Submitted URL: https://heraldnet.com/
Effective URL: https://www.heraldnet.com/
Submission: On April 19 via api from CH

Summary

This website contacted 85 IPs in 9 countries across 77 domains to perform 427 HTTP transactions. The main IP is 104.198.41.198, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.heraldnet.com.
TLS certificate: Issued by R3 on February 21st 2021. Valid for: 3 months.
This is the only time www.heraldnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.198.41.198 15169 (GOOGLE)
60 108.161.188.228 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 100.24.222.120 14618 (AMAZON-AES)
1 13.33.139.109 16509 (AMAZON-02)
4 184.30.21.80 16625 (AKAMAI-AS)
1 2600:9000:219... 16509 (AMAZON-02)
1 13.224.102.117 16509 (AMAZON-02)
1 1 52.74.95.103 16509 (AMAZON-02)
2 185.59.220.197 60068 (CDN77 (^_^)/)
6 2a00:1450:400... 15169 (GOOGLE)
1 192.0.123.248 2635 (AUTOMATTIC)
5 13.32.25.38 16509 (AMAZON-02)
1 216.17.34.116 10242 (USINTERNET)
4 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
8 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
21 34.225.145.231 14618 (AMAZON-AES)
1 2 107.178.250.234 15169 (GOOGLE)
7 2a03:2880:f02... 32934 (FACEBOOK)
14 161.129.63.206 393527 (ICANON)
28 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
27 142.250.186.98 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.108.145.205 16625 (AKAMAI-AS)
5 13.224.102.29 16509 (AMAZON-02)
1 13.224.102.5 16509 (AMAZON-02)
2 54.166.210.103 14618 (AMAZON-AES)
5 2a03:2880:f12... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 89.187.169.26 60068 (CDN77 (^_^)/)
2 13.224.102.4 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
1 2606:2800:234... 15133 (EDGECAST)
3 2a04:4e42:3::626 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.8 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.26.138.29 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.127 22075 (AS-OUTBRAIN)
2 11 72.251.249.14 29791 (VOXEL-DOT...)
3 13.224.103.105 16509 (AMAZON-02)
3 161.129.63.157 393527 (ICANON)
1 34.117.123.47 15169 (GOOGLE)
1 216.52.2.19 30282 (AS-INAPCD...)
1 104.111.233.227 16625 (AKAMAI-AS)
1 2 35.227.248.159 15169 (GOOGLE)
1 3.125.70.222 16509 (AMAZON-02)
3 3 52.30.140.199 16509 (AMAZON-02)
14 72.251.249.9 29791 (VOXEL-DOT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 18.195.54.133 16509 (AMAZON-02)
3 6 142.250.186.162 15169 (GOOGLE)
1 2 52.95.123.41 16509 (AMAZON-02)
1 1 52.21.173.249 14618 (AMAZON-AES)
4 4 213.19.147.151 26120 (RHYTHMONE)
1 2 159.253.128.188 36351 (SOFTLAYER)
2 5 18.202.255.125 16509 (AMAZON-02)
2 2 18.158.22.14 16509 (AMAZON-02)
1 104.108.144.24 16625 (AKAMAI-AS)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 52.49.202.212 16509 (AMAZON-02)
1 69.173.151.90 26667 (RUBICONPR...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
1 1 66.155.71.149 13768 (COGECO-PEER1)
3 3 185.184.8.30 204995 (RTB-HOUSE...)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 198.148.27.140 19189 (PULSEPOINT)
2 3 185.33.223.178 29990 (ASN-APPNEX)
3 3 185.29.132.144 30419 (MEDIAMATH...)
1 1 46.228.164.13 56396 (TURN)
6 184.30.20.198 16625 (AKAMAI-AS)
2 7 35.244.159.8 15169 (GOOGLE)
1 15 54.246.18.165 16509 (AMAZON-02)
2 2 37.157.4.25 198622 (ADFORM)
39 94.31.29.29 6461 (ZAYO-6461)
4 5 70.42.32.63 13789 (INTERNAP-...)
2 2 184.30.20.241 16625 (AKAMAI-AS)
1 54.87.192.123 14618 (AMAZON-AES)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 34.203.138.195 14618 (AMAZON-AES)
1 132.226.41.106 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 35.156.198.184 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
1 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.55 4694 (IDCF IDC ...)
1 185.64.190.78 62713 (AS-PUBMATIC)
5 2a00:1450:400... 15169 (GOOGLE)
2 23.111.9.203 33438 (HIGHWINDS2)
2 18.211.226.152 14618 (AMAZON-AES)
1 2600:9000:219... 16509 (AMAZON-02)
1 54.85.197.32 14618 (AMAZON-AES)
2 54.234.151.247 14618 (AMAZON-AES)
2 23.20.158.212 14618 (AMAZON-AES)
2 99.83.181.31 16509 (AMAZON-02)
427 85
Apex Domain
Subdomains
Transfer
60 netdna-ssl.com
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
6 MB
41 flx10.com
tj6w5.flx10.com
tqe36.flx10.com
k3vzn.flx10.com
440 KB
37 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
173 KB
28 googlesyndication.com
pagead2.googlesyndication.com
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
tpc.googlesyndication.com
472 KB
28 gstatic.com
fonts.gstatic.com
329 KB
27 lijit.com
ap.lijit.com
gslbeacon.lijit.com
vap1ams1.lijit.com
pxdrop.lijit.com
ce.lijit.com
68 KB
22 blueconic.net
cdn.blueconic.net
soundpublishing.blueconic.net
331 KB
19 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
342 KB
17 newzware.com
everettweb.newzware.com
everett.newzware.com
45 KB
15 gumgum.com
rtb.gumgum.com
5 KB
11 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
onetag-geo-grouping.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
24 KB
8 googletagservices.com
www.googletagservices.com
264 KB
8 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
sync.outbrain.com
61 KB
7 openx.net
us-u.openx.net
eu-u.openx.net
2 KB
7 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
53 KB
6 google.com
www.google.com
adservice.google.com
767 B
6 google-analytics.com
www.google-analytics.com
38 KB
6 userway.org
cdn.userway.org
api.userway.org
27 KB
6 recruitology.com
widgets.recruitology.com
api.recruitology.com
26 KB
6 googletagmanager.com
www.googletagmanager.com
216 KB
5 ampproject.org
cdn.ampproject.org
108 KB
5 adsrvr.org
data.adsrvr.org
match.adsrvr.org
2 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
37 KB
5 facebook.com
www.facebook.com
14 KB
4 powerad.ai
powerad.ai
reporting.powerad.ai
31 KB
4 facebook.net
connect.facebook.net
162 KB
4 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
41 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 adnxs.com
secure.adnxs.com
2 KB
3 creativecdn.com
creativecdn.com
990 B
3 1rx.io
sync.1rx.io
2 KB
3 crwdcntrl.net
bcp.crwdcntrl.net
2 KB
3 fbcdn.net
static.xx.fbcdn.net
250 KB
3 jwpcdn.com
ssl.p.jwpcdn.com
115 KB
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
22 KB
3 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
1 KB
3 automatad.com
go.automatad.com
b2cdn.automatad.com
83 KB
2 brainlyads.com
hb.brainlyads.com
126 KB
2 everesttech.net
sync-tm.everesttech.net
627 B
2 360yield.com
ad.360yield.com
618 B
2 casalemedia.com
ssum-sec.casalemedia.com
2 KB
2 adform.net
c1.adform.net
926 B
2 contextweb.com
bh.contextweb.com
786 B
2 rfihub.com
p.rfihub.com
1 KB
2 rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-eu.rubiconproject.com
478 B
2 quantserve.com
pixel.quantserve.com
914 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 simpli.fi
um.simpli.fi
841 B
2 bidswitch.net
x.bidswitch.net
291 B
2 tapad.com
pixel.tapad.com
916 B
2 twitter.com
platform.twitter.com
syndication.twitter.com
20 KB
2 google.de
www.google.de
214 B
2 jwplayer.com
cdn.jwplayer.com
entitlements.jwplayer.com
37 KB
2 heraldnet.com
heraldnet.com
www.heraldnet.com
32 KB
1 chartbeat.net
ping.chartbeat.net
169 B
1 chartbeat.com
static.chartbeat.com
14 KB
1 socdm.com
tg.socdm.com
699 B
1 emxdgt.com
cs.emxdgt.com
1 unrulymedia.com
sync.targeting.unrulymedia.com
585 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 yahoo.com
pr-bh.ybp.yahoo.com
834 B
1 stackadapt.com
sync.srv.stackadapt.com
168 B
1 turn.com
d.turn.com
418 B
1 sitescout.com
pixel-sync.sitescout.com
270 B
1 bidr.io
match.prod.bidr.io
111 B
1 media.net
contextual.media.net
371 B
1 clickagy.com
aorta.clickagy.com
664 B
1 eyeota.net
ps.eyeota.net
344 B
1 2mdn.net
s0.2mdn.net
17 KB
1 cloudflare.com
cdnjs.cloudflare.com
3 KB
1 newsmemory.com
heraldnet-wa.newsmemory.com
38 KB
1 polldaddy.com
secure.polldaddy.com
7 KB
1 newsengin.com
everett-tpweb.newsengin.com
2 KB
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
427 77
Domain Requested by
60 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com www.heraldnet.com
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
33 k3vzn.flx10.com www.heraldnet.com
tj6w5.flx10.com
28 fonts.gstatic.com fonts.googleapis.com
27 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.heraldnet.com
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
21 soundpublishing.blueconic.net cdn.blueconic.net
www.heraldnet.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
www.heraldnet.com
tpc.googlesyndication.com
15 rtb.gumgum.com 1 redirects gslbeacon.lijit.com
rtb.gumgum.com
15 fonts.googleapis.com ajax.googleapis.com
securepubads.g.doubleclick.net
tj6w5.flx10.com
14 ce.lijit.com www.heraldnet.com
gslbeacon.lijit.com
us-u.openx.net
rtb.gumgum.com
14 everettweb.newzware.com 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
everettweb.newzware.com
9 ap.lijit.com 2 redirects get.s-onetag.com
ap.lijit.com
www.heraldnet.com
gslbeacon.lijit.com
8 www.googletagservices.com www.heraldnet.com
securepubads.g.doubleclick.net
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
6 tj6w5.flx10.com d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
tj6w5.flx10.com
6 ads.pubmatic.com gslbeacon.lijit.com
ads.pubmatic.com
rtb.gumgum.com
6 cm.g.doubleclick.net 3 redirects gslbeacon.lijit.com
us-u.openx.net
rtb.gumgum.com
6 pagead2.googlesyndication.com srcdoc
www.googletagservices.com
www.heraldnet.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 www.googletagmanager.com www.heraldnet.com
www.googletagmanager.com
powerad.ai
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 us-u.openx.net 2 redirects gslbeacon.lijit.com
us-u.openx.net
5 www.google.com www.heraldnet.com
securepubads.g.doubleclick.net
5 www.facebook.com www.heraldnet.com
secure.polldaddy.com
connect.facebook.net
5 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
5 widgets.recruitology.com www.heraldnet.com
widgets.recruitology.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 match.adsrvr.org 2 redirects us-u.openx.net
rtb.gumgum.com
4 d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 stats.g.doubleclick.net www.google-analytics.com
4 connect.facebook.net www.heraldnet.com
connect.facebook.net
soundpublishing.blueconic.net
4 cdn.userway.org www.heraldnet.com
cdn.userway.org
3 sync.mathtag.com 3 redirects
3 secure.adnxs.com 2 redirects gslbeacon.lijit.com
3 creativecdn.com 3 redirects
3 sync.1rx.io 3 redirects
3 bcp.crwdcntrl.net 3 redirects
3 everett.newzware.com www.heraldnet.com
3 c.amazon-adsystem.com 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
c.amazon-adsystem.com
3 static.xx.fbcdn.net www.facebook.com
3 ssl.p.jwpcdn.com cdn.jwplayer.com
3 widgets.outbrain.com www.heraldnet.com
widgets.outbrain.com
2 hb.brainlyads.com powerad.ai
2 reporting.powerad.ai powerad.ai
2 powerad.ai www.heraldnet.com
powerad.ai
2 tqe36.flx10.com tj6w5.flx10.com
2 sync-tm.everesttech.net 2 redirects
2 ad.360yield.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 c1.adform.net 2 redirects
2 eu-u.openx.net us-u.openx.net
2 bh.contextweb.com 2 redirects
2 p.rfihub.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 um.simpli.fi 1 redirects gslbeacon.lijit.com
2 aax-eu.amazon-adsystem.com 1 redirects gslbeacon.lijit.com
2 x.bidswitch.net gslbeacon.lijit.com
rtb.gumgum.com
2 pixel.tapad.com 1 redirects www.heraldnet.com
2 vap1ams1.lijit.com www.heraldnet.com
2 log.outbrainimg.com widgets.outbrain.com
2 api.userway.org cdn.userway.org
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 obs.cheqzone.com ob.cheqzone.com
www.heraldnet.com
2 onetag-geo-grouping.s-onetag.com signal-beacon.s-onetag.com
2 www.google.de www.heraldnet.com
2 www.i.matheranalytics.com www.heraldnet.com
2 js.matheranalytics.com 1 redirects www.heraldnet.com
2 b2cdn.automatad.com www.heraldnet.com
go.automatad.com
2 ajax.googleapis.com www.heraldnet.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 ping.chartbeat.net
1 static.chartbeat.com www.heraldnet.com
1 image6.pubmatic.com ads.pubmatic.com
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 sync.targeting.unrulymedia.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.srv.stackadapt.com rtb.gumgum.com
1 d.turn.com 1 redirects
1 pixel-eu.rubiconproject.com gslbeacon.lijit.com
1 pixel-sync.sitescout.com 1 redirects
1 pixel-us-east.rubiconproject.com gslbeacon.lijit.com
1 match.prod.bidr.io gslbeacon.lijit.com
1 contextual.media.net gslbeacon.lijit.com
1 data.adsrvr.org gslbeacon.lijit.com
1 aorta.clickagy.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 ps.eyeota.net www.heraldnet.com
1 pxdrop.lijit.com www.heraldnet.com
1 gslbeacon.lijit.com ap.lijit.com
1 api.recruitology.com widgets.recruitology.com
1 s0.2mdn.net imasdk.googleapis.com
1 syndication.twitter.com platform.twitter.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 cdnjs.cloudflare.com widgets.recruitology.com
1 platform.twitter.com secure.polldaddy.com
1 ob.cheqzone.com widgets.outbrain.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 widget-pixels.outbrain.com www.heraldnet.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 heraldnet-wa.newsmemory.com www.heraldnet.com
1 secure.polldaddy.com www.heraldnet.com
1 go.automatad.com 1 redirects
1 get.s-onetag.com www.heraldnet.com
1 cdn.jwplayer.com www.heraldnet.com
1 cdn.blueconic.net www.heraldnet.com
1 everett-tpweb.newsengin.com www.heraldnet.com
1 www.heraldnet.com
1 heraldnet.com 1 redirects
0 ums.acuityplatform.com Failed gslbeacon.lijit.com
427 114
Subject Issuer Validity Valid
www.heraldnet.com
R3
2021-02-21 -
2021-05-22
3 months crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-22 -
2022-03-18
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.newsengin.com
AlphaSSL CA - SHA256 - G2
2019-03-29 -
2021-05-09
2 years crt.sh
*.blueconic.net
Thawte TLS RSA CA G1
2019-12-04 -
2022-02-01
2 years crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA
2020-03-09 -
2021-06-08
a year crt.sh
jwplayer.com
Amazon
2021-01-29 -
2022-02-26
a year crt.sh
*.s-onetag.com
Amazon
2021-02-03 -
2022-03-04
a year crt.sh
b2cdn.automatad.com
R3
2021-04-02 -
2021-07-01
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.polldaddy.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-12 -
2022-11-14
2 years crt.sh
*.recruitology.com
Amazon
2020-07-11 -
2021-08-11
a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA
2020-03-31 -
2022-03-31
2 years crt.sh
cdn.userway.org
Sectigo RSA Domain Validation Secure Server CA
2021-01-05 -
2022-01-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-19 -
2022-04-19
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
*.newzware.com
Go Daddy Secure Certificate Authority - G2
2019-08-14 -
2021-08-14
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.outbrainimg.com
DigiCert Secure Site ECC CA-1
2020-03-26 -
2021-06-25
a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-28 -
2022-01-27
2 years crt.sh
www.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
www.google.de
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
ob.cheqzone.com
R3
2021-04-07 -
2021-07-06
3 months crt.sh
obs.cheqzone.com
R3
2021-04-15 -
2021-07-14
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
jwplayer.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-04-14 -
2022-04-15
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
entitlements.jwplayer.com
GeoTrust RSA CA 2018
2020-04-27 -
2022-04-28
2 years crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.doubleclick.net
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
api.userway.org
Amazon
2020-12-02 -
2021-12-31
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2020-03-11 -
2021-05-10
a year crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
cert1.a2.atm.aqfer.net
R3
2021-04-07 -
2021-07-06
3 months crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA
2020-10-05 -
2021-11-06
a year crt.sh
*.eyeota.net
R3
2021-02-28 -
2021-05-29
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon
2021-04-09 -
2022-03-20
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2021-04-12 -
2022-04-20
a year crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.gumgum.com
Amazon
2020-07-03 -
2021-08-03
a year crt.sh
test-view.flexitive.com
GoGetSSL RSA DV CA
2019-12-03 -
2022-03-06
2 years crt.sh
*.srv.stackadapt.com
Amazon
2020-12-09 -
2022-01-07
a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA
2020-07-28 -
2021-10-01
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2020-05-18 -
2021-07-17
a year crt.sh
misc-sni.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.flx10.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-12 -
2021-06-11
2 years crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2
2020-10-12 -
2021-10-12
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2020-06-01 -
2021-06-02
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2
2020-11-23 -
2021-12-25
a year crt.sh

