BcLgGbXKhpfW1q7oequt3UGC_mdewKie7dF0c4UEvhz5J1YI2wCMDUhUC5KSQcJVEU3hserh8MteBJzjmqw-3exZo9wX0u-Sbz95OFCbMjfLIEoKk4Ok6f1bNIUM5ejL7ADq11ChUdrlDVOaLmnKhtYLt6zpJ4wvm4BJ7UcD0Sab185IaXpm80YuZkGenEvb2LrihmU8xBUxuffYBvKU7pfS8xYoHUK5-6Spk&sai=AMfl-YSj1kHy1rw5It1yXg9dQzE6XTN0PeUb0J8J3Xu29bfVfMLSGkC6PZm0sr6uGgDkWEmpacM7D1BHGpRNKr4vtCqRvgWu9jyl2_LZq8l17i4EZlYZMrjZ7KQJDfRGLc5zgrInCEKtJ2aayUGnF1BJmOesNjOK4FZ86rzEgnk&sig=Cg0ArKJSzNM1uyKjHdWXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 17:01:44 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/heraldcourier.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
23175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXpTiz7fkxedcjp72Ba1eu%2B1092KD6Ugbak6QnQystJS65X4cKAxaJk7HT66DJQE6kDkksHfK5ijpanZ5dkm3DBCa%2Fz0SW1bOpONGeEV2XMLaHyr3qPS%2FU%2BxAVUv9bKZDOkCSC0qfbnThtaoaoJdElvl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82dc6a1068a56d9e-MIA
expires
Mon, 18 Nov 2024 17:01:44 GMT
11019718898807259284
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOC58J6_iwEQARgBMgjMPxPejxejtg
  • https://tpc.googlesyndication.com/simgad/11019718898807259284
363 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11019718898807259284
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07f79eb8ec21d5a6c12b82e8f3fee37e02a4ea0bae7d3b9f3180de11430e9a8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
371874
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 13:25:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 17:01:44 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/11019718898807259284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Dec 2023 17:01:44 GMT
5123380353344155839
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgOC58PGdiQEQARgBMgiY49jY5iw_7Q
  • https://tpc.googlesyndication.com/simgad/5123380353344155839
181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5123380353344155839
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0df4b97f1ae6bb811bfdfd2fcff694a3daee088859390a18ae113ae462095c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
184940
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 13:25:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 17:01:44 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/5123380353344155839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Dec 2023 17:01:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EC17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqAdY2xn0tLQN94Y3-hjR1oV5qzyASzsKZoPEtjEGpb_g1xYi6XnMsfOuamWCjSPBPHGrBF9wfDHeoZv1xCgCSCPuxkpp7En-TTXKTqo9pWNQLhWw0SzHj6P5ZsxnfMrYzEGYl6FetSKe4hGXI_lsaKOEwPm4E00S-MLLD4MSYn225iDYbykzK_IIByrtPA3VJ9HuSnLCqe7ljstdgST6AbARd3mXWRRm9NN9PLm67j6hvZKhGWpNPR2GXhml22-wgFlUuabFCvbg_hkvk8Ck5a7Mpr8cBYWYhDk5gZHihZbLsrFYbcqcdKl9MzG1ZYIzKkBu1fByZ-ngTaCnyJA&sai=AMfl-YSU7ijan1WkNP7mBYvSTQxonvJuiitI4Km7dPHIiXKDjehkdrCc-JH2kxeZiDGwukecfK9Z93GmZop6J305BoJepPZ9QvT_rcKFiTc4NMPRYSJm7Rn9PGrn9w7q3TP5zl0Qbvr1IM_Eh4rAtLiCdQcnLgk5oKrLXylu1_8&sig=Cg0ArKJSzLCo4wTt6nNeEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 17:01:44 GMT
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 15:31:57 GMT
server
cloudflare
age
5285
etag
W/"1045-60a1e7cae1276"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82dc6a11d89b8da8-MIA
expires
Wed, 29 Nov 2023 16:33:39 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.61.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-61-228.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
896844791f2af1c6b613206783aedddf9e4875448313c72e45c48f81758a614d

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache
x-server
10.40.3.191
access-control-allow-credentials
true
content-length
60
expires
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-54716522-2&cid=1461267770.1701277304&jid=1616251314&_u=aCDAiUAjBAQCAGAEKAB~&z=1915839877
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=PageView&dl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rl=&if=false&ts=1701277304415&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701277304411.2003402777&cs_est=true&ler=empty&it=1701277304123&coo=false&rqm=GET
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f175:181:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 29 Nov 2023 17:01:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&rl=&if=false&ts=1701277304417&cd[custom_param]=undefined&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701277304411.2003402777&ler=empty&it=1701277304123&coo=false&rqm=GET
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f175:181:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 29 Nov 2023 17:01:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-155.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:49:01 GMT
x-amz-version-id
p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding
br
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
1195964
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 15 Nov 2023 20:12:01 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
36iGbZhN_bH2BZ3SMMU94ApxCyCBoOvQSJUqNkpAENh6Ajyn60F1oQ==
view
securepubads.g.doubleclick.net/pcs/ Frame FB25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulTF1JZE9_23ibuw9Q8zHMOPI_7EBdxlA-xt08KwrCwCLtQxJpPj9KlVIK1EmPtLnrbgPINdzaBMtTeIEWFKDfMuJaq3MzeP0Cc7zqpKB-_v4RY-uHq_nS8jl88ZVk34WQjuO-qo4y-hpCQcsxUhZ6cI2UxGM03zl9C03nL7Y5G1kmyFPrbdyWiYJLkJ-gPNuuMtjc5gZV1CHX6EpPtZ5-OfQgQokQzx5_g1ZDtV1rvLBhCmsAEicM99B7B1sp2YxKsoQD8wdT8zmuL6IONE9x2tdXk0KMmx6MH6iQ8a_tIdvx1FlU3zNgP7y3mUNImVVy4U6TTWlDF46Xx4cFcTdJdkyHKQ&sai=AMfl-YSRUv_8EE6Jqfv674X-oHqKB-TXIj-kZiRp-y7TJkL_cgMqRZLigArQOFyKJrUb4WRsccnhkfeczmFaWz7STkorSDm0YmQhL_Ws7-cpup4s7yAlJfNm3nQvqNCQZJLfUC5HM5FlpDlnFqRu-fx88KinfdqVcFxX5avb6sg&sig=Cg0ArKJSzIOwlNmYAld3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 17:01:44 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 92B0 		594 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7b2b9ab11a16617072cc516a3bd60e851a514cd11fab94b9f54358041f152fbf

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
386
content-type
text/html
date
Wed, 29 Nov 2023 17:01:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
syncframe
gum.criteo.com/ Frame 3CD0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=heraldcourier.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 17:01:43 GMT
server
Kestrel
server-processing-duration-in-ticks
2091196
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame EC17 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f7c3c39e30c27c79d8e999295d4577d6fc904e3bd5cc381ceb9491377c238be

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EC17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvujLKPAYnVG8PV7VI4Nb3URyujtJ0ylpZrcviIC2WuqgIKLdjKTWTlNHa7GmNL-NCqnUlDtcblts3IzjBBV8eiehTLcXiEgyTNRPYPP9AXtutOrcsldnKI4LtEVE1k2WS-82_eBMrTw2n72Pesd9-PjmLfTWxJhgKHOD53Ihgq9mVSySoc1qovs_hh91cwvjF6hSXCaMzpP6y98Np14eQurmCF6Ui_vYhoWgVsSWaZP1df-5sB9PHmbL7Q_u4WP860kMGyGb0qc_GAQxUr24t_RHcJMMZieLZbm7forB3JTGtP2YPCVd_daVL3YWa6YrD8VOJ9-tiK0foLeuj_yrqQ&sai=AMfl-YT4xaiAzI6YFwjIdfyOXAY97HT_LrZeKp7sRXnvCPMzGZIfjua4ZLUd2ZthYhwQ1O-zCpQH85gNSXayLgXXcPaQayTk0Raqp_dt0VmH6Y7svfRpIWH-6rsjpytGJm_puY4kgGCs8VpMbJS6-BQIHZirv-n7ruKQAYs1lRs&sig=Cg0ArKJSzK0kpl2Nwgx_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 17:01:44 GMT
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-155.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 09:27:13 GMT
x-amz-version-id
P2gLA392BrQfXF0D9fIFX0YR5wgAEHym
content-encoding
br
via
1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4606472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sat, 07 Oct 2023 08:18:28 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
RK0ZOZcA-j3B-fi86s2xO8j9eAJ1gaggGjZBJQ8WDXJ_DmX5VExuAA==
ice.js
resources.infolinks.com/js/1895.006-3.034/ 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/ice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
2260
etag
W/"2ede2-6099387db510d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82dc6a1229288da8-MIA
expires
Fri, 29 Dec 2023 16:24:04 GMT
a-058n
i.liadm.com/s/c/ Frame 34E4 		583 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-058n?duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&euns=0&s=&version=v2.11.1&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.217.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-217-217.compute-1.amazonaws.com
Software
/
Resource Hash
1e4eef4c41b41cfbd5d538126113e844382a4ae1a96dad3db96c795a1966ea10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
414
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 Nov 2023 17:01:44 GMT
Request-Time
5
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.heraldcourier.com/ 		19 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.heraldcourier.com/baker?dtstmp=1701277304664
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:22::1730:e071 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
Wed, 29 Nov 2023 17:01:45 GMT
Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
/
heraldcourier.com/tncms/dmp/segment_audiences/ 		130 B
686 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://heraldcourier.com/tncms/dmp/segment_audiences/?anonymous_id=6eaa5fb3-95e9-4136-a554-22157816bea1
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
e13b6459a16c15811869352bd725512cb906f8ba608593f17621ec77c63626df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://heraldcourier.com/terms/
X-Requested-Feature
geoip
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
age
0
content-length
120
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 29 Nov 2023 17:01:44 GMT
x-vcache
MISS
etag
W/5534e2668a844027d513c29d510bf851
x-frame-options
SAMEORIGIN
vary
Origin, X-Townnews-Now-API-Version, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.71.9; app10; 0.31s; 1M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
p
api.segment.io/v1/ 		21 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-52-117.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heraldcourier.com
date
Wed, 29 Nov 2023 17:01:44 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
manage
router.infolinks.com/usync/ Frame 3A72 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda53680ea3947751fc9e2f9eb4df514f3eca4db0d199af4b396cf551848248e

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
82dc6a130aae8da8-MIA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 29 Nov 2023 17:01:44 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		282 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94797b49c9ff38894a75cc56f1bb1e23d95358f5f31775e99a559da64f6cf6b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript;charset=ISO-8859-1
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
82dc6a130ab18da8-MIA
gsd
router.infolinks.com/ 		331 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3200774&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&jsv=1895.006-3.034&_cb=17012773047560
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3d50dd8a597bd5f798cce6a50e83c70de669e05e1608a44b6946df1faf3acb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
82dc6a130ab08da8-MIA
expires
Thu, 01 Jan 1970 00:00:00 GMT
467bbb8e-60c6-ef57-fd51-c933b425b357
pr-bh.ybp.yahoo.com/sync/openx/ Frame 92B0 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/467bbb8e-60c6-ef57-fd51-c933b425b357?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:5fe:b313:24e7:89dd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 92B0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8a6aa1b7-ecc0-c6e4-0c88-5d512341b5fe
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8a6aa1b7-ecc0-c6e4-0c88-5d512341b5fe&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8a6aa1b7-ecc0-c6e4-0c88-5d512341b5fe&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8X4A2H0DKRNAQN2HFZEM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
46MZ9ME07156JZCGJBXN
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8a6aa1b7-ecc0-c6e4-0c88-5d512341b5fe&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 92B0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d2bcddca-f06a-7d1e-cc86-dfc64b727e1e&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f667bb86-d4bf-4480-bd1b-33d60c80f690&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690&google_gid=CAESEI5EyCMyMFzwUIe2BnYdzvg&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&expiration=1703869305&gdpr=0&gdpr_consent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&expiration=1703869305&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PnkwVU9uS21sCG5ZCKnV6Bm662RjBgvzcUn37FDM9gW2YFpn%2FEzzR2IKEe%2BQ5RC2tYwcLCQA8Ak4W4q5N77Rl1FOYKiCyxUx9xUz34cgC10UYQ7g25b%2F1edT3C2voZKHVsoa3%2BhNtG91Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dc6a166c564c20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&expiration=1703869305&gdpr=0&gdpr_consent=
date
Wed, 29 Nov 2023 17:01:45 GMT
server
Kestrel
content-length
323
pixel
cm.g.doubleclick.net/ Frame 92B0 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmVkMzBlMDAtMzkxZC0yM2JhLWQ5NjYtODU3ZjgxOTBiMDdl
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 92B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED1T6eua972vhzhYhOu3y9E&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED1T6eua972vhzhYhOu3y9E&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED1T6eua972vhzhYhOu3y9E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 3CD0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=heraldcourier.com&sn=ChromeSyncframe&so=0&topUrl=heraldcourier.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=k9awJnxFV21TamxSNGFmRXowNlRFcERBOUZxOGtGQUVvOGN4TFRpSS9TbG9KcEJUT1BTRmgwN2Rua0ZSelZDUGJKaVllYzB1UnNuek8zcDdLVzVwYWhGS3d2azNVSUM1UVZRcjV2ZGNpN3FyeUlxRWpkOGxDVzd4WDFlSG...
454 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=k9awJnxFV21TamxSNGFmRXowNlRFcERBOUZxOGtGQUVvOGN4TFRpSS9TbG9KcEJUT1BTRmgwN2Rua0ZSelZDUGJKaVllYzB1UnNuek8zcDdLVzVwYWhGS3d2azNVSUM1UVZRcjV2ZGNpN3FyeUlxRWpkOGxDVzd4WDFlSGI2NjJrbUFlVis4d2VwNnh2ZVlaWDZFb2hhbFRDNWlyWTRTVVl5cEpkbDk3VmNsQ3MzWHpVemRRREtEZ2M3dDNGTFlJNmdNd2tTSFZCakU5RGVWTzlpbzg1LzJnV09LZm5YL2FWV0NXOXlOdFRRWVBaSVpXOTZxK3ZPYVF4M3QwZHJqd29GeGU0V0IwendUelBBTUZwSVJ2aU5BUkt4UE5yc1VqY0g0T0hiZVUyd3h2VmluND18&cppv=2
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
429fdbb5e8c3909eb32672b98824ff8238f074adbac5cca095e485e60e46a26f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1413819
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=k9awJnxFV21TamxSNGFmRXowNlRFcERBOUZxOGtGQUVvOGN4TFRpSS9TbG9KcEJUT1BTRmgwN2Rua0ZSelZDUGJKaVllYzB1UnNuek8zcDdLVzVwYWhGS3d2azNVSUM1UVZRcjV2ZGNpN3FyeUlxRWpkOGxDVzd4WDFlSGI2NjJrbUFlVis4d2VwNnh2ZVlaWDZFb2hhbFRDNWlyWTRTVVl5cEpkbDk3VmNsQ3MzWHpVemRRREtEZ2M3dDNGTFlJNmdNd2tTSFZCakU5RGVWTzlpbzg1LzJnV09LZm5YL2FWV0NXOXlOdFRRWVBaSVpXOTZxK3ZPYVF4M3QwZHJqd29GeGU0V0IwendUelBBTUZwSVJ2aU5BUkt4UE5yc1VqY0g0T0hiZVUyd3h2VmluND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
234488
content-length
0
expires
0
doq.htm
rt3006.infolinks.com/action/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3006.infolinks.com/action/doq.htm?pcode=utf-8&r=17012773048821
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d91932d8ff8bcdcf1894bff00d36f7b6a52f8ec3f2856210bafe03d517a74b

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://heraldcourier.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
en-US
cf-ray
82dc6a145daa3360-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
iqusync-1.26.min.js
resources.infolinks.com/static/usync/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f1c50bf0e9ba617aa63fe19f1a6026d6c424771fffcbfa3f9bb14ba95d59d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 11:50:03 GMT
server
cloudflare
age
9983
etag
W/"993-60b4922bbf851"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82dc6a13abaf8da8-MIA
expires
Fri, 29 Dec 2023 14:15:21 GMT
/
de.tynt.com/deb/ Frame 5A8E 		75 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Wed, 29 Nov 2023 17:01:44 GMT
expires
Thu, 30 Nov 2023 17:01:45 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usermatch
ssum-sec.casalemedia.com/ Frame C325
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
878 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66f1f4594f699286dec808e51806afc999486fb892716c98c4cfccda23cadd9

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82dc6a14cb9b31d2-MIA
content-encoding
br
content-type
text/html
date
Wed, 29 Nov 2023 17:01:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0M%2BjZPdLuYJ6OfJRQw6w%2B7pZ4kZc0abRU9rV6doY5Fc20U%2Bx4ci%2FB9H7uk4cms%2Fa1AoM6Is3lD8zjMDg1%2Fjx0FSyrHFSdGA2sIhVdAXFVdd56q%2BQM%2FqI3m3etSqeTxTsjMx8qTmy%2Bk%2B3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82dc6a143a8731d2-MIA
content-length
0
date
Wed, 29 Nov 2023 17:01:45 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdk5wbDYlaUuKiyaIiNuv6MkObdysAeipLiIzsUt%2FipZSZ3TSN8cm%2BKAXfRfmRnGx2%2F9ZBgjJfYnHyK6QsffVGwLm%2FUMXYaAUlTcaWO444ak2rf68YLk7tKF%2FJuhoWN86OeGci2U1tTE0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5083 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usersync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0FFOEYxNDUtNEExQi00ODM2LUFBRDEtQzAzOTkwNjRGMzRD&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DEC0DE233-2EF3-44EE-9B5B-047A2F057529&us_privacy=%24%7BUS_PRIVAC...
  • https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
82dc6a19bdb68da8-MIA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
date
Wed, 29 Nov 2023 08:04:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=3620806462578181671
35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=3620806462578181671
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a143ca88da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
an-x-request-uuid
ed7647a5-0c47-43c7-8688-2be271283688
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://router.infolinks.com/dyn/apn-usync?user_id=3620806462578181671
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sthr-us
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=k0cy4N0g
  • https://router.infolinks.com/dyn/sthr-us?user_id=25254dbf-6fae-4c94-b482-b957062a5d4a
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sthr-us?user_id=25254dbf-6fae-4c94-b482-b957062a5d4a
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a151e038da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/sthr-us?user_id=25254dbf-6fae-4c94-b482-b957062a5d4a
date
Wed, 29 Nov 2023 17:01:45 GMT
content-length
0
iqm-us
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://pxl.iqm.com/i/ck/infolink?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fiqm-us%3Fuid%3D%7BIQM_COOKIE%7D%20
  • https://router.infolinks.com/dyn/iqm-us?uid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d
35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iqm-us?uid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a14edbb8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/avif;charset=UTF-8
location
https://router.infolinks.com/dyn/iqm-us?uid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
81
eqv-us
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=112&gdpr=0&gdpr_consent=
  • https://router.infolinks.com/dyn/eqv-us?user_id=5275041080711347650&gdpr=0&gdpr_consent=
35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/eqv-us?user_id=5275041080711347650&gdpr=0&gdpr_consent=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a162fe48da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/eqv-us?user_id=5275041080711347650&gdpr=0&gdpr_consent=
date
Wed, 29 Nov 2023 17:01:45 GMT
content-length
0
ox-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b
35 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a141c6f8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:44 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://router.infolinks.com/dyn/ox-usync?uid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
receive
pixel.tapad.com/idsync/ex/ Frame 3A72
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58786/sync?redir=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm~A
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm~A
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3399&partner_device_id=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttd_puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttd_puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%2C%2C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttd_puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%2C%2C
date
Wed, 29 Nov 2023 17:01:45 GMT
server
Kestrel
content-length
359
ur-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1701277305057
  • https://ad.turn.com/r/cs?pid=45&rndcb=230476075
  • https://sync.1rx.io/usersync/turn/7597861881269437439?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a1a2eaf8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Date
Wed, 29 Nov 2023 17:01:45 GMT
Server
Tengine
ETag
RXc4850ab1c3114e898dbd8c5807f1e08c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Content-Type
text/html
Connection
keep-alive
zmn-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__&s=2
  • https://router.infolinks.com/dyn/zmn-usync?uid=Jdi-O3-nPqSJOSeXUTQZ
35 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=Jdi-O3-nPqSJOSeXUTQZ
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a15df7c8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://router.infolinks.com/dyn/zmn-usync?uid=Jdi-O3-nPqSJOSeXUTQZ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
90
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tplift
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/tplift?uid=1099236787450585329372
35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/tplift?uid=1099236787450585329372
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a153e288da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/tplift?uid=1099236787450585329372
date
Wed, 29 Nov 2023 17:01:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sonobi-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
  • https://router.infolinks.com/dyn/sonobi-usync?uid=10374ec6-5eb8-464f-9db3-01113411b037
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sonobi-usync?uid=10374ec6-5eb8-464f-9db3-01113411b037
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a150df98da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-121
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://router.infolinks.com/dyn/sonobi-usync?uid=10374ec6-5eb8-464f-9db3-01113411b037
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
imd-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=48873cc0-6d77-4347-8843-af66d1f8a092&partner_id=1531
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=48873cc0-6d77-4347-8843-af66d1f8a092&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a157ea88da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=48873cc0-6d77-4347-8843-af66d1f8a092&partner_id=1531
access-control-allow-origin
*
date
Wed, 29 Nov 2023 17:01:45 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG~A
35 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a155e848da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG~A
date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sovrn-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=HvP9jLZHhwIVHYYIRGe3_3HF
35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=HvP9jLZHhwIVHYYIRGe3_3HF
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a1739978da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Date
Wed, 29 Nov 2023 17:01:45 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=HvP9jLZHhwIVHYYIRGe3_3HF
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUMwREUyMzMtMkVGMy00NEVFLTlCNUItMDQ3QTJGMDU3NTI5&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DEC0DE233-2EF3-44EE-9B5B-047A2F057529&us_privacy=%24%7BUS_PRIVAC...
  • https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
82dc6a19bdb38da8-MIA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=EC0DE233-2EF3-44EE-9B5B-047A2F057529
date
Wed, 29 Nov 2023 08:03:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
mnet-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
  • https://router.infolinks.com/dyn/mnet-usync?uid=3442789051523532000V10
35 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/mnet-usync?uid=3442789051523532000V10
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a17195e8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:45 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://router.infolinks.com/dyn/mnet-usync?uid=3442789051523532000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 29 Nov 2023 17:01:45 GMT
mgid-us
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://cm-x.mgid.com/5abf3d2eff2f70c0a0669cd9f0f84ba0.gif?puid=[UID]&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmgid-us%3Fuser_id%3D%5BUID%5D
  • https://router.infolinks.com/dyn/mgid-us?user_id=b22f9e7a-aa62-4982-974d-099b3ceff054
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/mgid-us?user_id=b22f9e7a-aa62-4982-974d-099b3ceff054
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a185b988da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:45 GMT
Transfer-Encoding
chunked
Location
https://router.infolinks.com/dyn/mgid-us?user_id=b22f9e7a-aa62-4982-974d-099b3ceff054
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
ur-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks
  • https://ad.turn.com/r/cs?pid=45&rndcb=6048209932
  • https://sync.1rx.io/usersync/turn/7669919475307365375?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
35 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a1a2eb38da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Date
Wed, 29 Nov 2023 17:01:45 GMT
Server
Tengine
ETag
RXc4850ab1c3114e898dbd8c5807f1e08c005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://router.infolinks.com/dyn/ur-usync?uid=RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Content-Type
text/html
Connection
keep-alive
qc-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e
35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a16a8d18da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
zeta-usync
router.infolinks.com/dyn/ Frame 3A72
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=968907272820722518
35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=968907272820722518
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a18ac118da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=968907272820722518
Date
Wed, 29 Nov 2023 17:01:45 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie
cm.adform.net/ Frame 3A72
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wOGZkNjExYi1kNTc0LTNmMTAtYWI1NS0xMzM0MjNmMjI3OWUQ____________ASpSa...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3...
  • https://prebid.a-mo.net/cchain/0/5002?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPU...
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6...
  • https://prebid.a-mo.net/cchain/1/5002?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=amx_com&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUN...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-4...
  • https://prebid.a-mo.net/cchain/2/5002?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=openx&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZ...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26...
  • https://prebid.a-mo.net/cchain/4/5002?us_privacy=1---&gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=86030873-84ae-45c7-afc4-b6be0127f315&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRja...
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%253D%26uid%3D%24UID
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F5002%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D86030873-84ae-45c7-afc4-b6be0127f315%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3T0daa05qRXhZaTFrTlRjMExUTm1NVEF0WVdJMU5TMHhNek0wTWpObU1qSTNPV1VRX19fX19fX19fX19fQVNwU2FIUjBjSE02THk5eWIzVjBaWEl1YVc1bWIyeHBibXR6TG1OdmJTOWtlVzR2WkdsemRYTV9kV2xrUFhWaExUQTRabVEyTVRGaUxXUTFOelF0TTJZeE1DMWhZalUxTFRFek16UXlNMll5TWpjNVpUSUNCZ3c0QVE9PSZidXllcnVpZD0%253D%26uid%3D%24UID
date
Wed, 29 Nov 2023 17:01:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
/
ssc-cms.33across.com/ps/ Frame 3A72 		0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP008 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-33x-status
2000208
date
Wed, 29 Nov 2023 17:01:45 GMT
server
33XP008
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 3A72
Redirect Chain
  • https://router.infolinks.com/dyn/iq-usync
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=94126c18-eb99-4941-96e8-02924107fb5a&3rddpi=2023874098&3rdpcid=ZWduecYvyfVFyPgUHOy9qAAA%265559&3rddpi...
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=94126c18-eb99-4941-96e8-02924107fb5a&3rddpi=2023874098&3rdpcid=ZWduecYvyfVFyPgUHOy9qAAA%265559&3rdd...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=94126c18-eb99-4941-96e8-02924107fb5a&3rddpi=2023874098&3rdpcid=ZWduecYvyfVFyPgUHOy9qAAA%265559&3rddpi=1810047279&3rdpcid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d&3rddpi=1639354730&3rdpcid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG%7EA&3rddpi=1634346717&3rdpcid=Jdi-O3-nPqSJOSeXUTQZ&3rddpi=1213503647&3rdpcid=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm%7EA&3rddpi=1239766150&3rdpcid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b&3rddpi=443164713&3rdpcid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e&ripv6=2001:550:1d05:1::5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3200774&wsid=0&pdom=heraldcourier.com&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Protocol
H2
Server
52.85.132.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-4.iad50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 929cbb64d024a9973633b197e2a23482.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=94126c18-eb99-4941-96e8-02924107fb5a&3rddpi=2023874098&3rdpcid=ZWduecYvyfVFyPgUHOy9qAAA%265559&3rddpi=1810047279&3rdpcid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d&3rddpi=1639354730&3rdpcid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG%7EA&3rddpi=1634346717&3rdpcid=Jdi-O3-nPqSJOSeXUTQZ&3rddpi=1213503647&3rdpcid=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm%7EA&3rddpi=1239766150&3rdpcid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b&3rddpi=443164713&3rdpcid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e&ripv6=2001:550:1d05:1::5
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
AJtx7g8lCb-ToUFU3Kh0Ny7CHA0iIe98kzZLA2wPB_pCtRZXyOhAYA==
28292
i.liadm.com/s/ Frame 34E4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-XiFY7G6HfzxW0044sOTJNG8nijtB8bCzzSYazQ
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-XiFY7G6HfzxW0044sOTJNG8nijtB8bCzzSYazQ
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-058n?duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&euns=0&s=&version=v2.11.1&
Protocol
HTTP/1.1
Server
18.233.217.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-217-217.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 17:01:45 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
5
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-XiFY7G6HfzxW0044sOTJNG8nijtB8bCzzSYazQ
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1181244
content-length
0
expires
Wed, 29 Nov 2023 00:00:00 GMT
a-058n
i6.liadm.com/s/c/ Frame 34E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/c/a-058n?duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&version=v2.11.1&s=&euns=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-058n?duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&euns=0&s=&version=v2.11.1&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:ed:550a:3539:381b:7999:2df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
iquid.js
resources.infolinks.com/static/ 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/iquid.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c35a725ae1976af59c99556ad69e993dd9cf474033a75bb9406d59819d573d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 11:30:07 GMT
server
cloudflare
age
7677
etag
W/"d8c3-5f7533fc75a6e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82dc6a140c6a8da8-MIA
expires
Fri, 29 Dec 2023 14:53:47 GMT
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:07 GMT
server
cloudflare
age
519821
etag
W/"6540128b-2675"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82dc6a150a527428-MIA
expires
Sat, 02 Dec 2023 17:01:45 GMT
id5.js
resources.infolinks.com/static/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/id5.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:44 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 26 Mar 2023 15:25:02 GMT
server
cloudflare
age
11485
etag
W/"e65f-5f7cf3aed6f0f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82dc6a141c6c8da8-MIA
expires
Fri, 29 Dec 2023 13:50:19 GMT
ppid.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ppid.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.26.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9470010730b754d8563690539a873235785bfd53e4af5cd93e0b08567d76c45e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:17 GMT
server
cloudflare
age
543909
etag
W/"65401295-2847"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
82dc6a150a517428-MIA
expires
Sat, 02 Dec 2023 17:01:45 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		91 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=328512134&pt=17&dpn=1&jsver=5.36&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=227_1701277305005&fbp=646215235&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/iquid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-70.iad12.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
06e293eed3942549d18a5a17e758b9fbbaa000cce0765be57ac691dba9278324