This page contains 37 frames:

Primary Page: https://www.heraldnet.com/
Frame ID: BFA6F4F8AEF2A7603EF7CFE3DD1E3AE4
Requests: 221 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 7DFED39B14F4CCF5783FB08B8C7FF796
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.heraldnet.com%2F%23pd_a_10799437&layout=button_count&send=true&show_faces=false&width=450&action=like&colorscheme=light&height=20
Frame ID: E43E9E68B23BD340D27ABAD94A75A112
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.html?url=https%3A%2F%2Fwww.heraldnet.com%2F&text=The%20Herald%27s%20Athlete%20of%20the%20Week%20for%20April%205-11
Frame ID: D2116544C0AA6AD99A21592703348673
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.452.0_en.html
Frame ID: 19828639700887A2E8AD5705B56BF453
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E61D599D3B6B42DDF591EAADF5653F5A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Frame ID: E7D52A15F393138566BFA2FAB6FF3552
Requests: 12 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Frame ID: 06650651AE7FD3A3C20FADD17FBD0078
Requests: 23 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3742494358711417634&gdpr=1&gdpr_consent=
Frame ID: 5B431EB3A784C16DBD3CC9396B193891
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: F119C028B5B00E4093A9C76BFA983507
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 173B63A8443D6013910DF0E989DF5E4C
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 2DBC4CB4D41BDBD1EAD4DD2CB448729F
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 30C1E016CB001BA8B2D68C1953E76E32
Requests: 15 HTTP requests in this frame

Frame: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 07FB7EB8136E77B7ACE356B373B241B9
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYOKiYiduHOXrkDMTNMLXzKyaQt1BxoXmT2FcONQPYITxCqIcGptfqvyvbCggVe1ghb2mFPr_j6v0D-wOcnwfuXtL-PyNYpNkIOdlHbfEEZbLw34vwPIObEPsp9wgOT8-f876Xx9rn5FICo6vApNsWOuh6w9kUzp92ZOh-97XyaXmkU8qzwi7EvkZh9-0qz6IxQCg2FE9Fw5RZTDcJlLkwgY6HihM9zWfvB7h5N3PfTfifuGc1paIzcIJOrjhl4HD1tXFZRryeIimRt4v7ioBpwBiu9jGytEHXtgCk&sai=AMfl-YT1DUt_7aJnYQO-6tocB8Wri1EqTd3H61SXQcQmJefhkHGsyemp9K-SRVlTUBhLU7UeQBgXVN-mkZ6PC-yL5YpGXMkXb6KOHn3UORzWQXv_w4bCIpYd6ujp5QklSNGo&sig=Cg0ArKJSzAO2QT8-KpMcEAE&adurl=
Frame ID: 6743208E79973A9DE4E5F6528372B6A0
Requests: 9 HTTP requests in this frame

Frame: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4221E82A7D2EF25730DA85966C6A7CC8
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGGxVg-GuDSlDZ1fI2Hx_Sw2LCCpIXs0-52O5UMHxi5KDEMXA6NpitVKrwiAfmYqlst1ytvZ1KKf49fTOeaSvq0rL3c8lyhQsdyCqcSfb01F4KCDBOZO_I2MbdyXKH1rqaCu0efzmiIpRp6mbk8yI5x6_E9CZU8Ha4xSZX1fOt2YPc3-_Ad3iZEu4vJO4axwuybQ5wPJErS4MrmNJSJRDwWIry7M-JFk_fTter8PACfE7SnbEXv1cbzCVfTovxZHUaPwd2B4MrR5LJyK00lZchD5_j0h81YfiN1NEOfw&sai=AMfl-YSXz1OHSM9bTnI5S8BKdEz1hn0lnQuP7rl7j1Ub9Pqz7bgN6CzVQh1sEdZk2IyFv0MU90ksTP2kysSc1tCvqqbgHuJ8sx1HuTuAQu5zHNAefnPpnktM0QMxedmInRI&sig=Cg0ArKJSzDcSoxuNyINaEAE&adurl=
Frame ID: 8D3ADA9B21D97E80732F15F86F88370E
Requests: 8 HTTP requests in this frame

Frame: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3AA7D925D383BCDC3E6C3965F6E114A7
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FA8017B84D84233BBAA4EDA09307D06C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 556B97DE715AFBBE873128FEE198FBA1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=6c84607d-b3b7-4800-b940-a57f94727573&gdpr=1&gdpr_consent=
Frame ID: F02A2AA3E0B2E5264761CEE8EB5021DD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YH2zuQAAQ2mj5wAC&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC
Frame ID: 25853CB591D2217E5DBF5DEF60E52E0F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kZGJhMmRiMS1jNThhLTQyMjktYmM3Ni02ZmVkMDBkZmEwYTY=&gdpr=1&gdpr_consent=
Frame ID: F9FC197CC575A3CC307FE7A1E7C19E5B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 401AE208EC34AD749F11DC6A88488657
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 5B3CAC4E6F46B3AA7A9ED7399FCFC43B
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 518C5C637EFDA5024D1714716AE8BE09
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YH2zucCo5sEAAJ42Gu0AAAAA
Frame ID: 6D1E200EC53FE044AC9214C5C2F3D9FE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871316019338210763
Frame ID: 728980E8EA432512DE64E965F3CD69C1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=SS8UXcnDMYbvlkl8eHe8&pi=gumgum
Frame ID: 1A33FFB94B5960AEA92C8346952919B1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 076A863C7EF13F24F02A08C33D504D4A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Frame ID: 3A5EEB3FCDBA407BC971532B864ADDC8
Requests: 16 HTTP requests in this frame

Frame: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Frame ID: 166233D0F3EB524CA5424E77A1F29A08
Requests: 20 HTTP requests in this frame

Frame: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Frame ID: 72768E4FB24BFB523E713B71FCF93BE8
Requests: 24 HTTP requests in this frame

Frame: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Frame ID: E1E7F2E53D5CC9237204F5BDD131565C
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUh-I2KK-81BEhhrbXVZOX3xu23MWqfTLSWx3Y9KBUqQpBEzim8yFRAPXt356umjD375diWx777I5HL2fLzNKN9xwEhUdvA5mkDJqwMdC9A_N8yQ9tKdpUS0LZMYBg3QQJOiThoLCjHNzwwe19OFjQ4ScBdl8oFg9fXiYTXuI9gFPP7wnhmPgqCCu5QSIRLhCqj4z1umHPCq6MsLzjnUxyhIFeQNWzvw2B6nwhK6c-gPQkJ03TIaT9MZvPEulrMc-OAP281d4ER78lQdgGKcIEjx4XS7RVoxpzneSmDQ&sai=AMfl-YQoP674G3K2sf9zhfnJiKCabAm18cuUEiqqLhubqmIRLLYb05jLH7xAQEN3XqKQTHGOZTFi5_JUYDsF3dSlb6gLrDBy-5nJw_ufxqS0vTLGnQVbuWxpJYBL1TZORF4&sig=Cg0ArKJSzJsB5wrB39GSEAE&adurl=
Frame ID: A6CDEF1C4B8FA0F0DEAE7C1AACAE876A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1448CA15D20EA1D274DD77643379F969
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 61B19A888A34D8D6A09F20E8171CCF52
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://heraldnet.com/ HTTP 301
    https://www.heraldnet.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i

Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

427
Requests

100 %
HTTPS

26 %
IPv6

77
Domains

114
Subdomains

85
IPs

9
Countries

10703 kB
Transfer

18501 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://heraldnet.com/ HTTP 301
    https://www.heraldnet.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://go.automatad.com/geo/FtSDHt/afihbs.js HTTP 301
  • https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
Request Chain 76
  • https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1561 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
Request Chain 203
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=3c88cbabbdf2d8d9e2a654c2&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=3c88cbabbdf2d8d9e2a654c2&gdpr=1&gdpr_consent=
Request Chain 205
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=3c88cbabbdf2d8d9e2a654c2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=3c88cbabbdf2d8d9e2a654c2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
Request Chain 226
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=3c88cbabbdf2d8d9e2a654c2/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
Request Chain 227
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy&google_tc=
Request Chain 228
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Request Chain 229
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=3c88cbabbdf2d8d9e2a654c2&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:3af07a10eb6573972ef74f7d04dd4a13
Request Chain 231
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 232
  • https://um.simpli.fi/lj_match?r=1618850743713&gdpr=1&gdpr_consent= HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 233
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 235
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=41af8265-cb5a-4f9c-94c3-6a46770de748
Request Chain 237
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=Ep8dy0acSJcJnxObEJkHmUDOE5wJyxKXRZvUEnPJ
Request Chain 240
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1871316019338210763
Request Chain 241
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 242
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=SS8UXcnDMYbvlkl8eHe8&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Request Chain 244
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=g9DI2FX17NQm&ev=1&pid=558511&gdpr_consent=&gdpr=1
Request Chain 246
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=3c88cbabbdf2d8d9e2a654c2&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=7f9a607d-b3b7-4b00-b58c-15afa0eb9852&gdpr=1&gdpr_consent=
Request Chain 247
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3742494358711417634&gdpr=1&gdpr_consent=
Request Chain 250
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31a3607d-b3b7-4000-9ca9-258dbcda55f5
Request Chain 276
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UquSCwaox1dJq5xbUK2IWQD6nFxJ_51XBa9Cz00A
Request Chain 277
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8769262940802476245
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQb6p7uTovJk-jsxSAdkog&google_cver=1
Request Chain 284
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=9079642166036316933
Request Chain 286
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6&obuid=ENC(G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DG6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DG6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT&C=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YH2zugKXhHI9_Ue1uw4IuAAABHMAAAAB&obUid=G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT
Request Chain 287
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=fca0ab79-ff63-02fb-2130-05aab93f4547
Request Chain 289
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-q4zOAU1E2pcYxVeK236KPt7qzb_HWvxClXx0~A
Request Chain 290
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=afdfcf63-a12e-11eb-92c8-493c66029fd8
Request Chain 293
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 294
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=90e7f733-85fc-4775-8e47-522f87ba7052
Request Chain 295
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4194292375 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4194292375 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/5fc86f77-f3e5-40d1-ae6e-c7caf4518b5b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-683a29a2-de46-48a9-819e-e91cfda3594e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-683a29a2-de46-48a9-819e-e91cfda3594e-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-683a29a2-de46-48a9-819e-e91cfda3594e-003
Request Chain 296
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=L6eaXa9tVRCM&ev=1&pid=558355
Request Chain 298
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=6c84607d-b3b7-4800-b940-a57f94727573&gdpr=1&gdpr_consent=
Request Chain 299
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YH2zuQAAQ2mj5wAC&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC
Request Chain 304
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YH2zucCo5sEAAJ42Gu0AAAAA
Request Chain 305
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019338210763
Request Chain 306
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=SS8UXcnDMYbvlkl8eHe8&pi=gumgum

427 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.heraldnet.com/
Redirect Chain
  • https://heraldnet.com/
  • https://www.heraldnet.com/
283 KB
32 KB
Document
General
Full URL
https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.41.198 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
198.41.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
2b619d7ace8eef7b748c323ea67e5a04bee2b66fe50982ced5d97b08d6c5b9ee

Request headers

:method
GET
:authority
www.heraldnet.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 19 Apr 2021 16:45:40 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link
<https://www.heraldnet.com/wp-json/>; rel="https://api.w.org/" <https://www.heraldnet.com/>; rel=shortlink
set-cookie
spi-adslots=%5B%22f4e5f220-2efc-45a1-869f-0b293f8aec73%22%2C+1036994%2C+%5B%5B1%2C+%22%5B970%2C+90%5D%22%5D%2C+%5B3%2C+%22%5B970%2C+90%5D%2C+%5B728%2C+90%5D%2C+%5B320%2C+50%5D%22%5D%2C+%5B5%2C+%22%5B970%2C+90%5D%2C+%5B728%2C+90%5D%2C%5B320%2C+50%5D%22%5D%2C+%5B7%2C+%22%5B970%2C+90%5D%2C+%5B728%2C+90%5D%2C%5B320%2C+50%5D%22%5D%2C+%5B9%2C+%22%5B970%2C+90%5D%2C+%5B728%2C+90%5D%2C%5B320%2C+50%5D%22%5D%2C+%5B11%2C+%22%5B970%2C+90%5D%2C+%5B728%2C+90%5D%2C%5B320%2C+50%5D%22%5D%2C+%5B13%2C+%22%5B970%2C+90%5D%2C+%5B728%2C+90%5D%2C%5B320%2C+50%5D%22%5D%5D%5D; expires=Tue, 20-Apr-2021 16:43:28 GMT; Max-Age=86400; path=/ spi-check=0; expires=Tue, 20-Apr-2021 16:43:28 GMT; Max-Age=86400; path=/
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 50
x-cache-group
normal
content-encoding
br

Redirect headers

server
nginx
date
Mon, 19 Apr 2021 16:45:40 GMT
content-type
text/html
content-length
162
location
https://www.heraldnet.com/
jquery.ui.all.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/
37 KB
9 KB
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/jquery.ui.all.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-9420"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
epass-css.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/epass-css.css?ver=1.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-a20"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/
40 KB
6 KB
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.6
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 15:48:08 GMT
server
NetDNA-cache/2.2
etag
W/"5ee100b8-a055"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wpba-frontend.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/
852 B
654 B
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/wpba-frontend.css?ver=1.3.11
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:20:53 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2f85-354"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
foundation.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/
268 KB
40 KB
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
243cda291a2dc52cc42ea4c74fec3e6435a6cf5b0c8084f35e995479cb1a3b2c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 16:31:01 GMT
server
NetDNA-cache/2.2
etag
W/"5f623dc5-42ff5"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/
2 KB
817 B
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 21:00:20 GMT
server
NetDNA-cache/2.2
etag
W/"59e91264-765"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/
3 KB
1 KB
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick-theme.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 21:00:20 GMT
server
NetDNA-cache/2.2
etag
W/"59e91264-d28"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
teamplayer-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/
191 B
359 B
Stylesheet
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/teamplayer-theme.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 22:26:56 GMT
server
NetDNA-cache/2.2
etag
W/"59e926b0-bf"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
config.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
28 KB
8 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/config.js?ver=3.5
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 16:58:59 GMT
server
NetDNA-cache/2.2
etag
W/"601ad653-70a2"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
site-min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
47 KB
6 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/site-min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-bc57"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-1.7.2.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
93 KB
33 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-1.7.2.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-1727a"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.ui.core.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
4 KB
2 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery.ui.core.min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-1113"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-ui.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
197 KB
51 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-ui.min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-31480"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nwJQuery.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
35 B
270 B
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/nwJQuery.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
"5e540ecf-23"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
35
e-pass-min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
82 KB
13 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/e-pass-min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-146bc"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.0/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js?ver=2.1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 13:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443448
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29478
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 13:34:52 GMT
ai-jquery.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/
18 B
253 B
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ai-jquery.js?ver=5.3.6+2.5.10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Wed, 08 Jan 2020 21:04:07 GMT
server
NetDNA-cache/2.2
etag
"5e1643c7-12"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18
hb-amzn-uam.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/
3 KB
1 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:21:38 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2fb2-c02"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
picturefill.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js/
12 KB
5 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/js/picturefill.min.js?ver=3.0.2
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 21:05:02 GMT
server
NetDNA-cache/2.2
etag
W/"5e1643fe-2e20"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/
86 KB
15 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/slick.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 20:59:37 GMT
server
NetDNA-cache/2.2
etag
W/"59e91239-15986"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
header.js
everett-tpweb.newsengin.com/tpweb/web/js/
4 KB
2 KB
Script
General
Full URL
https://everett-tpweb.newsengin.com/tpweb/web/js/header.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.222.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-222-120.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Aug 2015 15:13:20 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"f9e-51c7db9f7e5e0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1290
teamplayer-local.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/
679 B
541 B
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/teamplayer-local.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 22:29:27 GMT
server
NetDNA-cache/2.2
etag
W/"59e92747-2a7"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/
13 KB
5 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.3.6
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398514
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 02:03:46 GMT
webfontloader.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/
146 B
370 B
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/webfontloader.js?ver=1.0.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2017 01:34:13 GMT
server
NetDNA-cache/2.2
etag
W/"598bb815-92"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
soundpublishing.js
cdn.blueconic.net/
133 KB
40 KB
Script
General
Full URL
https://cdn.blueconic.net/soundpublishing.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-109.cph50.r.cloudfront.net
Software
- /
Resource Hash
4a4dcc65f1da4029d2748dbdda40733c52c4f54f6fa57aac9a4026e5121f66fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
472
x-cache
Hit from cloudfront
content-length
40508
x-xss-protection
1; mode=block
last-modified
Wed, 24 Mar 2021 10:05:11 GMT
server
-
etag
"2129f-5be456f342330-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 0797e49e9b926d7fa39bfcaf87f5e51d.cloudfront.net (CloudFront)
cache-control
public, max-age=600, s-maxage=500
x-amz-cf-pop
CPH50-C2
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
HFpIvka135O7Pvp_vPwv88JvT4UWJ2bl9gFhwypdYpCKs1RPiG1ARw==
outbrain.js
widgets.outbrain.com/
172 KB
58 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cdaeb5b8f2a45ba262f5a035677275bd5a4f0edf01f16c2a1bb2aaff1ae5c4c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 06:50:56 GMT
etag
W/"2b1c9-H7yuKfm9EsXJmkQ9aVsjytmR0Yk"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
c8f3acf22315aa74973c58bcc902a64f
timing-allow-origin
*, *
content-length
58580
expires
Mon, 19 Apr 2021 20:45:41 GMT
NOZVn4NA.js
cdn.jwplayer.com/libraries/
111 KB
37 KB
Script
General
Full URL
https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:1400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
e8c3b34ef6125539e488f71b085fe1e791bc97565113ff55d59f7b60933de3db

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:43:54 GMT
content-encoding
gzip
server
openresty
age
106
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
ZRH50-C1
content-length
37094
via
1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-id
Mjc-tX5IXThmDDN538By_K72Te7xrO6tnNry_YFWowvvkFIROtjzRA==
expires
Mon, 19 Apr 2021 16:46:24 GMT
tag.min.js
get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/
30 KB
10 KB
Script
General
Full URL
https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-117.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xj57ez3UnPy2eN1qoVkw.LFL15QiNFIp
content-encoding
gzip
last-modified
Thu, 23 Jul 2020 20:40:43 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
W/"520479fb1242c9257060bcec5558c41d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
date
Mon, 19 Apr 2021 16:45:41 GMT
x-amz-cf-id
1yOWXy7cShVfdlL1FNmOBWQxpNPzAyCkgWmvFoqDGT9VctAeOrjU_A==
afihbs.js
b2cdn.automatad.com/geo/FtSDHt/all-geo-W/
Redirect Chain
  • https://go.automatad.com/geo/FtSDHt/afihbs.js
  • https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
60 KB
19 KB
Script
General
Full URL
https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-197.datapacket.com
Software
BunnyCDN-DE1-487 /
Resource Hash
cd4b6b239802c7c9455f4be7bcc3b05125c2cd82f8f2f73b8c857a6a5e2b1736

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
br
x-openstack-request-id
txaa2f97755b5c4c918dc0e-0060502343
cdn-edgestorageid
487, 617
access-control-allow-origin
*
x-iplb-instance
28796
cdn-cachedat
2021-03-16 04:49:15
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
txaa2f97755b5c4c918dc0e-0060502343
x-timestamp
1615864223.69278
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 16 Mar 2021 03:10:24 GMT
server
BunnyCDN-DE1-487
cdn-requestpullcode
200
x-iplb-request-id
B95D01F1:FB09_8E2CE366:01BB_60502343_13FC4CF:249BE
vary
Accept-Encoding
x-object-meta-mtime
1603870974.364763803
cdn-cache
REVALIDATED
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
6d4a4133ec3c2c1008c342518ce76a65
content-type
application/javascript
cdn-requestcountrycode
BE
cdn-requestpullsuccess
True

Redirect headers

date
Mon, 19 Apr 2021 16:45:42 GMT
server
nginx/1.17.8
content-type
text/html; charset=utf-8
location
https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
cache-control
no-cache
x-automatad-country
BE
content-length
93
expires
Mon, 19 Apr 2021 16:45:41 GMT
js
www.googletagmanager.com/gtag/
93 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52608-71
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca139458db756618cec4fabb1767595ce767a168890a3b6e36d096704b19bc2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37388
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 15:40:52 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Apr 2021 16:45:41 GMT
24739976_web1_TSR-210414-DentalShortage-FS-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
167 KB
168 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24739976_web1_TSR-210414-DentalShortage-FS-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5a1b1531dc3babb40d32115e8a2184d0b6469a4058d36e10586b8e7247133113

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 19 Apr 2021 08:30:55 GMT
server
NetDNA-cache/2.2
etag
"607d3fbf-29df3"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
171507
expires
Wed, 19 May 2021 16:45:41 GMT
24833409_web1_TSR2-JulcolSpaceman-EDH-210418-SembroskiTraining-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
167 KB
167 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24833409_web1_TSR2-JulcolSpaceman-EDH-210418-SembroskiTraining-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
bb1018df6a63bd92f513b7f274c967a17a8fcc671b1a19dd627c6e6ef93b1e6e

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 18:12:58 GMT
server
NetDNA-cache/2.2
etag
"607c76aa-29b24"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
170788
expires
Wed, 19 May 2021 16:45:41 GMT
24747309_web1_TSR-Arlington-ROUNDABOUT-EDH-041221-FS-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
222 KB
222 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24747309_web1_TSR-Arlington-ROUNDABOUT-EDH-041221-FS-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
45026a39934f10a8d572e771d807244911893dcea02bb78000a0e7482c4341d6