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 145bb9cba9e12350510f02ee9ab6ca22.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://heraldcourier.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
dMkrG59ZvGAqDZFMudnUZv00nuCHb-skV3PpRXtaIC1fyuqjZQrmKw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=190702&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&tsrn...
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=190702&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&ts...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=190702&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&tsrnd=178_1701277305006&fbp=646215235&jsver=5.36&abtp=100&abtg=A&ripv6=2001:550:1d05:1::5
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
52.85.132.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-4.iad50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 929cbb64d024a9973633b197e2a23482.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=190702&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&tsrnd=178_1701277305006&fbp=646215235&jsver=5.36&abtp=100&abtg=A&ripv6=2001:550:1d05:1::5
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
7W_J9TZ2YZqo9AeYADAma4GYz2RiwgrxTo0SUIXLb9qm6zdc0pQFSQ==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/id5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
32ce8831ec40ec80fc1ee005461cda6e87e1f905e548ebe4990d7fb9e79cad00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heraldcourier.com
date
Wed, 29 Nov 2023 17:01:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
crum
dsum-sec.casalemedia.com/ Frame C325
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWduecYvyfVFyPgUHOy9qAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEgQ1DKmXNCqYeIezTgz_8Y&google_cver=1
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEgQ1DKmXNCqYeIezTgz_8Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ll81MpWZim%2Bqgo%2FfyLW%2BT1MyrakWlOFebXYYV7T04azgr%2BQFRVmZSgfDX0UBIddjDbkmfzVfMBAHfKA9crRvR6D%2FKLoIYzdjUo8bYB%2FHhzYVXpFfsOI9PGdVmlGY%2Bjn8a6aa3kVLQ5sHFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dc6a167c594c20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEgQ1DKmXNCqYeIezTgz_8Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C325
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690&google_gid=CAESEI5EyCMyMFzwUIe2BnYdzvg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZjY2N2JiODYtZDRiZi00NDgwLWJkMWItMzNkNjBjODBmNjkw&google_push&gdpr=0&gdpr_consent=&ttd_tdid=f667bb86-d4bf-4480-bd1b-33d60c80f690
date
Wed, 29 Nov 2023 17:01:45 GMT
server
Kestrel
content-length
423
usermatchredir
ssum-sec.casalemedia.com/ Frame C325
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWduecYvyfVFyPgUHOy9qAAAFbcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtn7McQ42N-i29mkSPdCiw&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtn7McQ42N-i29mkSPdCiw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq2AUJWxEj6OOxLcx8Jik9oNDzO5qQcsf9UvWFS5%2FHRSe8k92D3us%2FEUQtxbkyY1TX%2FFUaR0rBLN4vMNpo0RJjmxaxBf0PG0Emh6jqvrDEfAfy0fb3ms8ylUZ9nTeuLc7kCcqhXHriw9%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dc6a15db464c20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFtn7McQ42N-i29mkSPdCiw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
31327
i.liadm.com/s/ Frame C325 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWduecYvyfVFyPgUHOy9qAAA%265559&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.217.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-217-217.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 17:01:45 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame C325
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717002105&external_user_id=85cf0e2b-4285-4f6d-b6d7-4d2330e0ec47
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717002105&external_user_id=85cf0e2b-4285-4f6d-b6d7-4d2330e0ec47
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBgcpeOJ6s21G0d4r%2BMpZLyNkDZHMx8L9iuqF4IbfBzFtPPFQlGo5y%2B2LnwLrnbSM3UEthGOEL9Zd%2BL0z2Vwo85zC%2BLiLYtvwhJRLNO533pvl1UKdrxGfZkb7AJ2xu1tTUKnNGOrXtsXNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dc6a167c644c20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717002105&external_user_id=85cf0e2b-4285-4f6d-b6d7-4d2330e0ec47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame C325
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vWHZab0x2GemYd1tvGHCbbsw22amZNppvTZBJuQ-
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vWHZab0x2GemYd1tvGHCbbsw22amZNppvTZBJuQ-
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsEQRijGL7kvhF1MYTLgSUOYVwFWYMYewdjevKpylpXQ3RIXBl%2FvzawymFjS0NO%2FzUEpYswH2Dg8KDzB%2Fm%2BxPQJ1m%2BDI7IZ0b%2BV%2B1hJnob%2BenKM62GQSQ0VqJEulW1035NReIxLyiXjjFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dc6a16acbe4c20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vWHZab0x2GemYd1tvGHCbbsw22amZNppvTZBJuQ-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C325
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=145c1539-aaff-492e-b552-edc3189dcb6b&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=145c1539-aaff-492e-b552-edc3189dcb6b&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkvfYJTIg%2FLDUMSKm5BXnPL4RPvMUhidxEkaIqtCOgUdzNNkG%2FelouAhWPSSnQFQrmzKeW%2BxRP6MVMSzfALTZ%2FvDFtGeQOHKgG%2F0C7CWbuO7kCzI7Qk52yFfnIeb%2Fo7se9RMRrMf05vxmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dc6a187f8b4c20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=145c1539-aaff-492e-b552-edc3189dcb6b&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Wed, 29 Nov 2023 17:01:45 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame C325
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3620806462578181671
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3620806462578181671
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYOVi4R%2F1PmkrFGRdgZDPX%2Fz7cR4eGuZHAIXasUAgeL9TXRjQ2JE3SEGvqj7HFYLzem8Zb3Kzs9LvY5XDs9F1W0ndqjdzm%2Bwuk%2BfmW1bZAHdWMJe2VQ7mqgaN2hzDD9APFPgQY7vM80TKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dc6a15db434c20-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
an-x-request-uuid
152c400a-03b7-4bc8-aa62-c174d033ed1c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3620806462578181671
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ix-usync
router.infolinks.com/dyn/ Frame C325 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=ZWduecYvyfVFyPgUHOy9qAAA%265559
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a155e7f8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT
ppid
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.2.0
  • https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.2.0&b=1&g=Bah3e5fJ3VOtMZ%2FrqybsIqwydArwBqX2uNEDTBAbd9I%3D&fp=m65fKPeRDxkrmHHD3VO6n2Nzaj3CMyZSp5ARh%2Fw2LkOd%2FS554NnjoNbN1t35hEauB...
42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.2.0&b=1&g=Bah3e5fJ3VOtMZ%2FrqybsIqwydArwBqX2uNEDTBAbd9I%3D&fp=m65fKPeRDxkrmHHD3VO6n2Nzaj3CMyZSp5ARh%2Fw2LkOd%2FS554NnjoNbN1t35hEauBbIEGylss0wLI6o4cx4HBA%3D%3D
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://heraldcourier.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://heraldcourier.com
location
https://lexicon.33across.com/v1/ppid?pid=0015a0000344WLkAAM&ver=1.2.0&b=1&g=Bah3e5fJ3VOtMZ%2FrqybsIqwydArwBqX2uNEDTBAbd9I%3D&fp=m65fKPeRDxkrmHHD3VO6n2Nzaj3CMyZSp5ARh%2Fw2LkOd%2FS554NnjoNbN1t35hEauBbIEGylss0wLI6o4cx4HBA%3D%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.2.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.2.0&b=1&g=PAjeBsXKuqEHT20A%2FbqV8sznVeVMZTPrLizwO543hPQ%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.2.0&b=1&g=PAjeBsXKuqEHT20A%2FbqV8sznVeVMZTPrLizwO543hPQ%3D
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://heraldcourier.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://heraldcourier.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=1.2.0&b=1&g=PAjeBsXKuqEHT20A%2FbqV8sznVeVMZTPrLizwO543hPQ%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
in_search.js
resources.infolinks.com/js/1895.006-3.034/ 		225 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/in_search.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
1895
etag
W/"38471-6099387db3d85"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82dc6a15cf578da8-MIA
expires
Fri, 29 Dec 2023 16:30:10 GMT
bubble.js
resources.infolinks.com/js/1895.006-3.034/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/bubble.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
4121
etag
W/"2702f-6099387db510d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82dc6a15cf688da8-MIA
expires
Fri, 29 Dec 2023 15:53:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Wed, 29 Nov 2023 17:01:45 GMT
container-3.0.html
resources.infolinks.com/static/ Frame 7CB4 		1 KB
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-3.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cb550e3eed0fa766ffd5596c6d7fd0460a06fca3483d762d0b0fd36731a100

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
374
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
82dc6a15df798da8-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 17:01:45 GMT
expires
Fri, 29 Dec 2023 16:55:31 GMT
last-modified
Thu, 02 Nov 2023 07:15:03 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
getads.htm
rt3006.infolinks.com/action/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3006.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22article%22%2C%22scs%22%3A%22-lBdGZxog_%22%7D%5D&rid=f3fc23dd-cd51-4d11-90ec-b4615d35f0ab&jsv=1895.006-3.034&sr=1600X1200&rts=1701277305298&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=119.0.6045.199&dv=p&ce=t&purl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&tzo=-1000&c=c&strg=true&pitc=83~gtqDnVYdPI7GFqTdfTbG574V5VjZfqyI&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=9MYk3Y8Jxek8CZMOYe_oi_XbLzpSSeaP1vmsjcc3wbtXCm-qqwd81GeeBKbUvdPshmr_QAhTw8BJXztljf6rxp6RN9Ku5ckbv375cAOzy0Yb-WLNMNGFSc1wpCtZ47JGD2aHqHbceYnI2ofve_kSRF4VI8OSuyIx&rsk=92&rcs=aGewNKZHK-Dw74E0tAiInA&cuid=94126c18-eb99-4941-96e8-02924107fb5a&ique=&hbnr=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb043f0f838ad8efa8231e3d7f246941b227e5ff46a04f16dc7a35915c3f1f36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
82dc6a1638128da8-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
amd-us
router.infolinks.com/dyn/ Frame 7CB4
Redirect Chain
  • https://tracker.exchange.amitydigital.io/sync?id=11&uid=94126c18-eb99-4941-96e8-02924107fb5a
  • https://router.infolinks.com/dyn/amd-us?user_id=ce7defb9-4001-130a-f063-c77e322fa4a6
35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/amd-us?user_id=ce7defb9-4001-130a-f063-c77e322fa4a6
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a17eae38da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