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 19 Apr 2021 08:30:39 GMT
server
NetDNA-cache/2.2
etag
"607d3faf-3778e"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
227214
expires
Wed, 19 May 2021 16:45:41 GMT
24709134_web1_TSR-I-5-StreetSmarts-EDH-190311-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
286 KB
287 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24709134_web1_TSR-I-5-StreetSmarts-EDH-190311-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
96208a9ced2cdb0957df26efecd17f971d43e8b8bbc83438a4156d888efff725

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 08:33:55 GMT
server
NetDNA-cache/2.2
etag
"607beef3-477dc"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
292828
expires
Wed, 19 May 2021 16:45:41 GMT
24885017_web1_210419-Impress-SOUND-EDH-CommunityTransit_1.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
90 KB
90 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24885017_web1_210419-Impress-SOUND-EDH-CommunityTransit_1.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
69fd57b8f7406b9f0bbb75862491e39dc4830ea1f4fe8a4d85ab2f3e28fcbb00

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 19 Apr 2021 13:00:29 GMT
server
NetDNA-cache/2.2
etag
"607d7eed-1676c"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
92012
expires
Wed, 19 May 2021 16:45:41 GMT
24820915_web1_TSR-Cornfield-Report-EDH-200100-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
101 KB
102 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24820915_web1_TSR-Cornfield-Report-EDH-200100-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
705ba2b417ccdc013a5b14431cb2c3b427dfc77d5499ce1c1b706e7f160a0625

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 19 Apr 2021 12:00:35 GMT
server
NetDNA-cache/2.2
etag
"607d70e3-194e3"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
103651
expires
Wed, 19 May 2021 16:45:41 GMT
24880983_web1_TSR-Fall-All-Wesco-Teams-EDH-210418-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
200 KB
201 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24880983_web1_TSR-Fall-All-Wesco-Teams-EDH-210418-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
997b5a8a040a0539ce78635188566c3aad9b3b22e07d014f0509e577e6266495

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 00:34:18 GMT
server
NetDNA-cache/2.2
etag
"607b7e8a-32136"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
205110
expires
Wed, 19 May 2021 16:45:41 GMT
24724003_web1_TSR-Cartoon-Vaccine-EDH-210403-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
42 KB
42 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24724003_web1_TSR-Cartoon-Vaccine-EDH-210403-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2be21fd0e608a55c2840f8448b8f351c936b2f3296a94f7c57f6c2631e433d94

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Wed, 14 Apr 2021 07:12:10 GMT
server
NetDNA-cache/2.2
etag
"3c548714d423e8467311fac615408ded"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
42818
expires
Wed, 19 May 2021 16:45:41 GMT
24876212_web1_TSR-EDH-20210416-teaser-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
233 KB
233 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24876212_web1_TSR-EDH-20210416-teaser-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
62af1e8309ae48dfe2e09ede22abe3a3b25c6c6d0b934c8256c5de337e378b1d

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Fri, 16 Apr 2021 23:49:58 GMT
server
NetDNA-cache/2.2
etag
"607a22a6-3a3d2"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
238546
expires
Wed, 19 May 2021 16:45:41 GMT
24878622_web1_TSR-Fire-210418-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
229 KB
230 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24878622_web1_TSR-Fire-210418-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1778185099d540dfdf515feabb8eee5dad6049473e2dde2d5013a51dcfdfdf41

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sat, 17 Apr 2021 17:11:12 GMT
server
NetDNA-cache/2.2
etag
"607b16b0-3953b"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
234811
expires
Wed, 19 May 2021 16:45:41 GMT
24850867_web1_TSR-Eyman-EDH-210417-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
129 KB
130 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24850867_web1_TSR-Eyman-EDH-210417-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c5331f8ffd2eb0c25d361f40dc7387cccaafe2b2c4d836bf86ce48649b5b7cb4

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sat, 17 Apr 2021 00:34:55 GMT
server
NetDNA-cache/2.2
etag
"607a2d2f-205ef"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
132591
expires
Wed, 19 May 2021 16:45:41 GMT
20763220_web1_TSR-Patient-EDH-200204-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
193 KB
194 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/20763220_web1_TSR-Patient-EDH-200204-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fa6ac12608d91ecee751159d0ba7cb891d54511088b5cd45c89685c8252300c6

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Wed, 14 Apr 2021 12:41:50 GMT
server
NetDNA-cache/2.2
etag
"6076e30e-305cf"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
198095
expires
Wed, 19 May 2021 16:45:41 GMT
24867963_web1_TSR-210417-edh-opi-MvillLitLeague2019-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
293 KB
294 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24867963_web1_TSR-210417-edh-opi-MvillLitLeague2019-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ffb4d3cdf7d159d5bc379aa6834c7f89693243ed7a53eb8fa739e837f2c086ba

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sat, 17 Apr 2021 08:31:54 GMT
server
NetDNA-cache/2.2
etag
"607a9cfa-495cd"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
300493
expires
Wed, 19 May 2021 16:45:41 GMT
24875985_web1_TSR-Lynch-Fauci-EDH-210417-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
136 KB
136 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24875985_web1_TSR-Lynch-Fauci-EDH-210417-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0f5fb2d2955373c1ab2e198244d0129f7311c6ed3c79197ca14976acc70f46fa

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Fri, 16 Apr 2021 23:43:55 GMT
server
NetDNA-cache/2.2
etag
"607a213b-21eaf"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
138927
expires
Wed, 19 May 2021 16:45:41 GMT
24878991_web1_TSR-Sanders-EDH-210418-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
165 KB
166 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24878991_web1_TSR-Sanders-EDH-210418-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ebb2903ce5afcb1d4b62d24b418ba96890d8fb9dfe4702d922c155eefdb60ab3

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 02:41:22 GMT
server
NetDNA-cache/2.2
etag
"607b9c52-294d3"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
169171
expires
Wed, 19 May 2021 16:45:41 GMT
10799437.js
secure.polldaddy.com/p/
32 KB
7 KB
Script
General
Full URL
https://secure.polldaddy.com/p/10799437.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.123.248 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
polldaddy.com
Software
nginx /
Resource Hash
451c664426f6846491da7801951b2db9f9b38d2b5379ff555ae5acf8729740cd

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
cache-control
max-age=300, s-maxage=31536000
last-modified
Mon, 19 Apr 2021 07:59:08 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
24875794_web1_TSR-Bardsley-edh-210418-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
218 KB
218 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24875794_web1_TSR-Bardsley-edh-210418-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9ddb047fa6ce118fe54b064d8867e54dbf09f334c6abe26a62eb49bb6812fe91

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 08:33:24 GMT
server
NetDNA-cache/2.2
etag
"607beed4-3672e"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
223022
expires
Wed, 19 May 2021 16:45:41 GMT
24827470_web1_TSR-Osterman-edh-210418-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
200 KB
200 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24827470_web1_TSR-Osterman-edh-210418-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3729a60443eeed0a2f1248e5de7109f84137cd7302e8fcb5ef0038edfa59f8a9

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 08:31:06 GMT
server
NetDNA-cache/2.2
etag
"607bee4a-31eb8"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
204472
expires
Wed, 19 May 2021 16:45:41 GMT
24878184_web1_TSR-EDH-20210417-TEASER-1200x802.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
169 KB
170 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24878184_web1_TSR-EDH-20210417-TEASER-1200x802.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1760945676efe45dbf0f7710c4f3974f65c5bc2fce8c222eced823b14f096b20

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sat, 17 Apr 2021 13:11:19 GMT
server
NetDNA-cache/2.2
etag
"607ade77-2a5aa"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
173482
expires
Wed, 19 May 2021 16:45:41 GMT
24872153_web1_TSR-MAG7-210121-QuilCedaCreek-FS-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
157 KB
158 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24872153_web1_TSR-MAG7-210121-QuilCedaCreek-FS-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
bcbdc9457e16503b7587932a430a615af36ba6e2086c1b79237687fe6e54f1a7

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Fri, 16 Apr 2021 23:24:43 GMT
server
NetDNA-cache/2.2
etag
"607a1cbb-27581"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
161153
expires
Wed, 19 May 2021 16:45:41 GMT
24876813_web1_TSR-0419-scotus-pack-wright-EDH-210416-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
220 KB
221 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24876813_web1_TSR-0419-scotus-pack-wright-EDH-210416-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
23b729b9788acd71a92585ada201a1929987d44a6fb579cb6b3ef5487d2dc903

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 19 Apr 2021 13:13:30 GMT
server
NetDNA-cache/2.2
etag
"607d81fa-371f1"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
225777
expires
Wed, 19 May 2021 16:45:41 GMT
24869068_web1_TSR-191020-edh-opi-US2trestle-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
277 KB
278 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24869068_web1_TSR-191020-edh-opi-US2trestle-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8008c1dfca8283271b50de6e1fad0941c4f68d14d57942ad62ed687e177c407b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 08:32:34 GMT
server
NetDNA-cache/2.2
etag
"607beea2-454d5"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
283861
expires
Wed, 19 May 2021 16:45:41 GMT
24876856_web1_TSR-0418-police-driving-white-beeler-EDH-210416-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
160 KB
161 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24876856_web1_TSR-0418-police-driving-white-beeler-EDH-210416-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4bff85bdfa50bd0194b0b74c94c7756e41ba4d3df20e06beeeefe0cf48793d86

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sun, 18 Apr 2021 08:32:06 GMT
server
NetDNA-cache/2.2
etag
"607bee86-280fb"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
164091
expires
Wed, 19 May 2021 16:45:41 GMT
24876909_web1_TSR-0417-us-afghan-sack-EDH-210416-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
267 KB
268 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24876909_web1_TSR-0417-us-afghan-sack-EDH-210416-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8bafdbc1398f2f5ff2ac82e98c27f9aa55c8f020aeeb93d3a2221d6a7dc5bc99

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sat, 17 Apr 2021 08:31:18 GMT
server
NetDNA-cache/2.2
etag
"607a9cd6-42d68"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
273768
expires
Wed, 19 May 2021 16:45:41 GMT
24866331_web1_TSR-0416-us-afghan-matson-EDH-210415-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
241 KB
242 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24866331_web1_TSR-0416-us-afghan-matson-EDH-210415-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d1aaf17ff188ca2f2b910a444b1e6a66bfebeafc671cc61a9bcf333555659ac1

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Fri, 16 Apr 2021 08:32:05 GMT
server
NetDNA-cache/2.2
etag
"60794b85-3c4cd"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
246989
expires
Wed, 19 May 2021 16:45:41 GMT
TSR-Janice-EDH-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2020/08/
89 KB
90 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2020/08/TSR-Janice-EDH-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
616d20cd978147f6dee344b2d8ffe65f50043cdb4579f2bab4587696054cb892

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Tue, 18 Aug 2020 07:11:46 GMT
server
NetDNA-cache/2.2
etag
"161a8735604704df76ccd7c780e389d5"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
91323
expires
Wed, 19 May 2021 16:45:41 GMT
24628118_web1_TSR-JulcolFirstSun-EDH-210401-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
178 KB
179 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24628118_web1_TSR-JulcolFirstSun-EDH-210401-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
712695fe96271f4f67f435caff5c523ccef6ae65a8a2f8c5b4201c368dd897bb

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Tue, 13 Apr 2021 07:11:31 GMT
server
NetDNA-cache/2.2
etag
"ca318cc4a5e37f464cd15cf1b3688bd5"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
182436
expires
Wed, 19 May 2021 16:45:41 GMT
TSR-Zachariah-Bryan-EDH-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2020/07/
74 KB
74 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2020/07/TSR-Zachariah-Bryan-EDH-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c1cbf1f53f7d3c0f391c1d16c079b78b97e20941dd87b594de5f29acbb25cf99

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sat, 15 Aug 2020 07:12:02 GMT
server
NetDNA-cache/2.2
etag
"ef83a66deb693e1672be4f6931d629cc"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
75677
expires
Wed, 19 May 2021 16:45:41 GMT
TSR-Phil-OConnor-EDH-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2020/08/
98 KB
99 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2020/08/TSR-Phil-OConnor-EDH-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
342e1f9f80c843ef6e4f61b2e084c63df05a498ca47f209ff2467bcbf7bece6f

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 24 Aug 2020 07:10:59 GMT
server
NetDNA-cache/2.2
etag
"4ebdd8aaf83278579162e915a5db3d84"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
100709
expires
Wed, 19 May 2021 16:45:41 GMT
24876279_web1_TSR-210416-KamiakMeadowdaleSOC-FS-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
185 KB
186 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24876279_web1_TSR-210416-KamiakMeadowdaleSOC-FS-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8343f8a15fde6c4eedf613a368dcf9290465cf903b0c3b7ccf382c871e5a2439

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Sat, 17 Apr 2021 05:44:40 GMT
server
NetDNA-cache/2.2
etag
"607a75c8-2e59a"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
189850
expires
Wed, 19 May 2021 16:45:41 GMT
24780778_web1_TSR-HJvEvSB-edh-210408-FS-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
204 KB
204 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24780778_web1_TSR-HJvEvSB-edh-210408-FS-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5dd6142912ad29fb7aedf4875d239ff95c2d36d928d3539fc5477865c5975c97

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Fri, 09 Apr 2021 03:17:10 GMT
server
NetDNA-cache/2.2
etag
"606fc736-32e4d"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
208461
expires
Wed, 19 May 2021 16:45:41 GMT
24646212_web1_TSR-LkSvSnVB-edh-210325-FS-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/03/
209 KB
209 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/03/24646212_web1_TSR-LkSvSnVB-edh-210325-FS-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
aa5a8488bea1f9e7113558cd30e31284e8a583cfc9de8ca30f744c6c1a0bf76c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Tue, 06 Apr 2021 07:10:33 GMT
server
NetDNA-cache/2.2
etag
"6c1b15d3b63225afcdecc0fafbb28b99"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
213892
expires
Wed, 19 May 2021 16:45:41 GMT
24711996_web1_TSR-210401-KamiakCascadeFB-FS-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
214 KB
215 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24711996_web1_TSR-210401-KamiakCascadeFB-FS-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f4dafe12c175bea066d181046fc16033b292eabe490511a118d1f1c0b89eefe7

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Tue, 13 Apr 2021 07:10:07 GMT
server
NetDNA-cache/2.2
etag
"3500b3594fdd4814ea8d968f0b343f87"
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
219247
expires
Wed, 19 May 2021 16:45:41 GMT
24883681_web1_TSR-portland-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/
255 KB
256 KB
Image
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/04/24883681_web1_TSR-portland-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a503e3d61df6cc2f4cfc9c6c6f319e25284c1f1a118dd25dd342acc0920cfa5c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Mon, 19 Apr 2021 08:31:34 GMT
server
NetDNA-cache/2.2
etag
"607d3fe6-3fc8f"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
261263
expires
Wed, 19 May 2021 16:45:41 GMT
gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
widgets.recruitology.com/scripts/
36 KB
11 KB
Script
General
Full URL
https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f0890169a7fee4763c199cac419cccf3796b66762d00a30d5953ed8d2c62d87

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 03:32:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"1d93b259288085a914292922ba26a29d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
p-HymWFIStqK9-vnqJyFX7cy_rDeCgfBUqr978Sq_3hJLpqYS5JQNA==
expires
Mon, 19 Apr 2021 16:33:28 GMT
0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
widgets.recruitology.com/scripts/
38 KB
11 KB
Script
General
Full URL
https://widgets.recruitology.com/scripts/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
208794b2f7e29f502f275f225400db91e0e9bae2b90ea312247b35a91bfef259

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 03:32:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"29fd0ffaa78cffee38bf6c73c4a41f18"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
fav3G5cO0Df6U-odGzSyKH89yk4u-gkJ49rbciKZOtfR6hpyPNgSRQ==
expires
Mon, 19 Apr 2021 16:33:28 GMT
/
heraldnet-wa.newsmemory.com/
38 KB
38 KB
Image
General
Full URL
https://heraldnet-wa.newsmemory.com/?getprima
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.116 Olivia, United States, ASN10242 (USINTERNET, US),
Reverse DNS
ussrv37.newsmemory.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a31efd608dd30de7c8c72c08efeb56333bc9cc66efa8d752d7ed7c4739f288c0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:42 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=900,s-maxage=900
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Expires
Mon, 19 Apr 2021 17:00:42 GMT
widget.js
cdn.userway.org/
1 KB
1018 B
Script
General
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7b96ce0ec2836167ade704e7c4e8ae71a2275c3ab0b14dd76f9588c78696034a

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 19 Apr 2021 16:45:41 GMT
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-77-nzt-ray
UAMKuRBoqaY=
age
2
x-77-cache
HIT
x-cache
HIT
x-age
632
content-encoding
br
x-77-nzt
AcO1rzL1hljveAIAAA==
last-modified
Mon, 19 Apr 2021 08:09:11 GMT
server
CDN77-Turbo
etag
W/"4f6733933062e68719364803d8120501"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
4t77-3IddUXAnMWimlDC4kYa_N6Wr4A5wt76rs0qN2YDXL4cKOwRVg==
epass.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/
3 KB
1 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/epass.js?ver=2.5
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 22:10:31 GMT
server
NetDNA-cache/2.2
etag
W/"5f46ddd7-dda"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
foundation.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/
963 KB
263 KB
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/foundation.js?ver=2.9.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2017 04:14:29 GMT
server
NetDNA-cache/2.2
etag
W/"59cc7725-f0b74"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.sonar.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/
1 KB
970 B
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:22:17 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2fd9-580"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
lazy-load.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/
902 B
708 B
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:22:17 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2fd9-386"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/
1 KB
993 B
Script
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.3.6
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
last-modified
Sat, 05 Oct 2019 19:49:10 GMT
server
NetDNA-cache/2.2
etag
W/"5d98f3b6-577"
vary
Accept-Encoding, Accept-Encoding
x-cache
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gpt.js
www.googletagservices.com/tag/js/
62 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fa92652a46250a99a545de25844960e9e056e3e7cebf88fe9ccd6d8a1eb39a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"847 / 637 of 1000 / last-modified: 1618843586"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21082
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:41 GMT
css
fonts.googleapis.com/
22 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.3.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
247a6529ea618a483d96fca03720ebbaef43cbb8ed8c4008d746fd11afb78e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:41 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:41 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
61 KB
12 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A41%2B02%3A00&ts=1618850741679
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
6188144b4acec4d9b337924faa86ac52e5fca5cf9645a30e3c0990b301d9669a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
10849
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma13246/715673500/2/
Redirect Chain
  • https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1561
  • https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
140 KB
41 KB
Script
General
Full URL
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:10:11 GMT
content-encoding
br
last-modified
Fri, 12 Mar 2021 20:56:34 GMT
server
nginx
age
2130
etag
"a1715eaf03a833c065ff7e0c37e0c3ec"
vary
Accept-Encoding
x-cache
HIT Mon, 15 Mar 2021 15:20:27 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
41569

Redirect headers

date
Mon, 19 Apr 2021 16:45:41 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
9-gc-euw1-10926
gtm.js
www.googletagmanager.com/
84 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWBBMFL
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54cbc7d44ac2e29b52b19dd1aaaf217aa6bffa8a2c49a6100a841a3c265562d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33308
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 15:40:52 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Apr 2021 16:45:41 GMT
fbevents.js
connect.facebook.net/en_US/
92 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23963
x-fb-rlafr
0
pragma
public
x-fb-debug
33Pj/vufprCZPDbn3EdHAlqqLCwREM4hHvOorspoOLrjey7AxsUQ8AbCkuKAcBJHUkmmT/bkUMJ0UkRl4IGBgA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 19 Apr 2021 16:45:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery.ui.all.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
291 B
420 B
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css
Requested by
Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/e-pass-min.js?ver=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
dff50263f547982eed5a64e041d0f70e67fb663f587f495e6cd3bd031d54fbdb

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
291
content-type
text/css
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:09:53 GMT
server
sffe
age
398559
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19300
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v22/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:15 GMT
server
sffe
age
110522
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19152
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:39 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:30:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:08:44 GMT
server
sffe
age
36893
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18924
x-xss-protection
0
expires
Tue, 19 Apr 2022 06:30:48 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v22/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f8a6ec76cb7852a46232f5662fe39852a9c7a93ad60946b84c71d4f8596d707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:07:02 GMT
server
sffe
age
398554
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19240
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:07 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
110523
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
age
110523
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
age
110523
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 04:11:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
131651
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Mon, 18 Apr 2022 04:11:30 GMT
JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:08 GMT
server
sffe
age
110523
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19440
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 06:04:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:21 GMT
server
sffe
age
124842
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19240
x-xss-protection
0
expires
Mon, 18 Apr 2022 06:04:59 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
110523
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
age
110523
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
110523
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52608-71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
2959
date
Mon, 19 Apr 2021 15:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Mon, 19 Apr 2021 17:56:22 GMT
js
www.googletagmanager.com/gtag/
93 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109002081-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52608-71
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6eac5136ed04200691bb5065730bf75f9ff90b2f4150bb3522856c5a973a34d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37422
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 15:40:52 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Apr 2021 16:45:41 GMT
js
www.googletagmanager.com/gtag/
93 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109002081-7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52608-71
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1a07d4cb3070159b3d71476503337ec13b6fb7d85e6a8f68ea08ed7ebfea0db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37421
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 15:40:52 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Apr 2021 16:45:41 GMT
pubads_impl_2021041501.js
securepubads.g.doubleclick.net/gpt/
299 KB
106 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 08:41:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107555
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:41 GMT
869459273124027
connect.facebook.net/signals/config/
255 KB
73 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/869459273124027?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
566eca20ef08e18d9a7d1e168e454cb123bb65044e4c81129556d7ebdc490ec5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
qpJAuWRdYOKosUDgyqg7E+tpjL3MnD2/B3JFgWBFkG5pPjEtjzAypYDiXEpxRFqqQ2awvd+UzK314jvOmLBwng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Mon, 19 Apr 2021 16:45:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=238188580&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1757663915&gjid=1683842309&cid=675299959.1618850742&tid=UA-52608-71&_gid=880704821.1618850742&_r=1&gtm=2ou472&z=1987149600
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=238188580&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=1527906938&gjid=206776844&cid=675299959.1618850742&tid=UA-109002081-1&_gid=880704821.1618850742&_r=1&gtm=2ou472&z=578289141
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=238188580&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=626858736&gjid=2049370204&cid=675299959.1618850742&tid=UA-109002081-7&_gid=880704821.1618850742&_r=1&gtm=2ou472&z=702278427
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
87 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-52608-71&cid=675299959.1618850742&jid=1757663915&gjid=1683842309&_gid=880704821.1618850742&_u=IEBAAUAAAAAAAC~&z=222137091
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Apr 2021 16:45:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7DFE
416 B
799 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1618817478.213335"
last-modified
Mon, 19 Apr 2021 06:50:12 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Mon, 19 Apr 2021 16:45:41 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1618850741~rv=83~id=9a2ef41bca624bb0868e0c73d938cac2; path=/; Expires=Mon, 19 Apr 2021 16:45:41 GMT; Secure; SameSite=None
d3d3LmhlcmFsZG5ldC5jb20=
tcheck.outbrainimg.com/tcheck/check/
15 B
462 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmhlcmFsZG5ldC5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-205.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:41 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=39567
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
dcbbf4e3a1fdc4c1f1d60116b153c528
Content-Length
15
Expires
Tue, 20 Apr 2021 03:45:08 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
451 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.8837172126984285
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 19 May 2021 16:45:41 GMT
/
onetag-geo.s-onetag.com/
24 B
437 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-29.zrh50.r.cloudfront.net
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:35:37 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront), 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
age
604
x-amzn-requestid
19aaf417-aef2-4434-80e7-7d52a8826ef5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, ZRH50-C1
x-amz-apigw-id
eCil8F34CYcF7NQ=
content-length
24
x-amz-cf-id
jXElBeXIt_g8SVME9uP-ittKBghJBEqYEFGki-IO1Wlaax7XA-NZFg==
beacon.min.js
signal-beacon.s-onetag.com/
31 KB
10 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-5.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37f424eea05384463f70a2ecb799c322c916e2b9323653727f4cc5568c1b0742

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Apr 2021 09:44:55 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 09:44:52 GMT
server
AmazonS3
age
25247
etag
W/"3e418fc39dad0c90aff6d17eadfe9519"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
IrrACI0BmelTxIZLhvSEXy.JNq1bnCUG
via
1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
UMWUkKcQx5-idvbivtCpJc3y8Y3wadTiWx9PW5hLf2vGKh9N23xzrg==
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=2&tid=8c1704c3-a9f1-4bc3-ba01-1f9f9526b67b&pid=ee82453a-eaa9-4598-99a9-8e054c8ae0d9&dtm=1618850741896&qnm=_matherq&visible=1&tabid=26d25ac1-26d6-4e13-a22a-7fec99b95367&url=https%3A%2F%2Fwww.heraldnet.com%2F&vp=1600x1200&ds=1600x1200&tofa=1618850742&vid=1&lvidt=1618850742&duid=4f20ba2adc712582&fp=1072425006&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxODg1MDczOTk2NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZmV0Y2hTIjoiNTMyIiwiZG9tYWluUyI6IjUzMyIsImRvbWFpbkUiOiI1MzQiLCJjb25uUyI6IjUzNCIsImNvbm5FIjoiNzY5Iiwic3NsUyI6IjU0OCIsInJlcXVTIjoiNzcwIiwicmVzcFMiOiI5MTIiLCJyZXNwRSI6IjEwMjEiLCJkb21Mb2FkIjoiOTE0In0sImtleXdvcmRzIjpbImhlYWRsaW5lcyJdfQ
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-210-103.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:42 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/
44 B
258 B
Image
General
Full URL
https://www.facebook.com/tr/?id=869459273124027&ev=PageView&dl=https%3A%2F%2Fwww.heraldnet.com%2F&rl=&if=false&ts=1618850741926&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618850741923.2045869920&it=1618850741781&coo=false&rqm=GET
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 19 Apr 2021 16:45:41 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-109002081-1&cid=675299959.1618850742&jid=1527906938&gjid=206776844&_gid=880704821.1618850742&_u=KEDAAUABAAAAAC~&z=1193931296
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Apr 2021 16:45:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-109002081-7&cid=675299959.1618850742&jid=626858736&gjid=2049370204&_gid=880704821.1618850742&_u=KEDAAUABAAAAAC~&z=875614217
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Apr 2021 16:45:41 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7DFE
610 B
991 B
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1618817478.900255"
last-modified
Mon, 19 Apr 2021 06:50:12 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Mon, 19 Apr 2021 16:45:41 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1618850741~rv=41~id=aa10a7731aab6849f2d0d7c612deb123; path=/; Expires=Mon, 19 Apr 2021 16:45:41 GMT; Secure; SameSite=None
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-109002081-1&cid=675299959.1618850742&jid=1527906938&_u=KEDAAUABAAAAAC~&z=2023113575
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-109002081-1&cid=675299959.1618850742&jid=1527906938&_u=KEDAAUABAAAAAC~&z=2023113575
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-109002081-7&cid=675299959.1618850742&jid=626858736&_u=KEDAAUABAAAAAC~&z=914353392
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-109002081-7&cid=675299959.1618850742&jid=626858736&_u=KEDAAUABAAAAAC~&z=914353392
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
placement_invocation
ob.cheqzone.com/
49 KB
20 KB
Script
General
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-26.cdn77.com
Software
BunnyCDN-DE1-657 /
Resource Hash
4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
br
cdn-edgestorageid
657
cdn-cachedat
2021-03-31 10:58:49
cdn-pullzone
62714
cheq_headers_order
Content-Type Cache-Control Expires Etag Date Connection Content-Length
server
BunnyCDN-DE1-657
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control
public, max-age=43200
cdn-requestid
873859a939bb03d6ac6bfdac59e40a44
cdn-requestcountrycode
BE
cdn-requestpullsuccess
True
/
onetag-geo.s-onetag.com/
24 B
426 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-29.zrh50.r.cloudfront.net
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:35:37 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront), 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
age
605
x-amzn-requestid
19aaf417-aef2-4434-80e7-7d52a8826ef5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, ZRH50-C1
x-amz-apigw-id
eCil8F34CYcF7NQ=
content-length
24
x-amz-cf-id
8pDAgGut2vVYC90hLyajC2Rb8r8AWKVndsTwh7ZeehzOgZeWjB8Sig==
jquery.ui.base.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
659 B
714 B
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
bebcba73f4767f64b08599cd5a1c9e893ef1aedd9f0b1e9c670fdacd639c092b