location
https://router.infolinks.com/dyn/amd-us?user_id=ce7defb9-4001-130a-f063-c77e322fa4a6
content-length
100
content-type
text/plain; charset=utf-8
ta-usync
router.infolinks.com/dyn/ Frame 7CB4
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=94126c18-eb99-4941-96e8-02924107fb5a=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7BTA_DE...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd0473bc4-61f1-4807-bfdc-b530f2b53b7b%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3620806462578181671&pt=d0473bc4-61f1-4807-bfdc-b530f2b53b7b%2Chttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fta...
  • https://router.infolinks.com/dyn/ta-usync?uid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b
35 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ta-usync?uid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a179a638da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://router.infolinks.com/dyn/ta-usync?uid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
152mus
router.infolinks.com/dyn/ Frame 7CB4
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=202694&t=image&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F152mus%3Fuid%3D%7BUID%7D
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D202694%26dsp%3D639242%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=202694&dsp=639242&t=image&uid=3620806462578181671
  • https://router.infolinks.com/dyn/152mus?uid=A9185376858540384715
35 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/152mus?uid=A9185376858540384715
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a19cdce8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/152mus?uid=A9185376858540384715
Date
Wed, 29 Nov 2023 17:01:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
0
cons-us
router.infolinks.com/dyn/ Frame 7CB4
Redirect Chain
  • https://e.serverbid.com/usersync?cspi=154&ttt=1&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fcons-us%3Fuser_id%3D%24%7BUID%7D
  • https://router.infolinks.com/dyn/cons-us?user_id=9f104f8a99a3464f904f8a99a3264fa0
35 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/cons-us?user_id=9f104f8a99a3464f904f8a99a3264fa0
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
82dc6a17faea8da8-MIA
content-length
35
expires
Tue, 29 Nov 2022 17:01:45 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:45 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://resources.infolinks.com
location
https://router.infolinks.com/dyn/cons-us?user_id=9f104f8a99a3464f904f8a99a3264fa0
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
535.json
id5-sync.com/g/v2/ 		625 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/535.json
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/id5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
2bfc998e5f0e163f72831507b5a1090cda67d55399af648ec8e61b437687541a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heraldcourier.com
date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
36378
idx.liadm.com/idex/unknown/ 		54 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/unknown/36378?duid=3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt&_pubcid=45cb42a4-2460-4599-990a-e428e7e44862
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-058n.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.27.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-27-72.compute-1.amazonaws.com
Software
/
Resource Hash
202c962a99f85c64d314bbb3878fbe75c23b6a2c7d7406a2ecff72e17a354f5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
6
content-type
application/json
access-control-allow-origin
https://heraldcourier.com
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
96f4c9eed2c1c759
content-length
54
expires
Thu, 30 Nov 2023 17:01:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC17 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvIW7z9eBYWA4pNQrq9XYgw28c3O0j2lL0-ZQe7r-z9LRtehEQ7TiLYJEolYl1vJQVjcFnr5girI2_Kxy8HSBCIwKj5BGpS1MjhNHl-4L82upBnRB2gciaQ75LZY7dxgEk8F4WTP4-VA&sai=AMfl-YTrZcMh75thP8p0efich0TX9J-u9XwPVdUC7EV-7XkSj7YbzO8&sig=Cg0ArKJSzJlSC0AmgJTgEAE&id=lidar2&mcvt=1006&p=1,799,2,800&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3294672869&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701277304048&rpt=496&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-e09f10f-fd9abb4c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 11:31:12 GMT
server
cloudflare
age
6240
etag
W/"5344d-5f75343a1bcf7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82dc6a198d548da8-MIA
expires
Fri, 29 Dec 2023 15:17:45 GMT
adview.htm
rt3006.infolinks.com/action/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3006.infolinks.com/action/adview.htm?rid=f3fc23dd-cd51-4d11-90ec-b4615d35f0ab&bdc=1&midx=0&emd=OTU4fm51bGxfbnVsbH42NzM4Mzc0&rts=1701277305837&prod_t=d&jsv=1895.006-3.034&skin=sidebar&theme=nologo&sdata=article&scs=-lBdGZxog_&rsd=9MYk3Y8Jxek8CZMOYe_oi_XbLzpSSeaP1vmsjcc3wbtXCm-qqwd81GeeBKbUvdPshmr_QAhTw8BJXztljf6rxp6RN9Ku5ckbv375cAOzy0Yb-WLNMNGFSc1wpCtZ47JGD2aHqHbceYnI2ofve_kSRF4VI8OSuyIx&rsk=92&rcs=aGewNKZHK-Dw74E0tAiInA
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://heraldcourier.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
82dc6a199f953360-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
infolinks
ox-rtb-us-west1.openx.net/win/ Frame FD31 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-us-west1.openx.net/win/infolinks?p=0.142&t=2DAABBgABAAECAAIBAAsAAgAAAf8cGAoxYzdybnViVlJtHBaMp-Ly5uuevdoBFvvZtPHVpoH-jAEAHBa4usK-vP2lzuABFrfY2oP8uqPTnAEAFvK5u9YMFQY4JDAxMTBlMjkzLTU5ZWQtNDJlOS05NjUwLTE3MmUyZjU1NGRlMxwVAhgZQUxXQVlTX0ZFRVNfVklBX01MX05PTl9PQhgLMjVfMjVfMjVfMjUAACwcFQIAHBUCABwVAgAAHCbW0rWIBBUEFQQmztK1iAQWlruBhgQlAhUCppwCFpwCFpwCFhQWFBYUFhQWgAMAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWqtqYgAQW_MGbgAQWirHAgwQW_rDAgwQVGBwUtAEUsAsAFQQmgAMWgAMWgAMRNQ4mgAM0AgAsLBa-pqqswOi03jYWq_ux-9Sw7bf1AQAW8rm71gwGKKramIAEFvzBm4AEFv6wwIMEFoqxwIMEGAc2NzM4Mzc0FvDpVBaAAyUEFmAYAzI3OBUCoSgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAR0cnVlAKw4JGNyaW10YW4uY29tQHNvbWVsaWtlaXRob3RtdXNpY2FsLmNvbQAAAA&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
202.70.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
via
1.1 google
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
AAABjBwHiqrdfPMHdUTH14bWcD64impxxeP__Q
pn.ybp.yahoo.com/ab/secure/true/imp/-f70cGXi7QHSPeSYqAUbvBss-sraYmMw5bmDLr8voCzCmDdQUGRYp85RkUsHUPNUAfpbFHF4Tou_dywNF5EUxSlejtLoWB-Apwd7PhnyRuGCFEMplCkgXHhDm5be23aWRFBnschljPyPBQ86FxV5lnQgfGQwPwi-T... Frame FD31 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/-f70cGXi7QHSPeSYqAUbvBss-sraYmMw5bmDLr8voCzCmDdQUGRYp85RkUsHUPNUAfpbFHF4Tou_dywNF5EUxSlejtLoWB-Apwd7PhnyRuGCFEMplCkgXHhDm5be23aWRFBnschljPyPBQ86FxV5lnQgfGQwPwi-TSm9ng0RlrbVFIIc5hHXQJRVD8v3ugBpxebalv8JzXyYzhOoOEtg0ggQB-fVzxlDCcCIWJTHsWBM7WV_LGFkX3WQ5-aoWfZAZYGm-lFVYhPFzHYmsdIZ46kUJJDMdy5c_CXh8kBqu7M1PbhhRi353H0hCmAtZRE7pS9it0eO4qUQqN7CuO6F4_LIrAm-6WBr7N6aBQjoEIHoxfi-OW1d6tcWqKYy9zIP4vgViqQsQzelkv5NDE7nIbD6k7gCOKpWSvRKdaFtJp2gIPXT0CH-Tvrii4OwKyAZ1up_SflKhTemXanJ13kZmHDgf6_xoQbRXXZEqMB3n_hTM75-fdVfu96j2HQdItWfiFBXIG7BmQY6fStBAQ3fhQjCNqJNSj2Ct5HgF3AnW1FaEBRNxrPx1JYBfoUIp57qVNRcoP_gY9GxPGY9GHHJqiRDXTfn-TIFD3TfPtZFS4ExhVr4z_DRM9PUu5--nRHeU50GpCNntM15OJHCrAX2LZICTsqQFeAONqNNkIFwdzumHymVB9cGzZ_ydVcW92qxlFbN-nNc1tC6WOn5DcStC757S-SFC6QWeCehGLy_ZqrMhG7vpoSOrnA-Iu3JfD8_k6MAClEW_wMDGZRU4U9hEvUfz2y05oQoQY0J3BWHfw-jB0yOtVjhsRREd6Mop_JKylfEeMmx6HLPT5pcd1x5kJH1BNub2NFiATWQF1_tjHHFlHYVyThtomaEPpQy9jE0Ysu2saWuV1EJeOEpt9MslzT0e0n5UhYbwfB41SarIAliIDtPF2v7I_32HeNZE6-MNgp7f9vZFj638cw-Ikoxejo0KBhAemTqvtHptFhifE6st7FYCzDBPhlTky5KtOYS117ucLLF1L5QXNbq_KyNLSd6Do86Py_tCBswYL1FFctJrF_-CJ0L_ikJyEVCAtQYOlsSUBHgeEX4iwTyHpNWb_j0NIyNpi82oJ3H3D2rcEbrvR72swu_90kViIUxZbTLfp0G3HtUHHBqizezQxWdDZix8cdxky5YyGflfmQPedgH4UZg-2YkAGVLEq2pDptCIPGpw4r2KRSQdpakqCBcJiXla24-Or65pNBNPcKSHX-TQVXVlkI6sIJPyHfKG0iIcQx2t7wEi74bVqlK8KpuY9pzdl-vIbR7Nhm2e_ihyDLQ0DCB_9N-CRNCrikpSrViAEIkL3dNgdJge9K4hM-qyCtctLXZztpqb8xD5ea8QIwFLxWyZMr6AL_ASyax-e8kxMNAb8GiU7k2-9r0vl0RMhh5l1ZV93ATY49DTR5wRguNLjDdBX4qj4MkP3a8Exlo2L3A2sOwjebhQY9EDTVKihpizCxcVT403AUuYX_1d9KAyWb4E06MllbEAHPj_3G-d3kSXXRp1B-QgSyLWQsub6ozJP-98YehIabpvk_1UQNxWvZNrlTZqQh_FvKcxjHA3UKsyKOYYYCzrOFJ3OECi5jrduhdml5bIjm0QLy9sBEfhWEJ5JUf_VeuzSsQHxKZA4Tb8NaqMA66zI76AXyoFXoknpaP4ZdhxpphhAlevbuka4hWs_7qFVqq_fhIcPpf2LAtn4Jm2aU2-1exIsVcukE101O8xGeJ/wp/AAABjBwHiqrdfPMHdUTH14bWcD64impxxeP__Q
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:a505:9a1:892d:586b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
ce73e0975007bdcf1d5504751d38fb7bb83a34db40933a3b87563579aacb4a13
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2531
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/535/8.gif?id5id=ID5*PMSfnDbaJNnlKxxHP7P7rlKmHTcYKWaZnz3qdsw8VFRxf6464nXibPAAhp5j4gO6cYCwrCL4EvlyLjEafJuaSw&o=api&gdpr_consent=undefined&gdpr=false
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/535/429/7/2.gif?puid=EC0DE233-2EF3-44EE-9B5B-047A2F057529&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/535/108/6/3.gif?puid=d0473bc4-61f1-4807-bfdc-b530f2b53b7b&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/535/441/5/4.gif?puid=u_0d257e7c-a118-4a85-805d-87b17384eb86&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/535/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/535/2/4/5.gif?puid=3620806462578181671&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=EC0DE233-2EF3-44EE-9B5B-047A2F057529&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1242%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/535/1242/3/6.gif?puid=HvP9jLZHhwIVHYYIRGe3_3HF&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=3620806462578181671&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F1246%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/535/1246/2/7.gif?puid=HvP9jLZHhwIVHYYIRGe3_3HF&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F535%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/535/434/1/8.gif?puid=10374ec6-5eb8-464f-9db3-01113411b037&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttl=%%TTL%%
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttl=%%TTL%%
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 29 Nov 2023 17:01:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=f667bb86-d4bf-4480-bd1b-33d60c80f690&ttl=%%TTL%%
date
Wed, 29 Nov 2023 17:01:48 GMT
server
Kestrel
content-length
199
banner
a.ctnsnet.com/ase/ Frame FD31 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ctnsnet.com/ase/banner?act=scr&sid=75959670&nid=66354764&gdpr_consent=&cb=1627782113097455296&pb=5&cr=2533135&cp_id=522091&url=https%3A%2F%2Fheraldcourier.com&dmn=heraldcourier.com&clk=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2Fop5Ug_Wq9VLxGuD_TFu0oKxCYRXyt42UaEV0vTiCGREMeNa0R9nQIZW3_ACq-xDqCwEVPk3XL2oK-a9OsqohL7XLSfStVJrLGPqNmJQSfhP3eQv66ZC6ghoaa2wGosJO_U1-eeIk_D8VwMBKEpDwCP0rT86Id_7NseBo-zd08JpucpT9VWUngCRm1eOWJsUmYWO480SkL4Nc9o8ROePpXFdl1XWCtMICPYVta1HQ5yAVDNxzaONTUHjElxFsnZ5EoVSFGweWi3mwPCfqWRVc70Hjg5prfY8o9LeD7FqtmX9KPozsIaEjww%2Frurl%2F
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/-f70cGXi7QHSPeSYqAUbvBss-sraYmMw5bmDLr8voCzCmDdQUGRYp85RkUsHUPNUAfpbFHF4Tou_dywNF5EUxSlejtLoWB-Apwd7PhnyRuGCFEMplCkgXHhDm5be23aWRFBnschljPyPBQ86FxV5lnQgfGQwPwi-TSm9ng0RlrbVFIIc5hHXQJRVD8v3ugBpxebalv8JzXyYzhOoOEtg0ggQB-fVzxlDCcCIWJTHsWBM7WV_LGFkX3WQ5-aoWfZAZYGm-lFVYhPFzHYmsdIZ46kUJJDMdy5c_CXh8kBqu7M1PbhhRi353H0hCmAtZRE7pS9it0eO4qUQqN7CuO6F4_LIrAm-6WBr7N6aBQjoEIHoxfi-OW1d6tcWqKYy9zIP4vgViqQsQzelkv5NDE7nIbD6k7gCOKpWSvRKdaFtJp2gIPXT0CH-Tvrii4OwKyAZ1up_SflKhTemXanJ13kZmHDgf6_xoQbRXXZEqMB3n_hTM75-fdVfu96j2HQdItWfiFBXIG7BmQY6fStBAQ3fhQjCNqJNSj2Ct5HgF3AnW1FaEBRNxrPx1JYBfoUIp57qVNRcoP_gY9GxPGY9GHHJqiRDXTfn-TIFD3TfPtZFS4ExhVr4z_DRM9PUu5--nRHeU50GpCNntM15OJHCrAX2LZICTsqQFeAONqNNkIFwdzumHymVB9cGzZ_ydVcW92qxlFbN-nNc1tC6WOn5DcStC757S-SFC6QWeCehGLy_ZqrMhG7vpoSOrnA-Iu3JfD8_k6MAClEW_wMDGZRU4U9hEvUfz2y05oQoQY0J3BWHfw-jB0yOtVjhsRREd6Mop_JKylfEeMmx6HLPT5pcd1x5kJH1BNub2NFiATWQF1_tjHHFlHYVyThtomaEPpQy9jE0Ysu2saWuV1EJeOEpt9MslzT0e0n5UhYbwfB41SarIAliIDtPF2v7I_32HeNZE6-MNgp7f9vZFj638cw-Ikoxejo0KBhAemTqvtHptFhifE6st7FYCzDBPhlTky5KtOYS117ucLLF1L5QXNbq_KyNLSd6Do86Py_tCBswYL1FFctJrF_-CJ0L_ikJyEVCAtQYOlsSUBHgeEX4iwTyHpNWb_j0NIyNpi82oJ3H3D2rcEbrvR72swu_90kViIUxZbTLfp0G3HtUHHBqizezQxWdDZix8cdxky5YyGflfmQPedgH4UZg-2YkAGVLEq2pDptCIPGpw4r2KRSQdpakqCBcJiXla24-Or65pNBNPcKSHX-TQVXVlkI6sIJPyHfKG0iIcQx2t7wEi74bVqlK8KpuY9pzdl-vIbR7Nhm2e_ihyDLQ0DCB_9N-CRNCrikpSrViAEIkL3dNgdJge9K4hM-qyCtctLXZztpqb8xD5ea8QIwFLxWyZMr6AL_ASyax-e8kxMNAb8GiU7k2-9r0vl0RMhh5l1ZV93ATY49DTR5wRguNLjDdBX4qj4MkP3a8Exlo2L3A2sOwjebhQY9EDTVKihpizCxcVT403AUuYX_1d9KAyWb4E06MllbEAHPj_3G-d3kSXXRp1B-QgSyLWQsub6ozJP-98YehIabpvk_1UQNxWvZNrlTZqQh_FvKcxjHA3UKsyKOYYYCzrOFJ3OECi5jrduhdml5bIjm0QLy9sBEfhWEJ5JUf_VeuzSsQHxKZA4Tb8NaqMA66zI76AXyoFXoknpaP4ZdhxpphhAlevbuka4hWs_7qFVqq_fhIcPpf2LAtn4Jm2aU2-1exIsVcukE101O8xGeJ/wp/AAABjBwHiqrdfPMHdUTH14bWcD64impxxeP__Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.210.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.210.227.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
112fc1c974794547e34e11a8b132246c520853835de0a3226d6935d91bae252d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
content-encoding
gzip
via
1.1 google
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame FD31
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=CRIMT&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58680/cms?partner_id=CRIMT&gdpr_consent=
  • https://i.ctnsnet.com/int/cm?prv=yh&crdp=true&uid=y-4BBvlFpE2pOLL4i2MxRcpapjJGoV55AbPjE-~A
  • https://ads.yahoo.com/cms/v1?sigv=1&nwid=10000010147&eid=c93fc6010f654086b30572bc36252244&esig=2~8a80e4236f70e1a41347a376f5ad11ad86d1de12
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?sigv=1&nwid=10000010147&eid=c93fc6010f654086b30572bc36252244&esig=2~8a80e4236f70e1a41347a376f5ad11ad86d1de12
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:46 GMT
strict-transport-security
max-age=31536000
cache-control
no-store
x-content-type-options
nosniff
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:45 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://ads.yahoo.com/cms/v1?sigv=1&nwid=10000010147&eid=c93fc6010f654086b30572bc36252244&esig=2~8a80e4236f70e1a41347a376f5ad11ad86d1de12
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame FD31 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/-f70cGXi7QHSPeSYqAUbvBss-sraYmMw5bmDLr8voCzCmDdQUGRYp85RkUsHUPNUAfpbFHF4Tou_dywNF5EUxSlejtLoWB-Apwd7PhnyRuGCFEMplCkgXHhDm5be23aWRFBnschljPyPBQ86FxV5lnQgfGQwPwi-TSm9ng0RlrbVFIIc5hHXQJRVD8v3ugBpxebalv8JzXyYzhOoOEtg0ggQB-fVzxlDCcCIWJTHsWBM7WV_LGFkX3WQ5-aoWfZAZYGm-lFVYhPFzHYmsdIZ46kUJJDMdy5c_CXh8kBqu7M1PbhhRi353H0hCmAtZRE7pS9it0eO4qUQqN7CuO6F4_LIrAm-6WBr7N6aBQjoEIHoxfi-OW1d6tcWqKYy9zIP4vgViqQsQzelkv5NDE7nIbD6k7gCOKpWSvRKdaFtJp2gIPXT0CH-Tvrii4OwKyAZ1up_SflKhTemXanJ13kZmHDgf6_xoQbRXXZEqMB3n_hTM75-fdVfu96j2HQdItWfiFBXIG7BmQY6fStBAQ3fhQjCNqJNSj2Ct5HgF3AnW1FaEBRNxrPx1JYBfoUIp57qVNRcoP_gY9GxPGY9GHHJqiRDXTfn-TIFD3TfPtZFS4ExhVr4z_DRM9PUu5--nRHeU50GpCNntM15OJHCrAX2LZICTsqQFeAONqNNkIFwdzumHymVB9cGzZ_ydVcW92qxlFbN-nNc1tC6WOn5DcStC757S-SFC6QWeCehGLy_ZqrMhG7vpoSOrnA-Iu3JfD8_k6MAClEW_wMDGZRU4U9hEvUfz2y05oQoQY0J3BWHfw-jB0yOtVjhsRREd6Mop_JKylfEeMmx6HLPT5pcd1x5kJH1BNub2NFiATWQF1_tjHHFlHYVyThtomaEPpQy9jE0Ysu2saWuV1EJeOEpt9MslzT0e0n5UhYbwfB41SarIAliIDtPF2v7I_32HeNZE6-MNgp7f9vZFj638cw-Ikoxejo0KBhAemTqvtHptFhifE6st7FYCzDBPhlTky5KtOYS117ucLLF1L5QXNbq_KyNLSd6Do86Py_tCBswYL1FFctJrF_-CJ0L_ikJyEVCAtQYOlsSUBHgeEX4iwTyHpNWb_j0NIyNpi82oJ3H3D2rcEbrvR72swu_90kViIUxZbTLfp0G3HtUHHBqizezQxWdDZix8cdxky5YyGflfmQPedgH4UZg-2YkAGVLEq2pDptCIPGpw4r2KRSQdpakqCBcJiXla24-Or65pNBNPcKSHX-TQVXVlkI6sIJPyHfKG0iIcQx2t7wEi74bVqlK8KpuY9pzdl-vIbR7Nhm2e_ihyDLQ0DCB_9N-CRNCrikpSrViAEIkL3dNgdJge9K4hM-qyCtctLXZztpqb8xD5ea8QIwFLxWyZMr6AL_ASyax-e8kxMNAb8GiU7k2-9r0vl0RMhh5l1ZV93ATY49DTR5wRguNLjDdBX4qj4MkP3a8Exlo2L3A2sOwjebhQY9EDTVKihpizCxcVT403AUuYX_1d9KAyWb4E06MllbEAHPj_3G-d3kSXXRp1B-QgSyLWQsub6ozJP-98YehIabpvk_1UQNxWvZNrlTZqQh_FvKcxjHA3UKsyKOYYYCzrOFJ3OECi5jrduhdml5bIjm0QLy9sBEfhWEJ5JUf_VeuzSsQHxKZA4Tb8NaqMA66zI76AXyoFXoknpaP4ZdhxpphhAlevbuka4hWs_7qFVqq_fhIcPpf2LAtn4Jm2aU2-1exIsVcukE101O8xGeJ/wp/AAABjBwHiqrdfPMHdUTH14bWcD64impxxeP__Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JQNES745V4WXZG1R
age
529
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
+OiHctON5nT1mFxYor/cT5qcttximla/TtiZqKQNJjW7ckKn86Xf1Yp14nrX2uvAq4cTvFMTVA4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1341524/76240919/dcm/ Frame FD31 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1341524/76240919/dcm/dcmads.js
Requested by
Host: a.ctnsnet.com
URL: https://a.ctnsnet.com/ase/banner?act=scr&sid=75959670&nid=66354764&gdpr_consent=&cb=1627782113097455296&pb=5&cr=2533135&cp_id=522091&url=https%3A%2F%2Fheraldcourier.com&dmn=heraldcourier.com&clk=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2Fop5Ug_Wq9VLxGuD_TFu0oKxCYRXyt42UaEV0vTiCGREMeNa0R9nQIZW3_ACq-xDqCwEVPk3XL2oK-a9OsqohL7XLSfStVJrLGPqNmJQSfhP3eQv66ZC6ghoaa2wGosJO_U1-eeIk_D8VwMBKEpDwCP0rT86Id_7NseBo-zd08JpucpT9VWUngCRm1eOWJsUmYWO480SkL4Nc9o8ROePpXFdl1XWCtMICPYVta1HQ5yAVDNxzaONTUHjElxFsnZ5EoVSFGweWi3mwPCfqWRVc70Hjg5prfY8o9LeD7FqtmX9KPozsIaEjww%2Frurl%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.156.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-156-153.compute-1.amazonaws.com
Software
/
Resource Hash
7e66a532873f68094dc67ae290748e89c626a4a5a7d2d22b8a216ea64d4261af