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
659
content-type
text/css
jquery.ui.theme.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
18 KB
18 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.theme.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
0ba1e79d6238797e6b0241fbde95a7f28b297b03f92ec106e95974918c95af18

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
18120
content-type
text/css
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
840 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-4.zrh50.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:53:05 GMT
content-encoding
gzip
server
restify
age
35557
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldnet.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
uXA3rakjvzmMC_uyyiJa5iGr31OU6iu-pY-CQTM7kplnK_Auj3wiFA==
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
show_pla
obs.cheqzone.com/
2 KB
2 KB
Script
General
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.heraldnet.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=848062286245102910618221320968176382111227162782250164027712076882&nc=0&tsf=0&tsfmi=&pv=0&cb=1618850742204&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDM1OTBdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMjAs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJwaHBfdmFyc1wiLFwibnd2aWV3%0D%0AcG9ydHdpZHRoXCIsXCJud3ZpZXdwb3J0aGVpZ2h0XCIsXCJud1NpdGVcIixcIm53UHViRGF0ZVwi%0D%0ALFwibndQcm90b2NvbFwiLFwibndTZXJ2ZXJcIixcIm53RWRpdGlvblwiLFwibndVc2VyQ2tTdWJz%0D%0AY3JpcERheXNcIixcIm53dXNlckNrRGVmYXVsdERheXNcIixcIm53Q29udGVudElkXCIsXCJud0VD%0D%0Ab3B5QWNjZXNzXCIsXCJud0RheVBhc3NBY2Nlc3NcIixcIm53TWV0ZXJBY2Nlc3NcIixcIm53TXVz%0D%0AdFJlZ2lzdGVyXCIsXCJud01ldGVyVGhyZXNob2xkXCIsXCJud01ldGVyRGVmYXVsdERheXNcIixc%0D%0AIm53Q29udGVudENhbGxiYWNrXCIsXCJud0lsbGVnYWxDaGFyc1wiLFwibndQYXNzd29yZExlbmd0%0D%0AaFwiLFwibndEb05vblN1YkNoZWNrXCIsXCJud1NraXBDb25maXJtYXRpb25cIixcIm53VGhlbWVc%0D%0AIixcInVpVmVyc2lvblwiLFwibndMYWJlbENvbG9yXCIsXCJud0lucHV0Rm9udFNpemVcIixcIm53%0D%0ASW5wdXRGb250Q29sb3JcIixcIm53RmFjZWJvb2tcIixcIm53R29vZ2xlXCIsXCJud0RpYWxvZ1dp%0D%0AZHRoXCIsXCJud0RpYWxvZ0hlYWRpbmdcIixcIm53RUNvcHlcIixcIm53RGF5UGFzc1wiLFwibndU%0D%0AZXJtXCIsXCJud1dlbGNvbWVcIixcIm53TWV0ZXJVc2VkXCIsXCJud0xvZ2luSWNvblwiLFwibndM%0D%0Ab2dpbkluc3RydWN0XCIsXCJud0xvZ2luSWRMYWJlbFwiLFwibndQYXNzd29yZExhYmVsXCIsXCJu%0D%0Ad0J1dHRvbkxvZ2luXCIsXCJud0J1dHRvbkNhbmNlbFwiLFwibndCdXR0b25SZWdpc3RlclwiLFwi%0D%0AbndJbnZhbGlkTG9naW5cIixcIm53Tm9WYWxpZFN1YnNjcmlwXCIsXCJud0luc3VmZmljaWVudEZ1%0D%0AbmRzXCIsXCJud0ZvcmdvdFBhc3N3b3JkTGlua1RleHRcIixcIm53UHVyY2hhc2VPcHRpb25zSGVh%0D%0AZGluZ1wiLFwibndEYXlQYXNzSGVhZGluZ1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0i%0D%0AXSxbLTgsIi0iXSxbLTksIi0iXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wi%0D%0AZGVzY3JpcHRpb25cIixcIm5ld3Nfa2V5d29yZHNcIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlw%0D%0AdGlvblwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiXX0iXSxbLTEy%0D%0ALCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0s%0D%0AWy0xNywiMTYiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxc%0D%0AIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1c%0D%0AIixcIi1cIl0iXSxbLTIwLCI2NzUyOTk5NTkuMTYxODg1MDc0MiJdLFstMjEsIlBUOHdTV2w3Il0s%0D%0AWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2%0D%0ALCJ7XCJ0amhzXCI6MTAwMDAwMDAsXCJ1amhzXCI6MTAwMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAw%0D%0AMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1wi%0D%0AdlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2%0D%0AXCIsMF0iXSxbLTMxLCJ0cnVlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwi%0D%0AWzE2MTg4NTA3NDIxOTAsLTJdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItIl0s%0D%0AWy0zOCwibCwtMSwtMSw1MzIsMCwxLDAsMSwyMzUsMjUxLC0xNjE4ODUwNzQwOTg1LDAsLCwyMjI2%0D%0ALDIyMjYiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1v%0D%0AemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEs%0D%0AIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMDAwMDAwMDAwMTExMDExMDAi%0D%0AXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCww%0D%0ALDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV1cm9wZS9C%0D%0AZXJsaW4sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5jaCIs%0D%0ANjFdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A0%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=gnJ2Dcuh1W&sdd=%7B%7D&pto=2243
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f8f6b53a798ea07aac5fc7d4babc3aaaab97ddb27fb117de2f5c3ec107503879

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1421
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/plugins/ Frame E43E
44 KB
14 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.heraldnet.com%2F%23pd_a_10799437&layout=button_count&send=true&show_faces=false&width=450&action=like&colorscheme=light&height=20
Requested by
Host: secure.polldaddy.com
URL: https://secure.polldaddy.com/p/10799437.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc2ff6223e7966baa37c4790f5944631d23b41ab78dc058cae8678a0c3600f5a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https%3A%2F%2Fwww.heraldnet.com%2F%23pd_a_10799437&layout=button_count&send=true&show_faces=false&width=450&action=like&colorscheme=light&height=20
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=085wQgiDhODOaBhas..BgfbO1...1.0.BgfbO1.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
1X8aepdCpSDlzlFbFsEcL/E32R6E5/tjtlL1fj0i4rjaJZHffvyBEELVBZWEhJIQ3kiFbio6yWWysprWy2TiXw==
date
Mon, 19 Apr 2021 16:45:42 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
tweet_button.html
platform.twitter.com/widgets/ Frame D211
58 KB
19 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.html?url=https%3A%2F%2Fwww.heraldnet.com%2F&text=The%20Herald%27s%20Athlete%20of%20the%20Week%20for%20April%205-11
Requested by
Host: secure.polldaddy.com
URL: https://secure.polldaddy.com/p/10799437.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
262f8625b518a30d7544a7a78671b3357e0665634ce1c4106ebd5f7500befddb

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldnet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
108
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Apr 2021 16:45:42 GMT
Etag
"a24262c75c9de6f2676d1d6de3291034+gzip"
Last-Modified
Thu, 15 Apr 2021 22:48:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668D)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
19235
googima.js
ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.14/
71 KB
21 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.8.14/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
972ac298dd2a05e110d4b7b214603764bab15a60a50908cc26dd58e8762b4b50

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
age
428899
x-cache
HIT
content-length
21417
via
1.1 varnish
x-served-by
cache-fra19175-FRA
last-modified
Tue, 13 Apr 2021 15:55:01 GMT
server
AmazonS3
x-timer
S1618850742.254971,VS0,VE0
etag
"00dc40f35b2964d6e90ddd1f70952e1d"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
3784
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.20.2/
57 KB
17 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.20.2/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
age
151
x-cache
HIT
content-length
17364
via
1.1 varnish
x-served-by
cache-fra19175-FRA
last-modified
Tue, 13 Apr 2021 16:40:49 GMT
server
AmazonS3
x-timer
S1618850742.254966,VS0,VE0
etag
"2d642e2770c705fe7a30a5a3a28396ea"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
323
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.20.2/
299 KB
76 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.20.2/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
400d0cf8ae321fc33886909f2b45df91590d41f0ec0cb9c183945e7c3c75c4de

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
age
428897
x-cache
HIT
content-length
78081
via
1.1 varnish
x-served-by
cache-fra19175-FRA
last-modified
Tue, 13 Apr 2021 16:40:40 GMT
server
AmazonS3
x-timer
S1618850742.254959,VS0,VE0
etag
"99acc114450dd6974e7a028fc5903756"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
4804
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/
14 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1719749
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2379
cf-request-id
098c9f180a0000dfcf5e34a000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6zZwHWusq0dLuV6eoYjRav9gX2Q8baiIefG7%2Bo0PbdBj0CI9zLJYBTtL35HbBbJwZAggbR%2Fz8u6OsBg5XImpVOFWcTZtT3XzwtDXwekGnFX0zpqaQOe6s9piJszPk0PE3g%3D%3D"}],"max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
64279ad34b24dfcf-FRA
expires
Sat, 09 Apr 2022 16:45:42 GMT
vanilla-js-carousel.css
widgets.recruitology.com/lib/
4 KB
1 KB
Stylesheet
General
Full URL
https://widgets.recruitology.com/lib/vanilla-js-carousel.css
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2bcbd6f6d23664abb09edc9db55802300eee4bf73fcbff4da59e4e55dca4a9c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 02:54:25 GMT
content-encoding
gzip
etag
W/"6b96e2688c941559fa06c6d8f3206640"
last-modified
Fri, 06 Apr 2018 21:01:13 GMT
server
AmazonS3
age
49878
x-amz-meta-cb-modifiedtime
Fri, 06 Apr 2018 20:15:27 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ZnvVvgvwnIg4uS6wdd-zWuEr-j_Gwg4lC2nPcJtsQWP12hCYhEBPsQ==
gy88xrwMrIzl7H1x2CES5jeDBMxej3.json
widgets.recruitology.com/data/
2 B
452 B
Fetch
General
Full URL
https://widgets.recruitology.com/data/gy88xrwMrIzl7H1x2CES5jeDBMxej3.json
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
content-length
2
last-modified
Tue, 06 Apr 2021 03:04:34 GMT
server
AmazonS3
etag
"d751713988987e9331980363e24189ce"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, public
accept-ranges
bytes
x-amz-cf-id
WHoz80YcaYTgGT90_4oI5BEwxaz-nzZs-z1FqP0mH8GkpmIIBpowRQ==
expires
Mon, 19 Apr 2021 16:33:28 GMT
0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.json
widgets.recruitology.com/data/
3 KB
1 KB
Fetch
General
Full URL
https://widgets.recruitology.com/data/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.json
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80ebf145974758185f90b6a2474f68ca795324759d84dd35ab2f24bcb4955337

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Mon, 19 Apr 2021 16:31:29 GMT
server
AmazonS3
etag
W/"8ff2aa1c45d677f5e0eca24d885f4e11"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
qK_1Zq75hflZBPAS1owxR3fzqCITWW3JiAqZA0zfshHJsS-b129mfw==
expires
Mon, 19 Apr 2021 16:33:28 GMT
widget_app_base_1618819690699.js
cdn.userway.org/widgetapp/2021-04-19/
88 KB
23 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2021-04-19/widget_app_base_1618819690699.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1535a53d2967255b5595729e74fa6e33dfac334651f102e826a0d7bd117b4ec9

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 19 Apr 2021 16:45:42 GMT
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
x-77-nzt-ray
chLg/vViPzg=
age
2
x-77-cache
HIT
x-cache
HIT
x-age
29440
content-encoding
br
x-77-nzt
AcO1rzIRmfXvAHMAAA==
last-modified
Mon, 19 Apr 2021 08:09:09 GMT
server
CDN77-Turbo
etag
W/"251e61d5df3e87fb485292303bf3dfa1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
f73_o2tIqO83i_5zlMv5zmG42aLDropWIdos8ggt88LyDVgcLc4i7A==
/
onetag-geo.s-onetag.com/
24 B
427 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-29.zrh50.r.cloudfront.net
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:35:37 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront), 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
age
605
x-amzn-requestid
19aaf417-aef2-4434-80e7-7d52a8826ef5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, ZRH50-C1
x-amz-apigw-id
eCil8F34CYcF7NQ=
content-length
24
x-amz-cf-id
q5E1Y5SdpHn88HLqdzh9ipXl-iJei4i59CAwaPKtcJCx_WSODjHOcQ==
CA8VODPCEeqrlkJwNtssXA.json
entitlements.jwplayer.com/
69 B
243 B
XHR
General
Full URL
https://entitlements.jwplayer.com/CA8VODPCEeqrlkJwNtssXA.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2A4) /
Resource Hash
6c25b5c0ed51665f0003fc29d4a4f1b4cc2210b67d564ba6ac9451fe38ee6e9a

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 14:44:05 GMT
server
ECAcc (frd/E2A4)
age
7297
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=11760
accept-ranges
bytes
content-length
74
ima3.js
imasdk.googleapis.com/js/sdkloader/
334 KB
115 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117037
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:42 GMT
jot
syndication.twitter.com/i/ Frame D211
43 B
455 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22language%22%3A%22en%22%2C%22message%22%3A%22m%3A%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.heraldnet.com%2F%22%2C%22widget_frame%22%3A%7B%22ancestorOrigins%22%3A%7B%220%22%3A%22https%3A%2F%2Fwww.heraldnet.com%22%7D%2C%22href%22%3A%22https%3A%2F%2Fplatform.twitter.com%2Fwidgets%2Ftweet_button.html%3Furl%3Dhttps%253A%252F%252Fwww.heraldnet.com%252F%26text%3DThe%2520Herald%2527s%2520Athlete%2520of%2520the%2520Week%2520for%2520April%25205-11%22%2C%22origin%22%3A%22https%3A%2F%2Fplatform.twitter.com%22%2C%22protocol%22%3A%22https%3A%22%2C%22host%22%3A%22platform.twitter.com%22%2C%22hostname%22%3A%22platform.twitter.com%22%2C%22port%22%3A%22%22%2C%22pathname%22%3A%22%2Fwidgets%2Ftweet_button.html%22%2C%22search%22%3A%22%3Furl%3Dhttps%253A%252F%252Fwww.heraldnet.com%252F%26text%3DThe%2520Herald%2527s%2520Athlete%2520of%2520the%2520Week%2520for%2520April%25205-11%22%2C%22hash%22%3A%22%22%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1618850742302%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22ff2e7cf%3A1618526400629%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/tweet_button.html?url=https%3A%2F%2Fwww.heraldnet.com%2F&text=The%20Herald%27s%20Athlete%20of%20the%20Week%20for%20April%205-11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
157
pragma
no-cache
last-modified
Mon, 19 Apr 2021 16:45:42 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c2166840dbe24494adb79a390c554567
x-transaction
00c274cf00c5f530
expires
Tue, 31 Mar 1981 05:00:00 GMT
ad76608985bc5f0516a88f274776caa0
soundpublishing.blueconic.net/plugin/plugin/
216 KB
51 KB
Script
General
Full URL
https://soundpublishing.blueconic.net/plugin/plugin/ad76608985bc5f0516a88f274776caa0
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
67e483e657b7ee64bf099313a30abe5aa35768cf3533a2b3fde5845559e1c57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Apr 2021 16:45:42 GMT
server
-
etag
ad76608985bc5f0516a88f274776caa0
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
51713
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 16:45:42 GMT
jquery.ui.core.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
1 KB
1 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.core.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
a67e08f8b9d51012b45d2d4c10a502329849730b93d3f64cbe9c125bc9a95099

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
1317
content-type
text/css
jquery.ui.accordion.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
1 KB
1 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.accordion.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
b539e4e49bc544295400b6af2432515133af9f842399ad5a13f8d8931e579a07

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
1066
content-type
text/css
jquery.ui.autocomplete.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
1 KB
1 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.autocomplete.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
5116785d741135ddae0e5f45dc18fa10c99ab9e1ebd551f754cc20e3512ec0b1

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
1108
content-type
text/css
jquery.ui.button.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
2 KB
2 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.button.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
b6883299c3d3152bb389cf1891a6b3680fa43e740970c99f9d7cb2ef22ebc4e8

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
2490
content-type
text/css
jquery.ui.datepicker.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
4 KB
4 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.datepicker.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
c1d62ef27bbd69aeba42f62953fcb0b3fe8c7ed157d34a3e0873c94c0c72bdd6

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
4061
content-type
text/css
jquery.ui.dialog.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
1 KB
1 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.dialog.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
e88b98ae9e7861ba27ac35185b92656e16a4f2762ba483212ce6d90bf0db9f3c

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
1358
content-type
text/css
jquery.ui.progressbar.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
375 B
430 B
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.progressbar.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
54d37ef3359431f625b3fcd7949709afde6d6f7be2b70b2f4a029a216995a27c

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
375
content-type
text/css
jquery.ui.resizable.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
1 KB
1 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.resizable.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
ba2e79472ddd8ef226db6c38902360775b52a6fdb41a3bfed2eada6d3fd3a0f5

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
1172
content-type
text/css
jquery.ui.selectable.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
323 B
378 B
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.selectable.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
df58f6744dec6aadf10b274f313e5b9fa923bbdc8392626864386d28ff6b6e63

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
323
content-type
text/css
jquery.ui.slider.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
1 KB
1 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.slider.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
b39ffd22ab4b2d2866ad094f9776fb09a84c7da1bd596375ba90eccbaaf14e3e

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
1140
content-type
text/css
jquery.ui.tabs.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/
1 KB
1 KB
Stylesheet
General
Full URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.tabs.css
Requested by
Host: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.63.206 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
WildFly/11 / Undertow/1
Resource Hash
5705067b04a9723496336e0230d78363dc32ef4a1065199d2c0f0a2e7cbef57d

Request headers

Referer
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:47:20 GMT
last-modified
Mon, 06 Apr 2020 16:00:46 GMT
server
WildFly/11
accept-ranges
bytes
x-powered-by
Undertow/1
content-length
1383
content-type
text/css
/
onetag-geo.s-onetag.com/
24 B
427 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-29.zrh50.r.cloudfront.net
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:35:37 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront), 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
age
605
x-amzn-requestid
19aaf417-aef2-4434-80e7-7d52a8826ef5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, ZRH50-C1
x-amz-apigw-id
eCil8F34CYcF7NQ=
content-length
24
x-amz-cf-id
ZhjdmAFAHZ3Sbsua5tQEfzgQdrR1mi9BAXJUSaDzXVL9kUsBexsVJg==
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame E43E
400 B
670 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.heraldnet.com%2F%23pd_a_10799437&layout=button_count&send=true&show_faces=false&width=450&action=like&colorscheme=light&height=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
WYmiIDTmjlQg8mhp/sNR2V34SjOBWaDHIQhWiwPRjrHn525NbtLRSw/uk7n12GpMu8z2qRGJ10oy7He5V92HOQ==
x-fb-trip-id
917726464
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Mon, 19 Apr 2021 16:45:42 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
400
x-fb-rlafr
0
expires
Fri, 08 Apr 2022 21:17:01 GMT
18_Jf4ZwCu4.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/ Frame E43E
481 KB
125 KB
XHR
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/18_Jf4ZwCu4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.heraldnet.com%2F%23pd_a_10799437&layout=button_count&send=true&show_faces=false&width=450&action=like&colorscheme=light&height=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc5ddc93ea153c05202bb974dbd591cf30ce83474d1d24aa30d5740e20955c8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CtARvuHzcGTLtMIE4muLag==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
127361
x-fb-rlafr
0
x-fb-debug
NlAfpcIwodyxi+AFS/0egDjjgONrAZHWDb+AfmTX2XB7sKjci49drHkgd8GOBox0vMln0IZ6kamW0KYtY/w1uA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Apr 2022 02:36:31 GMT
18_Jf4ZwCu4.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/ Frame E43E
481 KB
124 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yl/l/en_US/18_Jf4ZwCu4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.heraldnet.com%2F%23pd_a_10799437&layout=button_count&send=true&show_faces=false&width=450&action=like&colorscheme=light&height=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc5ddc93ea153c05202bb974dbd591cf30ce83474d1d24aa30d5740e20955c8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CtARvuHzcGTLtMIE4muLag==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
127361
x-fb-rlafr
0
x-fb-debug
RevKejTtJryWvZmRCS+X3TluIBKn+G6z6mBCNOyFDjEjIfMjLpsE23watkMJH3W16zogTLJJSy2aMWW+7gFaig==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 16 Apr 2022 18:20:13 GMT
bridge3.452.0_en.html
imasdk.googleapis.com/js/core/ Frame 1982
573 KB
187 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.452.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1314465e7736d414ff6f92885818c878f0716ef30c1a1f0046e35535f9f730ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.452.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191779
date
Sun, 18 Apr 2021 14:13:14 GMT
expires
Mon, 18 Apr 2022 14:13:14 GMT
last-modified
Thu, 15 Apr 2021 20:25:04 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
95548
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:42 GMT
HEcDOP2vLC
api.userway.org/api/tunings/
738 B
790 B
XHR
General
Full URL
https://api.userway.org/api/tunings/HEcDOP2vLC
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-04-19/widget_app_base_1618819690699.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.138.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-138-29.us-west-2.compute.amazonaws.com
Software
_ / Express
Resource Hash
e751b37cc56eae3eece72b87b02a919925dce3f4b6476be21cfa38d9bdb2e394

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
etag
W/"2e2-XvEksurT74j6VHlmThjwh2pd3cA"
server
_
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
access-control-allow-headers
Authorization,Origin,X-Requested-With,Content-Type,Accept,Cache-Control,If-Modified-Since,Pragma,X-Auth-Language,X-Auth-Token,X-Spl-Token
expires
Mon, 19 Apr 2021 16:45:42 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E61D
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1336
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Mon, 19 Apr 2021 17:23:26 GMT
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
830 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-4.zrh50.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:53:05 GMT
content-encoding
gzip
server
restify
age
35557
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldnet.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
0crq-LAq-iE7jKZujX0Oe24mWEpD7tR40Pu_iNCt_v8Ie2xPQwVCew==
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=869459273124027&ev=Microdata&dl=https%3A%2F%2Fwww.heraldnet.com%2F&rl=&if=false&ts=1618850742449&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com%22%2C%22meta%3Adescription%22%3A%22News%20of%20Everett%2C%20Marysville%2C%20Edmonds%2C%20Lynnwood%2C%20Lake%20Stevens%2C%20Mukilteo%2C%20Arlington%2C%20Monroe%2C%20Bothell%20and%20all%20of%20Snohomish%20County%2C%20Washington.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22The%20Daily%20Herald%22%2C%22og%3Adescription%22%3A%22Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heraldnet.com%2F%22%2C%22og%3Asite_name%22%3A%22HeraldNet.com%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fheraldnet.wpengine.com%2Fwp-content%2Fuploads%2F2016%2F06%2FHeraldNet.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldnet.com%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.heraldnet.com%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1618850741923.2045869920&it=1618850741781&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 19 Apr 2021 16:45:42 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame E43E
67 B
97 B
Image
General
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1618850742376&t_start=1618850742377&t_domcontent=1618850742382&t_layout=1618850742454&t_onload=1618850742454&t_paint=1618850742454&t_creport=1618850742454&t_tti=1618850742382&lid=6952910995678266942-0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.heraldnet.com%2F%23pd_a_10799437&layout=button_count&send=true&show_faces=false&width=450&action=like&colorscheme=light&height=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
DfgWzU7pIAl0N1KdEtYLZgJzAdbYhWS5j1jFrv5LTZJXp7dqHULEmozaNUHEGrcC4twi/GMB/T+uGYLIrzNbhg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Apr 2021 16:45:42 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1618850742487&sessionId=b59b23c7-8b6a-52f0-173e-126eeded4806&url=www.heraldnet.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:42 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c89dffb6ee58d413b8deb961a73388fc
Content-Length
4
Expires
0
/
onetag-geo.s-onetag.com/
24 B
428 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-29.zrh50.r.cloudfront.net
Software
/
Resource Hash
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:35:37 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront), 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
age
605
x-amzn-requestid
19aaf417-aef2-4434-80e7-7d52a8826ef5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, ZRH50-C1
x-amz-apigw-id
eCil8F34CYcF7NQ=
content-length
24
x-amz-cf-id
mISBPLBfgeXgXfw1HuYGcqyzvIh7P-B6T-SprFMoP9ZqYJDqy0C-9A==
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
324 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1618850742544&sessionId=b59b23c7-8b6a-52f0-173e-126eeded4806&url=www.heraldnet.com&cheqSource=1&cheqEvent=2&responseTime=580
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:42 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
6d969d1b48d39211785fa7c1c7a2774
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/
43 B
135 B
Image
General
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136be6cf30ea408e9f9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c1d1bcf0dee7e4102ba527b5bba97c5535bdd36499b44ae5464001835e0f8086c38681eb923bce6a88dee2da29b92a2a61df2a2fc3c0c6482186ee74ad57e6904bc573f928114a57986dff439cd0be71f8df78d209f2c3d6dc778d574261fa48585273463387e223b2429494d46ae58e62fe8121d6c2b1af33cfa0e91f3e47d9a70f168cf9580859babdb260b8279cea5af3e32fb160bd379553c809d1a83ddb0721e4aa8e7b3c39601f370d5c15c7fd9e3fc008a5313b5135eae65dd599041ebbe9cdb0b870d0aeb1bec0aded82140a62bf1ed8e14b64c701204ecb711e317efc7be2&cb=1618850742540&cri=gnJ2Dcuh1W
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:42 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid_FtSDHt.js
b2cdn.automatad.com/js/
190 KB
63 KB
Script
General
Full URL
https://b2cdn.automatad.com/js/prebid_FtSDHt.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/FtSDHt/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-197.datapacket.com
Software
BunnyCDN-DE1-487 /
Resource Hash
d41dc5e09c78f2a0c74517646d0f1f582f98256b20c3081e8269685f067fe220