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
banner
a.ctnsnet.com/ase/ Frame FD31 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.ctnsnet.com/ase/banner?act=imp&nid=66354764&aid=79723646&sid=75959670&cst=3&cb=MTcwMTI3NzMwNjIxNQ&pguid=9f0a5e5070a04a7083548285d8585f76&caid=da5f7e1253224df7bc6ab65f3fd79b93
Requested by
Host: a.ctnsnet.com
URL: https://a.ctnsnet.com/ase/banner?act=scr&sid=75959670&nid=66354764&gdpr_consent=&cb=1627782113097455296&pb=5&cr=2533135&cp_id=522091&url=https%3A%2F%2Fheraldcourier.com&dmn=heraldcourier.com&clk=https%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2Fop5Ug_Wq9VLxGuD_TFu0oKxCYRXyt42UaEV0vTiCGREMeNa0R9nQIZW3_ACq-xDqCwEVPk3XL2oK-a9OsqohL7XLSfStVJrLGPqNmJQSfhP3eQv66ZC6ghoaa2wGosJO_U1-eeIk_D8VwMBKEpDwCP0rT86Id_7NseBo-zd08JpucpT9VWUngCRm1eOWJsUmYWO480SkL4Nc9o8ROePpXFdl1XWCtMICPYVta1HQ5yAVDNxzaONTUHjElxFsnZ5EoVSFGweWi3mwPCfqWRVc70Hjg5prfY8o9LeD7FqtmX9KPozsIaEjww%2Frurl%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.210.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.210.227.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
via
1.1 google
server
Apache-Coyote/1.1
content-type
image/gif
p3p
CP="NOI DSP COR NID CUR OUR NOR"
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
consentag_logo.png
cdn.ctnsnet.com/ase/ Frame FD31 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ctnsnet.com/ase/consentag_logo.png
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d84532b9d6c19ed705018ea2a7267d2703391beebcdb841c658971af7378474b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 29 Nov 2023 17:01:46 GMT
via
1.1 google
x-age-lb
98442
x-77-cache
HIT
x-accel-date
1701178864
content-length
1322
x-77-nzt
EgwBnJIkFgH3ioABAAwBnJI73wH3AAAAAA
x-accel-expires
@1701438064
x-77-age
98442
x-cache-lb
HIT
last-modified
Sat, 25 Nov 2023 00:52:10 GMT
server
CDN77-Turbo
etag
W/"1322-1700873530000"
x-77-nzt-ray
1e192d08174b739e7a6e6765ed88ca1b
content-type
image/png
accept-ranges
bytes
dcmads.js
www.googletagservices.com/dcm/ Frame FD31
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1341524/76240919/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&adsafe_type=abeq&adsafe_jsinfo=,id:8b1d601e-b277-b6...
  • https://www.googletagservices.com/dcm/dcmads.js
18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 29 Nov 2023 17:26:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
server
nginx
x-server-name
app18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 437A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ec677b911dc73d5d7f845b909fe23e68.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
age
10503367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
boVuZRRZD9wm_86SrmUrYavL0l8oqpFMhMJeOGvtAtw84HMxJCouAw==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYGgI,pingTime:-2,time:72,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:392,mdZ:739,beA:745,beZ:746,mfA:749,cmA:750,inA:751,inZ:755,prA:755,prZ:772,si:778,poA:780,poZ:804,cmZ:804,mfZ:804,loA:813,loZ:815,ltA:817,ltZ:817%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:33%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:A.us.sn,siq:34,slid:%5BIL_SR_RESULT_CONTENT,IL_SR_AD_AREA,d_IL_INSEARCH%5D,sinceFw:37,readyFired:true%7D&br=c
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dcl.htm
rt3006.infolinks.com/action/ 		0
70 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3006.infolinks.com/action/dcl.htm?rid=f3fc23dd-cd51-4d11-90ec-b4615d35f0ab&prod_t=d&sdata=article&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
82dc6a20187a8da8-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame FD31 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1341524/76240919/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&adsafe_type=abeq&adsafe_jsinfo=,id:8b1d601e-b277-b683-64a8-9f01895b59ab,c:vkYGg5,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5f456796bd-88crx,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:A.us.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:34,oid:faa7e048-8ed8-11ee-9d8a-925d24af9327,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 20:59:46 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYGkC,time:314,type:e,im:%7Bimprf:%7Bttecl:640,ecd:248,tsecr:5%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:314,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B307~0%5D,as:%5B307~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,rmeas:1,rend:0,renddet:A.us.sn,siq:34,sis:287%7D&br=c
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0P...
ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/ Frame 3EEF 		66 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f6.1e100.net
Software
cafe /
Resource Hash
6aae7f75d4e9d64e3b5b45d43d9436254fb8f4a728d125657bb10f5d85c7f5ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
30503
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 17:01:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pd
us-u.openx.net/w/1.0/ Frame 0321 		754 B
785 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e5d5f82ba96ac7351d63210a99685037c34a3a58f07478a78f9004347722190e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
471
content-type
text/html
date
Wed, 29 Nov 2023 17:01:47 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
receive
pixel.tapad.com/idsync/ex/ Frame 0321 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=d4c2ae36-ab6d-4099-8667-471078febf12
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 0321 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=fc785e43-2800-4757-9fa1-1eccdcd18a77
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 0321
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=877aa2ac-3d2d-4b7e-93ff-5f3572e91fc6
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokODc3YWEyYWMtM2QyZC00YjdlLTkzZmYtNWYzNTcyZTkxZmM2EAAaDQj73J2rBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&rand=07742699
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&rand=07742699&expected_cookie=82b988db-4915-42c6-9266-56eb1d05c528
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&rand=07742699&expected_cookie=82b988db-4915-42c6-9266-56eb1d05c528
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F26661EFE3B840B3A79DB2EB2AEA11C6 Ref B: MIAEDGE1517 Ref C: 2023-11-29T17:01:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLTX2YRD9c8Q9uD+CHvA==

Redirect headers

date
Wed, 29 Nov 2023 17:01:47 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3ECEC96ED4CE4AB4BE3D6D4DE5848659 Ref B: MIAEDGE1517 Ref C: 2023-11-29T17:01:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=10339&puuid=84168395236deb6076dc0801a597fa25a57a65441ba597972da6509d41d80f81791426b5417dce21&rand=07742699&expected_cookie=82b988db-4915-42c6-9266-56eb1d05c528
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLTX2WmOycHU0ijKav9g==
sd
us-u.openx.net/w/1.0/ Frame 0321
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=3620806462578181671
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3620806462578181671
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
an-x-request-uuid
01d15ab1-bb7d-4888-9f84-abdc68bd9786
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=3620806462578181671
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0321
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7669919475307365375&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7669919475307365375&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7669919475307365375&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 29 Nov 2023 17:01:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 0321
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZWduewADRb6lpgBU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWduewADRb6lpgBU&_test=ZWduewADRb6lpgBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWduewADRb6lpgBU&_test=ZWduewADRb6lpgBU
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e33c1420-b041-4c33-896d-fdea8d16166f
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760063-MIA
pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701277307.203942,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWduewADRb6lpgBU&_test=ZWduewADRb6lpgBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYGqF,pingTime:-10,time:689,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701277307292%7C%7Cfea950f0ebb987987d31e2592155ddf8%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C33123da7b37edd83c9df83144681bb42%7C%7C318f76a2d30b532a31ef8752810be63e%7C%7C381a3da6c391d3a335ebc1530289bc81%7C%7C1f4c342d4913bebfd25637599dee64fc%7C%7C29705941572c63c4a079554574c47c23%7C%7C1663701684%7D
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
2553908397631944849
s0.2mdn.net/simgad/ Frame 3EEF 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2553908397631944849
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75135eec5c1ecd2b54156909df2085642fe54f8285f2598232e77b737e81e071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:28:06 GMT
x-content-type-options
nosniff
age
491621
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51496
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 15:26:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 00:28:06 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/ Frame 3EEF 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
527718fd2692a8581d7fb4e3d42fed33df4b4dc56632b1cc06344180902e5ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:17:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
74663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4282
x-xss-protection
0
server
cafe
etag
13218323832899434506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 20:17:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 3EEF 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:47:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
72855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 20:47:32 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3EEF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 17:01:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3EEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvG5gkEaOWb7I6uL7CRfcX5fzgtFC-2vJrGBsU40SstopYMuzKkX39Gpz36UOjtxMMY9lxBg7SFxrHWHTmIEsoxxATFg1nLjMOushNayt_gHwbKjEavMvOmrmlu6fK3ynsBA-bEZSwVFOM_trtneGWQ2JXwgkzRxykPSm0qP_woE0mdljfru6hAK3x7pd2r8DZz2A&sai=AMfl-YT4acPbd-UJWzxwHAzVTZLOD538zQwfpZNwSmGFtXbdjD19Pr5khYTVdrp-USaiDEa_uQenJRa83lyEwYoZlTkZmQNu7WbP6adwZA&sig=Cg0ArKJSzEXeAs2wfcadEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.43172&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3EEF 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
44798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 04:35:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3EEF 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
996fb823ccbf459caabd64b16ae50cd264cf8a1ba0611dc3a675d6e91cd43465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5760
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A9C9 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
89844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:04:23 GMT
expires
Wed, 27 Nov 2024 16:04:23 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame A9C9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
28281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 09:10:26 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3EEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvG5gkEaOWb7I6uL7CRfcX5fzgtFC-2vJrGBsU40SstopYMuzKkX39Gpz36UOjtxMMY9lxBg7SFxrHWHTmIEsoxxATFg1nLjMOushNayt_gHwbKjEavMvOmrmlu6fK3ynsBA-bEZSwVFOM_trtneGWQ2JXwgkzRxykPSm0qP_woE0mdljfru6hAK3x7pd2r8DZz2A&sai=AMfl-YT4acPbd-UJWzxwHAzVTZLOD538zQwfpZNwSmGFtXbdjD19Pr5khYTVdrp-USaiDEa_uQenJRa83lyEwYoZlTkZmQNu7WbP6adwZA&sig=Cg0ArKJSzEXeAs2wfcadEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=297&vt=11&dtpt=295&dett=2&cstd=0&cisv=r20231109.43172&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N4253.272874CRIMTAN/B29149005.380300526;dc_ver=99.292;sz=728x90;u_sd=1;gdpr=0;dc_adk=759403004;ord=qxg0ve;click=https%3A%2F%2Fa.ctnsnet.com%2Fase%2Fclk%3Fcln%3DbmlkPTY2MzU0NzY0JmFpZD03OTcyMzY0NiZzaWQ9NzU5NTk2NzAmY3N0PTMmY2I9TVRjd01USTNOek13TmpJeE5RJnBndWlkPTlmMGE1ZTUwNzBhMDRhNzA4MzU0ODI4NWQ4NTg1Zjc2JmNhaWQ9ZGE1ZjdlMTI1MzIyNGRmN2JjNmFiNjVmM2ZkNzliOTMmY2xrPWh0dHBzJTNBJTJGJTJGcG4ueWJwLnlhaG9vLmNvbSUyRmNqJTJGY2QlMkZvcDVVZ19XcTlWTHhHdURfVEZ1MG9LeENZUlh5dDQyVWFFVjB2VGlDR1JFTWVOYTBSOW5RSVpXM19BQ3EteERxQ3dFVlBrM1hMMm9LLWE5T3Nxb2hMN1hMU2ZTdFZKckxHUHFObUpRU2ZoUDNlUXY2NlpDNmdob2FhMndHb3NKT19VMS1lZUlrX0Q4VndNQktFcER3Q1AwclQ4NklkXzdOc2VCby16ZDA4SnB1Y3BUOVZXVW5nQ1JtMWVPV0pzVW1ZV080ODBTa0w0TmM5bzhST2VQcFhGZGwxWFdDdE1JQ1BZVnRhMUhRNXlBVkROeHphT05UVUhqRWx4RnNuWjVFb1ZTRkd3ZVdpM213UENmcVdSVmM3MEhqZzVwcmZZOG85TGVEN0ZxdG1YOUtQb3pzSWFFand3JTJGcnVybCUyRg%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fheraldcourier.com%2Fterms%2F$0;xdt=0;crlt=zxT5*FTrXt;gcsr=m;stc=1;chaa=1;sttr=92;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3EEF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 17:01:47 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6E60 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
28281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 09:10:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A9C9 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bpv8ze25nZf39DIi9nboPh9-xmAwAAAAAOAHgBAI&bg=!CQqlCkXNAAZxrfrxUa07ADQBe5WfOH1bT-75a2LFpJ44kpGNvQKPpM94mwRo_XLp_0Soo3o391rDqbr76Aes49fMSR30AgAAAH1SAAAAA2gBBwoAiI81FxmZQu_lG44FyPZbD84RyB0VD27ngYcNslbU6_hZCvoHzXYscfLICukJV2P7MyEf2C8ucE5loncOmuPm-SqB7-3BItVrQ6upTf1sIbloJU9V1B7aCJ9CEz_tBnAv8JlNr-bw3wMyYaeKudToaIKv-fE4SPDTEPYAkctGsvkfAuOU77uxAbSZAvvbzJgNOTEh_1gf2aC37rmniKntCU_KS9Xc8M21ieDUf2KuasCQHefDmDL3_OdNMR3P2u_4jqwdh9Jm7urolIl-O6vIZyqxORveNdzy-ojK-n6Xka702xsuGI1CO3RcfUOhv_CIy0dxGBnW5FGoxiBC6RM51ffD1P6RVbAXBNvsqJBXK_p_BISshcuuVGMyee2H6KdlpUc7WywzWcggQwpe_hsO6WOIDog3GffELXZq8HlJVUhFhjINX43a41a7gBt9-K2MMHt8kZhGPzv6aYvqnwnV4lJ7cWFYanb36SOdOwNYJn2dotn45g2rvv5KIM88ydUQJPl25BuuLu8xuo3Q3nOp-3VYcCd2waAcqC_WsIofZc1yYalwFx3MSoUd0kY2d4aBx3jfVlul_8K6aIhq1dTsC294jgU0h7Sk1VMM5EmIkd153m0gAfCN7TqtHkJRQLLrjnJHgATQTf8WQFLFx5GAFc0dW4ECyHqD8AISsu0K3QDV5eTkf7_uRZ96QurVAYFqis4LfliXDqk4VAvQx-o9Xuo2jzcnvWf-TWPALQ0oSBWtRBCahtveu-KkMZZeLcAEAm6Hs-VRynaYHB2vuvY75D-p8XlWmXuRy8m9tKVnbgeKMd7X0B0ykbLQAajfCrCgRYILL-_rGOd7Tq1q8FsgLxdH0Av1bBfckgQDa1ipPhwIecX0lX0z9hPdPEGd9CC_I6gMWeyghtgpMByXV4a8Hq8EaX2vPBsZ3V4m9iKOFH95cgOHtQuOrcSyvbsHQOZ9KzitkcBTw3v4cPRyjOXkzRFzvfA4s2yMK-6o3ni7eiepO9PQzBhxKeISIb_9pyvPi-SqFSwU27KDp1APW6s3x9ZmKl54ltXD-NjnkoXC0lbzUgyHmdDeasjDTECxKrPh9qXh3jpXmIVhkcJRvKqFk6NbiwM39g1FyJND90VGksQVgqxAtYqAJiO32X5hy5ZOHwsViuozMAIp2oX6Qr65OOZ__bqoP_YVaZ7Mu0uv5jTnPuo90N8R
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYGzt,time:1235,type:e,env:%7Bnr_p:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1235,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1228~0%5D,as:%5B1228~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:73,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,rmeas:1,rend:0,renddet:A.us.sn,siq:34,sis:287%7D&br=c
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:47 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
yv
beap-bc.yahoo.com/ Frame FD31 		43 B
762 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=9090721086717832024:1701277305423&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=ai4FBu3TcI_VpQL3RaUTfDVxuRZGRxhgYlHQl8ia5U9oXv87dEQFdLyMLEOPZG6h4yNcCu8AiiIR58uE-dRXLMnNsqZr1zSb2zvSbBcBy8RzoK7eEEJI6Huk-boVxOt4Df28yeOiOIKfiK1rOgUcO6crCGgM6MG4BGJ9o9M3nd4UjQihqz7ecRC67_uehQppWcxfCjfvDnslkObKonN1Coy2GpTU1KgJZfYxEvEIKeA&iv=100&v=1&m=2&r=1701277308000&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYGEV,time:1573,type:e,im:%7Bpci:%7Btdr:1507%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1573,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1566~0%5D,as:%5B1566~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:115,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:34,sis:287%7D&br=c
Requested by
Host: heraldcourier.com
URL: https://heraldcourier.com/terms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fefff83d851fd62045a9deffad1b28c16e6096ae03b83c1124f5dfaf0978c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12357
x-xss-protection
0
p
i.simpli.fi/ 		809 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=7855&cb=sifi_att_1768153694538195._hp
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.15.245.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
45d78b1f5345a73f6821bac10d154a1b8e128920f08d149b95f25477726cd24b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3EEF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvHkSwhziCe54j0oZiWuuCZmWrWWy0Z2CGNYfBBNCHV3Zdaz-82f7R5zZidGFnI0oSNx6wndeamHRbfXyVs6yvK_norV3Jq5cbhs3XqXQ_TjYCr5Rw0oNNDO0A&sig=Cg0ArKJSzCKGZH5kAB9oEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=33&adk=759403004&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701277306989&rpt=624&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=206C99B048774CB99E9DDE3E967775E8
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=b79e8eed1d&gdpr=0&gdpr_consent=
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=b79e8eed1d&gdpr=0&gdpr_consent=
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68507

Redirect headers

date
Wed, 29 Nov 2023 17:01:49 GMT
via
1.1 573f3bf892e6baf323888f7038237db2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=b79e8eed1d&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
77tbemaTeXw0r2DkgN9cvTkavdNt0em7TTJ-t0I2WetJCYM2IZ1MUg==
RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/206C99B048774CB99E9DDE3E967775E8
  • https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 17:01:48 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:48 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=206C99B048774CB99E9DDE3E967775E8&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=206C99B048774CB99E9DDE3E967775E8&dongle=yf3
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 29 Nov 2023 17:01:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=206C99B048774CB99E9DDE3E967775E8&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=206C99B048774CB99E9DDE3E967775E8
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=206C99B048774CB99E9DDE3E967775E8
Protocol
H2
Server
2600:1f18:612b:4216:c60f:823f:3002:28a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 29 Nov 2023 17:01:49 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=206C99B048774CB99E9DDE3E967775E8
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=206C99B048774CB99E9DDE3E967775E8
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=206C99B048774CB99E9DDE3E967775E8
  • https://d.agkn.com/pixel/10751/?che=1701277309031&ip=38.132.118.67&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D214690604715007429985
  • https://um.simpli.fi/aa_px?sk=214690604715007429985
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Wed, 29 Nov 2023 17:01:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=206C99B048774CB99E9DDE3E967775E8
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=206C99B048774CB99E9DDE3E967775E8&ripv6=2001:550:1d05:1::5
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=206C99B048774CB99E9DDE3E967775E8&ripv6=2001:550:1d05:1::5
Protocol
H3
Server
52.85.132.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-4.iad50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
via
1.1 f762d56afc88f7f52f51da3b63ad4658.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=206C99B048774CB99E9DDE3E967775E8&ripv6=2001:550:1d05:1::5
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
extnkh5POXko7qRRBoefwABOwPGM2KrRbtGJiIGCIYfRvIjhgPiSew==
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:206C99B048774CB99E9DDE3E967775E8
42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:206C99B048774CB99E9DDE3E967775E8
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 29 Nov 2023 17:01:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=206C99B048774CB99E9DDE3E967775E8
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=206C99B048774CB99E9DDE3E967775E8
Protocol
HTTP/1.1
Server
63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:49 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1701277309188015-129

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
400646.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=206C99B048774CB99E9DDE3E967775E8;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=206C99B048774CB99E9DDE3E967775E8;mimetype=img;sr
  • https://idsync.rlcdn.com/400646.gif?partner_uid=-5832167249831704185
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/400646.gif?partner_uid=-5832167249831704185
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp9.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://idsync.rlcdn.com/400646.gif?partner_uid=-5832167249831704185
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=206C99B048774CB99E9DDE3E967775E8&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=206C99B048774CB99E9DDE3E967775E8&j=0&xl8blockcheck=1
0
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=206C99B048774CB99E9DDE3E967775E8&j=0&xl8blockcheck=1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Wed, 29 Nov 2023 17:01:49 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=206C99B048774CB99E9DDE3E967775E8&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=206C99B048774CB99E9DDE3E967775E8
0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=206C99B048774CB99E9DDE3E967775E8
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=206C99B048774CB99E9DDE3E967775E8
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=206C99B048774CB99E9DDE3E967775E8
Protocol
HTTP/1.1
Server
52.206.243.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-243-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 29 Nov 2023 17:01:48 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=206C99B048774CB99E9DDE3E967775E8
62 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=206C99B048774CB99E9DDE3E967775E8
Protocol
H2
Server
23.47.69.85 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 29 Nov 2023 17:01:49 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
tpid=206C99B048774CB99E9DDE3E967775E8
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=206C99B048774CB99E9DDE3E967775E8
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=206C99B048774CB99E9DDE3E967775E8
Protocol
H2
Server
18.205.61.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-61-228.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.215
content-length
49
expires
0

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=206C99B048774CB99E9DDE3E967775E8
0
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=206C99B048774CB99E9DDE3E967775E8
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Wed, 29 Nov 2023 17:01:48 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=206C99B048774CB99E9DDE3E967775E8
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=877aa2ac-3d2d-4b7e-93ff-5f3572e91fc6
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=877aa2ac-3d2d-4b7e-93ff-5f3572e91fc6
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 29 Nov 2023 17:01:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=877aa2ac-3d2d-4b7e-93ff-5f3572e91fc6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1701277308622&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=565617423&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=f...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=565617423&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI0sKj7d...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=565617423&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI0sKj7dfpggMVKAloCB0rBwX0&is_vtc=1&ocp_id=fG5nZdKUNaiSoPMPq46UoA8&cid=CAQSKQDICaaNPEw2vIQvaqwV1qM_poik1WL5_HNITP1kguqXyEP1jRc38btf&random=538164355
Protocol
H3
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:49 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=565617423&cv=7&fst=1701277308622&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI0sKj7dfpggMVKAloCB0rBwX0&is_vtc=1&ocp_id=fG5nZdKUNaiSoPMPq46UoA8&cid=CAQSKQDICaaNPEw2vIQvaqwV1qM_poik1WL5_HNITP1kguqXyEP1jRc38btf&random=538164355
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=206C99B048774CB99E9DDE3E967775E8
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=206C99B048774CB99E9DDE3E967775E8
Protocol
H2
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
an-x-request-uuid
fbc1981b-f1e6-43bc-a1c1-7721c8a46c00
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=206C99B048774CB99E9DDE3E967775E8&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=206C99B048774CB99E9DDE3E967775E8&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=206C99B048774CB99E9DDE3E967775E8&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=206C99B048774CB99E9DDE3E967775E8
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=206C99B048774CB99E9DDE3E967775E8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=206C99B048774CB99E9DDE3E967775E8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 28 Nov 2023 17:01:48 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEJgPZhCMUjRNnQTVapvC_C8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=206C99B048774CB99E9DDE3E967775E8
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.150.170.96 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.170.150.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 28 Nov 2023 17:01:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 17:01:48 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYGOB,pingTime:0,time:2173,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:33%7D,%7Bpiv:100,vs:i,r:,t:2172%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:2172,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2165~0,1~100%5D,as:%5B2166~728.90%5D%7D%7D,%7Bsl:i,t:2172,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2165~0,1~100%5D,as:%5B2166~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:62,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:34,sis:287%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:48 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B88 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
99806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 13:18:22 GMT
expires
Wed, 27 Nov 2024 13:18:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9D68 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d0f33ca36407055531387baa1e36a655bad12d2773920fdb2e4d305ac0bad9f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xwxo7qy2TzSMJt2gBzsOmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heraldcourier.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xwxo7qy2TzSMJt2gBzsOmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 17:01:48 GMT
expires
Wed, 29 Nov 2023 17:01:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6B88 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
28282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 09:10:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9D68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=2449946456929069&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6B88 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Fagv-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:01:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-S5LKEZJN96&gtm=45je3b81v893785645&_p=1701277302927&gcd=11l1l1l1l1&dma=0&cid=1461267770.1701277304&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701277303&sct=1&seg=0&dl=https%3A%2F%2Fheraldcourier.com%2Fterms%2F&dt=Terms%20%7C%20heraldcourier.com&_s=2&tfd=7542
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5LKEZJN96&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heraldcourier.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heraldcourier.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=2449946456929069&bg=!JiWlJWrNAAZxrfrxUa07ADQBe5WfOAip7CRK28SAiPQYEHf9rB-tgkLfL0QY4uyQ54pqAaJM9OhJ1N9wiaq9qDIEBMn3AgAAAFlSAAAAC2gBB5kCt-nSCUyESY4ymMeVzXGzdNXgR0ZgYXC1DdVm8Aq5_8q3guQpOjQAzO76u8xQKbIapa4eQdjOcU_rSI_fYNi-RsHJHrdq5JNCvcueMlqAr4sjvb9KHSQgWzcutY_iTsBTpEPsIiGPWOepf3YXptdp_Ad7Ru5WbgJ3G4LV3UlUmLROBPerwyCVFju0Wi4XBhZ5oB2DxB5rrXkzK8J9Kg8Ts7wrncH0Dpl6En53BGBs4s5Dz0xmDki-wWgbPMsYX-CMtLhZl88Z7kfe_qTrc8JBMm8bFj7P7h126PGWco_3dangaMscxaWQLuT-5_IOE2l8u7KdF3OL8I3QD3y5-B6IKY0-D49v_vrMZqHQayenuvWqtOkzl5iuKBo4tHqO5drDYGj_KzqMYvTzVDsu2cKJ2bxaoKBgyd1XoDp-6zGfQLuVDRPTR7ny64U_E4bdPkgcuj-zUGWrZTZOwwY5W4JOdxmt2h5Sh1EafGsM53-y-slXR79bI7YF80sFWf9otUHjncnFfTbV_pf2HMHG4jwlQcR6yo07pXKLByKdXYIxMvbqN-j9vyq08BinZNyTZ2e6A_8WtqY-Dxcjesn8j_Dt3pK3DDAOwZUSq_XzHX4qrFkCYGfbAzN-XoyZvS0b-uSElA4rDpxkJ0DxJJ5yu0X880XizH_muCVKQNVW23e9W3NExh1iqTRUm7IDqOximEQvHT3amrj5iy0JGF4c-cmyYsU4ewIEVtPBTKIjxyIK2BknQYA1wnWJxI3Bycc79FAL1yq4nU7_3IqW_iTYKuVz_VyCaRe2W1mbhdEfwdjE4EW3kLmkxjlYEFZNKNqJZVFj0VQjfuD_UaEkz-4gItoDQEy42GP_CaQ6G0hXbvNnjfkWY7p8rMq6a56AaeZcEw6cFKIbQEzv8o4IURE8ZCQfJfLY3CXuHvMd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYH4K,pingTime:1,time:3174,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:33%7D,%7Bpiv:100,vs:i,r:,t:2172%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:2172,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2165~0,1~100%5D,as:%5B2166~728.90%5D%7D%7D,%7Bsl:i,t:2172,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:70,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:34,sis:287%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:49 GMT
server
nginx
x-server-name
dt33.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1341524&asId=8b1d601e-b277-b683-64a8-9f01895b59ab&tv=%7Bc:vkYH4K,pingTime:1,time:3174,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:33%7D,%7Bpiv:100,vs:i,r:,t:2172%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:2172,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2165~0,1~100%5D,as:%5B2166~728.90%5D%7D%7D,%7Bsl:i,t:2172,wc:0.0.1600.1200,ac:436.1110.728.90,am:i,cc:436.1110.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:70,fm:tX1gcu8+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C1a%7C1b*.1341524-76240919,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:34,sis:287,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heraldcourier.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 17:01:49 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Fheraldcourier.com

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture object| dataLayer boolean| tncms_access_control_sync boolean| LEE_DS_V3 function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset object| googletag object| PBJS_dfp_ads object| _aps boolean| apstagLOADED object| apstag undefined| amzHash undefined| amzToken object| APS_dfp_ads object| apscustom object| leeMembershipPackages object| pbjsChunk object| pbjs object| _pbjsGlobals function| throttleFunction function| lee_trkLinkSrc function| resizeIframe function| randomizeChildren function| getUserToken boolean| sUserUUID function| TNStats_Tracker object| TNTracker object| sUserPPID undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 object| lee_glus undefined| lee_glusIE object| sub_last_login_iso8601 object| BXsvKi2 function| BXsvKi3 object| xop object| -121gbr6cbjls object| 1mol8cwmzzeo function| lee_segment_audience function| messagingCallback object| PBJS_config string| PBJS_site object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| oFeaturedPackage object| u9vdhL2 function| u9vdhL3 function| xblocker object| EAKeKb function| EAKeKF object| xblacklist object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject function| ga function| __LEE object| d object| pl function| fbq function| _fbq object| PARSELY undefined| google_measure_js_timing number| google_unique_id object| gaGlobal string| aReferrer string| aNewReferrer object| analytics object| gaplugins object| sifi_att_1768153694538195 object| LI object| __li__evt_bus object| liQ object| liQ_instances function| _typeof object| _mather object| _matherq object| tid boolean| DFPMessageEnabled object| regeneratorRuntime object| ox_esp object| gaData object| __uid2SecureSignalProvider object| __uid2 object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext number| infolinks_pid object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 boolean| IL_INIT object| $iceboot object| INFOLINKS string| sUserId function| _defineProperty number| $iceId undefined| dl object| iqscript object| $jscomp function| getIfbip number| iqilsource function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array function| setImmediate function| clearImmediate object| ID5 function| _33AcrossPpidMappingsProvider function| _33AcrossIdMappingsProvider object| bubble object| skins object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| ILVideo function| __IntegralASAdPush object| googDdmPs object| GoogleGcLKhOms

168 Cookies

Domain/Path Name / Value
heraldcourier.com/terms Name: logglytrackingsession
Value: 1acf923f-2030-43b9-a712-3fe2b613975d
.liadm.com/j Name: lidid
Value: 9fd7051e-e094-4d8a-9fae-3499b258fe05
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDOFgoJCP____8HENgW
i6.liadm.com/s Name: _li_ss
Value: CgA
heraldcourier.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.heraldcourier.com/ Name: _pubcid
Value: 45cb42a4-2460-4599-990a-e428e7e44862
.simpli.fi/ Name: suid
Value: 206C99B048774CB99E9DDE3E967775E8
.heraldcourier.com/ Name: _li_dcdm_c
Value: .heraldcourier.com
.heraldcourier.com/ Name: _lc2_fpi
Value: 3f389ea64a07--01hge0f112ez6sxv0gj6t2dkqt
.heraldcourier.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1701277303842}
.heraldcourier.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://heraldcourier.com/terms/%22%2C%22sref%22:%22%22%2C%22sts%22:1701277303851%2C%22slts%22:0}
.heraldcourier.com/ Name: _ml_id
Value: c47fda6240fd23af.1701277304.1.1701277304.1701277304
.heraldcourier.com/ Name: _ml_ses
Value: *
.heraldcourier.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=d766750c-b9b7-4c07-b2f0-6a3f4cf3ffda%22%2C%22session_count%22:1%2C%22last_session_ts%22:1701277303851}
.heraldcourier.com/ Name: __gads
Value: ID=e583dfde9bd5c06a:T=1701277303:RT=1701277303:S=ALNI_Mbh7vJFqmON3BZ_xV603QzhAWearw
.heraldcourier.com/ Name: __gpi
Value: UID=00000a01e4b45b91:T=1701277303:RT=1701277303:S=ALNI_MblniKBQMf4GmxQTBwE3EfxeBH5uA
.heraldcourier.com/ Name: _ga_S5LKEZJN96
Value: GS1.1.1701277303.1.0.1701277304.59.0.0
.heraldcourier.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1701277304.1.0.1701277304.60.0.0
.adsrvr.org/ Name: TDID
Value: f667bb86-d4bf-4480-bd1b-33d60c80f690
.heraldcourier.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.heraldcourier.com/ Name: _ga
Value: GA1.2.1461267770.1701277304
.heraldcourier.com/ Name: _gid
Value: GA1.2.1803799661.1701277304
.heraldcourier.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.heraldcourier.com/ Name: _dc_gtm_UA-54716522-2
Value: 1
.openx.net/ Name: i
Value: 0110e293-59ed-42e9-9650-172e2f554de3|1701277304
.liadm.com/ Name: lidid
Value: 9fd7051e-e094-4d8a-9fae-3499b258fe05
.adnxs.com/ Name: uuid2
Value: 3620806462578181671
.heraldcourier.com/ Name: _fbp
Value: fb.1.1701277304411.2003402777
.yahoo.com/ Name: A3
Value: d=AQABBHhuZ2UCEOUrZ61Z-X7jmtr_BebQIL4FEgEBAQG_aGVxZdxH0iMA_eMAAA&S=AQAAAqDSisGtlcml-Xcjmv5K3OM
.heraldcourier.com/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1701277304434,"lastSynced":1701277304434}
.doubleclick.net/ Name: IDE
Value: AHWqTUmAuuseXp_QhE19NrfKjMgYyjG2kSirRDdpBqDQsLa_Ce6bOGXAlyx0Aux0Lc0
.heraldcourier.com/ Name: ajs_anonymous_id
Value: 6eaa5fb3-95e9-4136-a554-22157816bea1
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 037d4288-9376-4b86-ac39-fd694f59b609
.infolinks.com/ Name: cuid
Value: 94126c18-eb99-4941-96e8-02924107fb5a
.heraldcourier.com/ Name: _li_ss
Value: ChMKBgjdARDOFgoJCP____8HENgW
.heraldcourier.com/ Name: _li_ss_meta
Value: {%22w%22:1701277304926%2C%22e%22:1703869304926}
.infolinks.com/ Name: OXUSERCOOKIE
Value: f92bff5b-e3be-4a92-8d49-e834b3d5db8b
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm~A
.infolinks.com/ Name: ANUSERCOOKIE
Value: 3620806462578181671
.casalemedia.com/ Name: CMID
Value: ZWduecYvyfVFyPgUHOy9qAAA
.casalemedia.com/ Name: CMPS
Value: 5559
.casalemedia.com/ Name: CMPRO
Value: 5559
.amazon-adsystem.com/ Name: ad-id
Value: A7HWGx7Cb0mEurzKW0gERoc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.3lift.com/ Name: tluid
Value: 1099236787450585329372
.heraldcourier.com/ Name: cto_bundle
Value: YYWm_F8zQSUyQk9LN29ob0RGUUZWNHRZVGxtZ2IyM2pnMm4xWlFxajV2Rm92RkQ4ak5YdFREMzBkUVBpbUNXRGQ4QiUyRjc5RVBDbGhYUjd0cHJsNk5DbktCcURKOUFRSUJRM0ZXZ3J4MTJzS04xUjhKTFNYTjV4MUYzJTJGeVZhVnhxRHpTVFBlU1RFb1FzZGd1cEVNdk5xbWJjSmF1MDBCVFNmQ0dYS0xqVE1tNWtzT21NVEklM0Q
.pxl.iqm.com/ Name: infolink
Value: MTcwMjQ4NjkwNTA2MQ==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 3571bbc5-5d51-4ee7-a720-f2c4359d2d3d
.advertising.com/ Name: A3
Value: d=AQABBHluZ2UCEGVicQtoy0zTa4WA3BonW5kFEgEBAQG_aGVxZdxH0iMA_eMAAA&S=AQAAAp96Yz4gq9LcpNcqdbkKja8
.hb.yahoo.net/ Name: visitor-id
Value: 3442789051523512000V10
.hb.yahoo.net/ Name: data-ttd
Value: f667bb86-d4bf-4480-bd1b-33d60c80f690~~63
.go.sonobi.com/ Name: __uis
Value: 10374ec6-5eb8-464f-9db3-01113411b037
.go.sonobi.com/ Name: HAPLB8G
Value: s85121|ZWduf
.360yield.com/ Name: tuuid
Value: 48873cc0-6d77-4347-8843-af66d1f8a092
.360yield.com/ Name: tuuid_lu
Value: 1701277305
.sharethrough.com/ Name: stx_user_id
Value: 25254dbf-6fae-4c94-b482-b957062a5d4a
.rubiconproject.com/ Name: khaos
Value: LPK0KXZ3-K-B5EB
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.infolinks.com/ Name: IQMUS
Value: 3571bbc5-5d51-4ee7-a720-f2c4359d2d3d
.zemanta.com/ Name: zuid
Value: Jdi-O3-nPqSJOSeXUTQZ
.tapad.com/ Name: TapAd_TS
Value: 1701277305141
.tapad.com/ Name: TapAd_DID
Value: d0473bc4-61f1-4807-bfdc-b530f2b53b7b
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: 10374ec6-5eb8-464f-9db3-01113411b037
.infolinks.com/ Name: SHTUSERCOOKIE
Value: 25254dbf-6fae-4c94-b482-b957062a5d4a
.pubmatic.com/ Name: SyncRTB3
Value: 1702425600%3A220
.infolinks.com/ Name: TPLSERCOOKIE
Value: 1099236787450585329372
.intentiq.com/ Name: intentIQCDate
Value: 1701277305192
.intentiq.com/ Name: IQver
Value: 1.9
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG~A
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EC0DE233-2EF3-44EE-9B5B-047A2F057529
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 48873cc0-6d77-4347-8843-af66d1f8a092
.infolinks.com/ Name: IXUSERCOOKIE
Value: ZWduecYvyfVFyPgUHOy9qAAA&5559
.smartadserver.com/ Name: pid
Value: 5275041080711347650
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: Jdi-O3-nPqSJOSeXUTQZ
.33across.com/ Name: check
Value: true
.company-target.com/ Name: tuuid
Value: 85cf0e2b-4285-4f6d-b6d7-4d2330e0ec47
.company-target.com/ Name: tuuid_lu
Value: 1701277305|ix:0
.infolinks.com/ Name: EQVSERCOOKIE
Value: 5275041080711347650
.quantserve.com/ Name: d
Value: EBYBDQHFKs2aswA
.quantserve.com/ Name: mc
Value: 65676e79-52423-4e19f-8295f
.lijit.com/ Name: ljt_reader
Value: HvP9jLZHhwIVHYYIRGe3_3HF
.infolinks.com/ Name: QCUSERCOOKIE
Value: wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e
.media.net/ Name: visitor-id
Value: 3442789051523532000V10
.media.net/ Name: data-inf
Value: setstatuscode~~41
.infolinks.com/ Name: MNETUSERCOOKIE
Value: 3442789051523532000V10
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: HvP9jLZHhwIVHYYIRGe3_3HF
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8009-2!8009
.turn.com/ Name: uid
Value: 7669919475307365375
.amitydigital.io/ Name: lluid
Value: ce7defb9-4001-130a-f063-c77e322fa4a6
.amitydigital.io/ Name: llum
Value: eyJhbWQiOnsiMTEiOjE3MDEyNzczMDU1MzZ9fQ
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-08fd611b-d574-3f10-ab55-133423f2279e
.serverbid.com/ Name: CONSUMABLEID
Value: 9f104f8a99a3464f904f8a99a3264fa0
.infolinks.com/ Name: TAUSERCOOKIE
Value: d0473bc4-61f1-4807-bfdc-b530f2b53b7b
.adkernel.com/ Name: SSPZ
Value: 202694
.adkernel.com/ Name: DSP2F_40
Value: 639242
.adkernel.com/ Name: ADKUID
Value: A9185376858540384715
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005%22%2C%22nxtrdr%22%3Afalse%7D
.infolinks.com/ Name: CONSUSERCOOKIE
Value: 9f104f8a99a3464f904f8a99a3264fa0
.infolinks.com/ Name: AMDUSERCOOKIE
Value: ce7defb9-4001-130a-f063-c77e322fa4a6
.pubmatic.com/ Name: pi
Value: 60809:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.mgid.com/ Name: lmg_usr
Value: b22f9e7a-aa62-4982-974d-099b3ceff054
.mgid.com/ Name: lmg_r
Value: 13
.csync.loopme.me/ Name: viewer_token
Value: 145c1539-aaff-492e-b552-edc3189dcb6b
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3sjACUkamhhZCfIa6YQX-LmkZnrnBmbrJAIbj7IIkAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzI3sjACUkamhhZCfIa6YQX-LmkZnrnBmbrJAIbj7IIkAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slzmtobmBoZG5ubGBqZmoJAKPxtfUQAAAA
.infolinks.com/ Name: MGIDUSERCOOKIE
Value: b22f9e7a-aa62-4982-974d-099b3ceff054
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 968907272820722518
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: 86030873-84ae-45c7-afc4-b6be0127f315
.prebid.a-mo.net/ Name: sd_amuid2
Value: 86030873-84ae-45c7-afc4-b6be0127f315
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005%22%7D
.infolinks.com/ Name: KADUSERCOOKIE
Value: EC0DE233-2EF3-44EE-9B5B-047A2F057529~1701285081897
.infolinks.com/ Name: 152USERCOOKIE
Value: A9185376858540384715
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.infolinks.com/ Name: URUSERCOOKIE
Value: RX-c4850ab1-c311-4e89-8dbd-8c5807f1e08c-005
.id5-sync.com/ Name: id5
Value: af9de9db-b87d-7eeb-bff5-294ef572d50b#1701277305860#2
.ctnsnet.com/ Name: cid
Value: da5f7e1253224df7bc6ab65f3fd79b93
.a-mx.com/ Name: amdt_t
Value: p::1701277306368
.a-mx.com/ Name: amuid2
Value: 86030873-84ae-45c7-afc4-b6be0127f315
.ctnsnet.com/ Name: cid_c93fc6010f654086b30572bc36252244
Value: 1
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.gumgum.com/ Name: vst
Value: u_0d257e7c-a118-4a85-805d-87b17384eb86
.openx.net/ Name: pd
Value: v2|1701277304.3|vPvMgakWgy.iKbwuYhEgKg2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWduewADRb6lpgBU
.doubleclick.net/ Name: APC
Value: AfxxVi7wEGNXOJD0kcxTLVxChdJghlH24QBbOsk3my8IoxRmJbSXwA
.pippio.com/ Name: did
Value: Hxca96TM_C-CfX3r
.pippio.com/ Name: didts
Value: 1701277307
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPvcnasGEgYIgr0rEAA=
.lijit.com/ Name: _ljtrtb_58
Value: EC0DE233-2EF3-44EE-9B5B-047A2F057529
.linkedin.com/ Name: li_sugr
Value: 82b988db-4915-42c6-9266-56eb1d05c528
.linkedin.com/ Name: bcookie
Value: "v=2&18a3c0ed-780d-4709-8bc2-dbdb71224676"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2640:u=1:x=1:i=1701277307:t=1701363707:v=2:sig=AQH3qexnMLq9BXji2qEQlKInm6EIy7oU"
.lijit.com/ Name: ljtrtb
Value: eJyrVjK1ULJScnU2cHE1MjbWNXJ1M9Y1MXF11bV0MnXSNTAxdzRyMzA1NzWyVKoFAOdTChk%3D
.lijit.com/ Name: _ljtrtb_92
Value: 3620806462578181671
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIYXBwbmV4dXMSCwjeyKfg3MG4PBAFEhkKCnJpZ2h0bWVkaWESCwiI6qfg3MG4PBAFEhYKB3J1Ymljb24SCwjsp9ri3MG4PBAFEhUKBmdvb2dsZRILCKyS5Ofcwbg8EAUSFAoFdGFwYWQSCwjWuP7m3MG4PBAFGAEgASgCMgsI5LTbsfPBuDwQBTgBWgc4aDl1MTFoYAI.
.id5-sync.com/ Name: 3pi
Value: 2#1701277307302#1758738697#3620806462578181671|434#1701277308251#498292269|264#1701277308464#-1905385916#f667bb86-d4bf-4480-bd1b-33d60c80f690|441#1701277307082#-1525271320#u_0d257e7c-a118-4a85-805d-87b17384eb86|1242#1701277307673#1646545113|108#1701277306675#-1473302182|429#1701277306467#-914946795#EC0DE233-2EF3-44EE-9B5B-047A2F057529|1246#1701277307910#1646545113
.simpli.fi/ Name: uid_syncd_secure
Value: true
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:206C99B048774CB99E9DDE3E967775E8&KRTB&23486-uid:206C99B048774CB99E9DDE3E967775E8&KRTB&23489-uid:206C99B048774CB99E9DDE3E967775E8&KRTB&23539-uid:206C99B048774CB99E9DDE3E967775E8
.pubmatic.com/ Name: PugT
Value: 1701277308
.rubiconproject.com/ Name: audit
Value: 1|vN2P1NvijHwudIQQGPmyiT14HTC7cmJJ7oRLEwOsLus8fCYmOTvXg4yct/knzCt9KI47N9FAb5Rw0S94mtzOH0pB9H8pjytykCdHvyxZSdZc7HKQO+cD1m7lJzPNtcN7lhWOajjCAKFug9KeewBO2m/1IFhh47mFi8N7BAmaQgdJt49mPrPRUFyo1mMSXCQ85kHVXO4iITS/uI9Aj+Yjkr7KKI+4mJy3oGirqm5gUhh8KMm0j6uXBGY3KwFBcKEE94+z9/eToJrLtHkR71fkUv/JTzblBZm7jOq1oSpaE+yma+WVcS1g3g==
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2fbt:19e0~2fbt:19cy~2fbt:18xp~2fbt:19a0~2fbt:18za~2fbt:176k~2fbt"
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Il`pS-.N!]tbPl1N!7On*M$=BWbggm>Jrfm^o6lybo%foWZkie)5Yk`aItlycb:jS(6CW`pkW/X%W#.wL4W1Qw23@z%+d
.rlcdn.com/ Name: pxrc
Value: CPvcnasGEgUI6AcQABIFCOhHEAASBgi46wEQAQ==
.agkn.com/ Name: ab
Value: 0001%3A3BfNtFm6%2F%2B%2Faszt2g8Of2fXKAsZePKRq
.smaato.net/ Name: SCM
Value: b79e8eed1d
.smaato.net/ Name: SCMt
Value: b79e8eed1d
.smaato.net/ Name: SCM1001136
Value: b79e8eed1d
.pro-market.net/ Name: anProfile
Value: "-18b5uquydr81l+1+1f=1+1g=1+1j=57:1+rs=s+rt=200105501D0500010000000000000005+s2=(s4w9z1)+vm=24-206C99B048774CB99E9DDE3E967775E8"
.pro-market.net/ Name: anHistory
Value: "-18b5uquydr81l+2+!#7%/%f!aa#"
.rlcdn.com/ Name: rlas3
Value: AaZflg3tkc22/I2mtJvh5E/eDLVxh2uCwuQRPuBrusw=
.bfmio.com/ Name: __141_cid
Value: 206C99B048774CB99E9DDE3E967775E8
.bfmio.com/ Name: __io_cid
Value: fee2ab2b011ee64f499f4d17f62993579d4a9f15
.exelator.com/ Name: EE
Value: "e771e521523a9870eccf231927d49d84"
.ads.stickyadstv.com/ Name: UID
Value: d2f77e4ca86262b3efb055ec231c7d
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 206C99B048774CB99E9DDE3E967775E8
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHV3Nww1dTI0NTIONHSwtwgNTk5zcjY0NLIPMXEMsXCZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6otDgxUUpaQyLSopPBR%252FjYwEAdagpDQ%253D%253D"
.taboola.com/ Name: t_gid
Value: 5eb46155-58c6-4a0e-bba3-ed2bee9235bf-tuctc60f3fd
.taboola.com/ Name: t_pt_gid
Value: 5eb46155-58c6-4a0e-bba3-ed2bee9235bf-tuctc60f3fd
.agkn.com/ Name: u
Value: C|0AAAAAAAALPoq_QAAAAAA
.bluekai.com/ Name: bku
Value: blx99cNrjtURdM1R
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE/yBA18mD/yBeQlBpHexMA8HEkWHWDpHEAtBpzlBDDT9y9GYyr0

13 Console Messages

Source Level URL
Text
javascript error URL: https://heraldcourier.com/terms/
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Fheraldcourier.com' from origin 'https://heraldcourier.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Fheraldcourier.com
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://tagan.adlightning.com/leeenterprises/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/leeenterprises/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fheraldcourier.com%2Fterms%2F
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=190702&iiqidtype=2&iiqpcid=fb7f7b16-5d85-41d4-9566-1a598f46adb6&iiqpciddate=1701277305005&tsrnd=178_1701277305006&fbp=646215235&jsver=5.36&abtp=100&abtg=A&ripv6=2001:550:1d05:1::5
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=94126c18-eb99-4941-96e8-02924107fb5a&3rddpi=2023874098&3rdpcid=ZWduecYvyfVFyPgUHOy9qAAA%265559&3rddpi=1810047279&3rdpcid=3571bbc5-5d51-4ee7-a720-f2c4359d2d3d&3rddpi=1639354730&3rdpcid=y-96zksLBE2uFcOy_8_UmvPj6lpZbdpycG%7EA&3rddpi=1634346717&3rdpcid=Jdi-O3-nPqSJOSeXUTQZ&3rddpi=1213503647&3rdpcid=y-C6DhEGlE2uJItmmJW1yJGVetVfr3Nvbm%7EA&3rddpi=1239766150&3rdpcid=f92bff5b-e3be-4a92-8d49-e834b3d5db8b&3rddpi=443164713&3rdpcid=wKYZTcD2GEPbph1OxKACTpOiFhzbqx1Dw_X_En4e&ripv6=2001:550:1d05:1::5
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://resources.infolinks.com/js/1895.006-3.034/in_search.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=206C99B048774CB99E9DDE3E967775E8
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=206C99B048774CB99E9DDE3E967775E8&ripv6=2001:550:1d05:1::5
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33e5e787848bfcd152663152def0ae2c.safeframe.googlesyndication.com
a.ctnsnet.com
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.stickyadstv.com
ads.yahoo.com
ampcid.google.com
analytics.google.com
ap.lijit.com
api.intentiq.com
api.segment.io
b-code.liadm.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beap-bc.yahoo.com
bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.ctnsnet.com
cdn.id5-sync.com
cdn.js7k.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.prod.uidapi.com
cdn.segment.com
cdnjs.cloudflare.com
ce.lijit.com
cm-x.mgid.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
connectid.analytics.yahoo.com
cs.media.net
csync.loopme.me
d.agkn.com
d1eoo1tco6rr5e.cloudfront.net
de.tynt.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
eb2.3lift.com
email.mail.heraldcourier.com
esp.rtbhouse.com
fei.pro-market.net
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
heraldcourier.com
i.ctnsnet.com
i.liadm.com
i.simpli.fi
i6.liadm.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
insight.adsrvr.org
invstatic101.creativecdn.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lexicon.33across.com
loadm.exelator.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
ox-rtb-us-west1.openx.net
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
pxl.iqm.com
resources.infolinks.com
router.infolinks.com
rp.liadm.com
rp4.liadm.com
rt3006.infolinks.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
sli.heraldcourier.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bfmio.com
sync.go.sonobi.com
sync.intentiq.com
sync.taboola.com
sync.targeting.unrulymedia.com
syncv4.intentiq.com
tag.simpli.fi
tagan.adlightning.com
tags.crwdcntrl.net
tpc.googlesyndication.com
tracker.exchange.amitydigital.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
c.amazon-adsystem.com
104.16.132.24
104.18.35.167
107.178.250.234
107.178.254.65
108.138.107.138
108.138.64.70
108.138.85.84
13.225.214.117
131.153.242.59
141.226.224.48
142.250.65.226
142.250.80.34
147.135.71.152
147.28.129.140
15.197.193.217
151.101.66.49
159.89.246.130
162.19.138.118
162.19.138.83
162.248.18.32
162.248.18.37
172.217.13.102
172.217.13.194
172.64.151.101
172.66.41.9
174.137.133.32
18.160.10.101
18.204.149.50
18.205.61.228
18.233.217.217
18.238.55.155
18.67.65.21
192.104.183.209
199.127.204.171
199.38.167.131
2001:4998:14:800::1001
23.197.44.21
23.44.201.172
23.47.69.85
23.83.76.38
2600:141b:1c00:22::1730:e071
2600:1901:0:8eee::
2600:1f18:1aca:4282:63f3:d4d2:b31a:7f68
2600:1f18:2352:af01:a505:9a1:892d:586b
2600:1f18:4e9:5a05:5fe:b313:24e7:89dd
2600:1f18:612b:4216:c60f:823f:3002:28a0
2600:1f18:730:b130:f3cf:b4f3:7358:30cb
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:1f18:ed:550a:3539:381b:7999:2df1
2600:9000:2073:e800:1b:6b7d:2300:93a1
2600:9000:20e2:2c00:d:e169:8180:93a1
2600:9000:2199:5600:a:e047:753:a221
2600:9000:2199:9800:19:fc2c:a140:93a1
2600:9000:2305:2400:1b:5138:8a40:93a1
2600:9000:2479:8000:10:dd8:5e40:93a1
2600:9000:247b:9800:8:48e:53c0:93a1
2600:9000:2509:ae00:8:8845:1500:93a1
2606:4700:10::6816:3456
2606:4700::6811:180e
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:80f::2006
2607:f8b0:4006:81e::2003
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2008
2607:f8b0:4020:806::200a
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::200e
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2a02:6ea0:c400::11
2a03:2880:f082:108:face:b00c:0:3
2a03:2880:f175:181:face:b00c:0:25de
2a04:4e42:600::485
3.213.22.88
3.225.218.10
34.102.146.192
34.111.113.62
34.120.107.143
34.150.170.96
34.96.70.202
34.96.70.87
34.96.71.22
34.98.64.218
35.173.27.72
35.186.193.173
35.190.39.111
35.214.249.145
35.227.210.113
35.227.252.103
35.244.154.8
35.244.159.8
35.244.193.51
35.245.15.98
35.71.139.29
37.157.6.237
44.206.156.153
44.217.34.149
44.240.52.117
50.31.142.127
51.222.239.230
52.0.156.250
52.1.148.234
52.206.243.9
52.46.151.131
52.71.26.24
52.85.130.144
52.85.131.58
52.85.132.4
54.144.144.142
54.175.178.6
63.251.28.133
63.251.86.49
63.251.86.51
67.202.105.21
67.202.105.31
68.67.160.132
69.166.1.66
69.173.151.100
74.119.119.139
74.119.119.150
8.2.110.161
8.28.7.81
8.28.7.84
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
064d52b83d70e05ddccb8aec25977b6505b9352e9c09f0a871521935f33c33bc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e293eed3942549d18a5a17e758b9fbbaa000cce0765be57ac691dba9278324
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
07f79eb8ec21d5a6c12b82e8f3fee37e02a4ea0bae7d3b9f3180de11430e9a8c
0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df4b97f1ae6bb811bfdfd2fcff694a3daee088859390a18ae113ae462095c2c
0f7c3c39e30c27c79d8e999295d4577d6fc904e3bd5cc381ceb9491377c238be
112fc1c974794547e34e11a8b132246c520853835de0a3226d6935d91bae252d
1186699d4cc78d7acd98f87883b1434fa96f46c29aafba60659b1f97814fd3d7
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d0f33ca36407055531387baa1e36a655bad12d2773920fdb2e4d305ac0bad9f
1e4eef4c41b41cfbd5d538126113e844382a4ae1a96dad3db96c795a1966ea10
202c962a99f85c64d314bbb3878fbe75c23b6a2c7d7406a2ecff72e17a354f5d
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
299276c9934ddc6d2d9f129004e6f0bf3008e0a265568e19c5c6ea9e8afe0b78
2bfc998e5f0e163f72831507b5a1090cda67d55399af648ec8e61b437687541a
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2f3d50dd8a597bd5f798cce6a50e83c70de669e05e1608a44b6946df1faf3acb
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fab007bf0e62a9458be4c17ddc938c6ca5e2338a7ff316652a42e69104175f7
31f93bcb8996d23740082c728e84f43c45b9ca6f10bbc7c9fad5c230ab13f77f
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
32ce8831ec40ec80fc1ee005461cda6e87e1f905e548ebe4990d7fb9e79cad00
342dbd3a86ee265d0ad082f4056e43266d64b4be6b5bc010c78ac2035ae35845
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
429fdbb5e8c3909eb32672b98824ff8238f074adbac5cca095e485e60e46a26f
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45d78b1f5345a73f6821bac10d154a1b8e128920f08d149b95f25477726cd24b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4a31894ecca45b8d1c2a155ceca79ba3acbb405e81e179d6949bd75d6e54dd55
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4c0867ff49805574426a7a89e712807767fa9b2452c526736947e2b897a080ad
4c35a725ae1976af59c99556ad69e993dd9cf474033a75bb9406d59819d573d4
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4d1b618b508d6e2c3ab4c4d98feeddfdb66e6d87d9dcfd88097f1d85480c3af0
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527718fd2692a8581d7fb4e3d42fed33df4b4dc56632b1cc06344180902e5ef3
53dc734ffb59d12c95d43922e11e095f08dd7b31434e7a148eb25da6b89b2c0d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
547a72f5d48add2256dff4288ae01474b730771417eb6617b15a0ce32e76e6ba
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f295553fdda2a7f1ee0e5dab92d82f2bace1df0a781117dee1cb06eacbf891
59ddf97f6e2d2c730808590edffb1c8caf4569dc1f10eb24c374e445911e6841
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
63af77ea83054bc496c80a959cdc083aff021ddabc09ddd062e83387793b7672
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
6aae7f75d4e9d64e3b5b45d43d9436254fb8f4a728d125657bb10f5d85c7f5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6f51a6c198098962b9964f82a32f054e1c72b4b68e2a2a908be3c4dbef300198
6fefff83d851fd62045a9deffad1b28c16e6096ae03b83c1124f5dfaf0978c47
71cb550e3eed0fa766ffd5596c6d7fd0460a06fca3483d762d0b0fd36731a100
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
75135eec5c1ecd2b54156909df2085642fe54f8285f2598232e77b737e81e071
76460f1cd530a92dcb3d35468233b10d40dcb0ea7595aceb225104e63c3b78bc
77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0
78d91932d8ff8bcdcf1894bff00d36f7b6a52f8ec3f2856210bafe03d517a74b
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7b2b9ab11a16617072cc516a3bd60e851a514cd11fab94b9f54358041f152fbf
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7e66a532873f68094dc67ae290748e89c626a4a5a7d2d22b8a216ea64d4261af
84f1c50bf0e9ba617aa63fe19f1a6026d6c424771fffcbfa3f9bb14ba95d59d9
896844791f2af1c6b613206783aedddf9e4875448313c72e45c48f81758a614d
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9453c81287d37b52d6364987b4fe7618de7f9761f3d6805432132efa7d5d2c60
9470010730b754d8563690539a873235785bfd53e4af5cd93e0b08567d76c45e
94797b49c9ff38894a75cc56f1bb1e23d95358f5f31775e99a559da64f6cf6b9
96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
996fb823ccbf459caabd64b16ae50cd264cf8a1ba0611dc3a675d6e91cd43465
9ab392947205dd2e6de1de901ce8f92740cfb231b63570400b3628b3ea17d2bb
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9fdef11b3bd321cfa04ac052c402517bbeb47a3ce342d862e2fd536357083c41
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2abf60298591077c6d5b81d97380295dd942ef36095adf4de1ee06f90077545
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
ac8f4f4da1c6f25f2a15dc81b1930426ef200d4f3dca714de99fb836e064b87a
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e1016e4763ab12a380d88045f29a23cb9b335fa809dd407f709deb5128ee3c
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf8a676a7f02c526c2946d58540257c34ef4a32ccd46787e08a031073b4ff642
c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5194891d3a8501374db8afe22463ed2a49fa28f22eaa4a1991d2e6e8a15191e
c5c357a5e69089e5088279fc5aaa5663d088815b3408a005dd6bc93b50bf7745
c634d2011384186b21f8beba49e2f033f046fdf6f212c6fe2166302af82804bb
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb043f0f838ad8efa8231e3d7f246941b227e5ff46a04f16dc7a35915c3f1f36
cb27a1a24844c4ee744ea6e0d609dcbd9c01f09cfdf64d993e0dceb15fb725e1
ce73e0975007bdcf1d5504751d38fb7bb83a34db40933a3b87563579aacb4a13
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d66f1f4594f699286dec808e51806afc999486fb892716c98c4cfccda23cadd9
d6875d8168455f3b7d2e088dac0d6c6fd00113b44e1486c98d962720346755ce
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d84532b9d6c19ed705018ea2a7267d2703391beebcdb841c658971af7378474b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de0ce030643fe155dcd3d3dd803b7f90cb7aee4ef7460efe314609f41e128311
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13b6459a16c15811869352bd725512cb906f8ba608593f17621ec77c63626df
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d5f82ba96ac7351d63210a99685037c34a3a58f07478a78f9004347722190e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e88bc41dfc3e11b318a5a3eeeb403b70f98705db64962f4647a3ad2cb9083aa6
ead0377f42c765956c3ad32bff805976210cd302b7e1254e06603675d733f247
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f9d12e73ab23d20eeae3dd8e215f653e1952cc9c99a56d003950c82493b5ae5c
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
fda53680ea3947751fc9e2f9eb4df514f3eca4db0d199af4b396cf551848248e