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
br
x-openstack-request-id
txacd00d026d974dd3a91c1-006050206e
cdn-edgestorageid
487, 617
access-control-allow-origin
*
x-iplb-instance
28796
cdn-cachedat
2021-03-16 04:16:21
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
txacd00d026d974dd3a91c1-006050206e
x-timestamp
1615863835.85421
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 16 Mar 2021 03:03:56 GMT
server
BunnyCDN-DE1-487
cdn-requestpullcode
200
x-iplb-request-id
B95D01F1:B441_8E2CE366:01BB_6050206E_1343A2E:249B0
vary
Accept-Encoding
x-object-meta-mtime
1607430914.998595058
cdn-cache
REVALIDATED
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
b83536f2e153d8e1cd0fafedb6c959cb
content-type
application/javascript
cdn-requestcountrycode
BE
cdn-requestpullsuccess
True
b13fa292e488f686e1df49e0043faac0
soundpublishing.blueconic.net/plugin/library/
501 KB
155 KB
Script
General
Full URL
https://soundpublishing.blueconic.net/plugin/library/b13fa292e488f686e1df49e0043faac0
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
d071d6a42e0fcda15e8c56d7f49f0152e2b93e6e754bbe91911ff6ddaf9890bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 18 Apr 2021 16:45:42 GMT
server
-
etag
b13fa292e488f686e1df49e0043faac0
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
158144
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 16:45:42 GMT
LB-Zone-1
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467/
2 KB
1 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467/LB-Zone-1?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=&bctempid=2bd5315a-4124-49aa-be88-95ee4bf1be22&overruleReferrer=&time=2021-04-19T18%3A45%3A42%2B02%3A00&ts=1618850742678
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
cd5f276369776160d635bdc8121c3e858bfaf1edbdfc20632f30c17d4d144ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
749
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
EDH_Product_App_Edition_320x100.jpg
soundpublishing.blueconic.net/rest/dialogues/files/c2474a89-303e-48e3-82a4-bd1ce0297b9c/
17 KB
17 KB
Image
General
Full URL
https://soundpublishing.blueconic.net/rest/dialogues/files/c2474a89-303e-48e3-82a4-bd1ce0297b9c/EDH_Product_App_Edition_320x100.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
9915ad7020bb23a7b29d02edcfe774bc20361aca35230c82c0feae7a8c341214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 18 Apr 2021 16:45:42 GMT
server
-
etag
61963b8c6836d41ef0d153b0bd88fe37
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
image/jpeg
content-length
17092
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 16:45:42 GMT
EDH_Product_Print_320x100.jpg
soundpublishing.blueconic.net/rest/dialogues/files/47a2bde1-0593-44d4-955c-b8e19ccc2792/
19 KB
20 KB
Image
General
Full URL
https://soundpublishing.blueconic.net/rest/dialogues/files/47a2bde1-0593-44d4-955c-b8e19ccc2792/EDH_Product_Print_320x100.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
42ad3e306d4071ccd181d2928456f12f209e82159874ba8bcd06f98d9b740755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 18 Apr 2021 16:45:42 GMT
server
-
etag
cb8fd39cc9d3ad1572bc7d9ff081923c
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
image/jpeg
content-length
19498
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 16:45:42 GMT
fontawesome-webfont.woff2
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.heraldnet.com
Referer
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
last-modified
Tue, 19 Sep 2017 19:17:53 GMT
server
NetDNA-cache/2.2
etag
"59c16d61-12d68"
vary
Accept-Encoding
x-cache
MISS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
77160
truncated
/ Frame D211
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
fpi.js
ap.lijit.com/www/delivery/ Frame E7D5
5 KB
3 KB
Script
General
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"60468d89-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
apstag.js
c.amazon-adsystem.com/aax2/
125 KB
33 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:44:14 GMT
content-encoding
gzip
server
Server
age
88
etag
24ac8c0f0d59670e43bc0b1990070642
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
cntORbdinoTEg._SSRcm2IZ7YHrE5fKg
x-amz-cf-id
yQoGS8G8ZrwWsDHi92pIt_p7MIb6o1uuRzyQd62NNYzlpYJs19voaQ==
80.png
everett.newzware.com/newzlib/images/milky-icons/48/
3 KB
3 KB
Image
General
Full URL
https://everett.newzware.com/newzlib/images/milky-icons/48/80.png
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
161.129.63.157 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Resource Hash
ec8a03c4246607e0da9412b75a0509000a06184380b5746170ff2dc90edb7d8f

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
ETag
W/"2851-1573140623000"
Last-Modified
Thu, 07 Nov 2019 15:30:23 GMT
Server
Apache-Coyote/1.1
X-Powered-By
Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Content-Type
image/png
Connection
close
Content-Length
2851
23.png
everett.newzware.com/newzlib/images/milky-icons/48/
4 KB
5 KB
Image
General
Full URL
https://everett.newzware.com/newzlib/images/milky-icons/48/23.png
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
161.129.63.157 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Resource Hash
48f713e21645adc946b64429cd6f40eafa6afe56fca53d61a93c8be3f937f096

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
ETag
W/"4395-1573140623000"
Last-Modified
Thu, 07 Nov 2019 15:30:23 GMT
Server
Apache-Coyote/1.1
X-Powered-By
Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Content-Type
image/png
Connection
close
Content-Length
4395
84.png
everett.newzware.com/newzlib/images/milky-icons/48/
2 KB
3 KB
Image
General
Full URL
https://everett.newzware.com/newzlib/images/milky-icons/48/84.png
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
161.129.63.157 , United States, ASN393527 (ICANON, US),
Reverse DNS
Software
Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Resource Hash
74c8444d737906c79b9d10b45bff07012bd2b7b2e65bcbf9b9e24f6686f7a4c5

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
ETag
W/"2420-1573140623000"
Last-Modified
Thu, 07 Nov 2019 15:30:23 GMT
Server
Apache-Coyote/1.1
X-Powered-By
Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)/JBossWeb-2.0
Content-Type
image/png
Connection
close
Content-Length
2420
cs
soundpublishing.blueconic.net/DG/DEFAULT/
66 B
858 B
Script
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/cs?bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&&callback=bc_json468
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
0c89be77331ea60874a60cfe55b66c3917c72bc3584db0b8ea3e23faad36b5e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
api.recruitology.com/job_board/widget/impression/create/209/
76 B
365 B
Script
General
Full URL
https://api.recruitology.com/job_board/widget/impression/create/209/?beacon_hash_ids=r8ogawkc6ow4l5z10y6yr5vwhy6o6p,w5edo05r792fybjm8xedrxpe3tzd04,nz5yqs0e94wblcedvzqx14qif0koj6,8zsf0kvjubpsakv6vp24y60djeus9p,tw858jrnw5s2d63a0ks7ii8u4ggei4,3nv8n73c291bcoofni3um6ed5n9dul,xlpm5ysadv0ot8xxwwch1rqq0qw8az,cmapvn7qiiy8uryjjvhyiz5waqqyj6&callback=onLogImpressionComplete&t=1618850743268
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.123.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.123.117.34.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8d0375a5a2c9c5a0efae14e0d606a6ae4d455591dae67e2ab555fde96b492e6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
via
1.1 google
vary
Cookie
server
Apache/2.4.38 (Debian)
x-frame-options
SAMEORIGIN
allow
POST, GET, OPTIONS
content-type
text/javascript; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
76
sync
ap.lijit.com/ Frame E7D5
87 KB
20 KB
Script
General
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 20:48:41 GMT
Server
nginx
ETag
W/"60468da9-15bdc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Tue, 20 Apr 2021 16:45:43 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
2 KB
1 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743411
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
197dc8f7a586bafd68c94b77ce6cb3b977aafb731370137f231842de42a759d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
716
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
246 B
919 B
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743420
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
02968840bd37379e053edd3aaa1a1278e6221b2cc788de01a6b988197b065f8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
185
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/plugin/ad76608985bc5f0516a88f274776caa0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26a7336cc678a07c2e05d26fdbdcd096d3cac3243f6b08cfa2966bcba4f687be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HY/GT41GOjRoD6/zmppaPg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1782
x-fb-rlafr
0
x-fb-debug
67jzGY1F5LR5DWULzAQwfUo/+CEqPhRO0Y7HqLk/N2GMUg4mTAYNlKexU6Zvye+TV3HdG8MPR+mTBgOG8+qPWg==
x-fb-content-md5
22e2f0e11890c7b4b4e503cddb75cfc3
x-frame-options
DENY
date
Mon, 19 Apr 2021 16:45:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"92fe133fee3b325b133e4c2235b40b5a"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 19 Apr 2021 16:53:35 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
279 B
888 B
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743449
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
fdfc76464eaf6fea9c8e56a8d0aabce68fdad479bd12db874874d17e3beb1545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
153
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
140 B
874 B
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743451
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
0799ca406e24cf80ffb56302fb1512e10a940694c720097c62014e4f0fca533b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
144
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
140 B
880 B
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743452
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
bf536458b5560147dd589df8ab8e5400ec9f902a6ad32a20b6b86a6063c72a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
144
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
3 KB
2 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743514
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
70a976160d9638c26ea5a7b669c994f1b5be29bc0371c74f9a32bfb18e0f7bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1713
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
3 KB
2 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743517
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
87d7f454e807e122c5e603d07ef00a4c2bbafe85b387917c783e67ce2b0afd48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1713
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
3 KB
2 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743520
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
e975461605e231da77d416343725a2f2593f1088d36022c1ad7a1739fe8083fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1713
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
3 KB
2 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743524
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
3f0a410907f0c00576df0edce6061eb887259d98df5bac77f56c94083b22ac3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1713
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
3 KB
2 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743525
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
b644a750f974849ea7c6aa5ed4113b44e267e65dba5012a1dae5eed61188dcf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1713
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
3 KB
2 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743528
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
7701512dc7d4ce601a6a7e636d607a4cec9be090bee829b34fb890ea80bd1956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1713
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
10 KB
5 KB
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=2bd5315a-4124-49aa-be88-95ee4bf1be22&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A43%2B02%3A00&ts=1618850743530
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
8949ade1efe9213784872ce84a8209ef0fa36e0d2c90247874b5c3a13cc4b7e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3979
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
adcfg
ap.lijit.com/ Frame E7D5
158 B
550 B
Script
General
Full URL
https://ap.lijit.com/adcfg?zoneid=658444&tid=6713f24aa96e4d0188e80f8b1ccd3f07db35bcd6&mode=1&dmn=www.heraldnet.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
5bd5b5223235b6aa0d1d35eeb2d062ed550a16859abdd00bf7804b8087560717

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
29694
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Mon, 19 Apr 2021 08:30:50 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Bt2OjWNVqXBHfZLK-jMcxWyS-56QsqtKlgFtZfTmX6CSmOkr52Zkjw==
sdk.js
connect.facebook.net/en_US/
216 KB
64 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=80252c571412919a168ce9762576d006&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52e29f60239353397753521d7db1bedab079d521e615cb13575eac86a5999beb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.heraldnet.com
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TxXQBbb4P1Za823vQwh35g==
cross-origin-resource-policy
cross-origin
expires
Tue, 19 Apr 2022 13:44:55 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65488
x-fb-rlafr
0
x-fb-debug
wjnlspivNu5hxUsoWJ7F/5rtP9nP/vzUTj/Lg/D7ZiHlcCtjDAnNArvXs5gS2V6O0GmsJRK8JxvU6FIRlzl+3A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
49a996c06a709ac113661799a466bccd
date
Mon, 19 Apr 2021 16:45:43 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"54760a22f47d1967c01951e31f56404a"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
addelivery
ap.lijit.com/ Frame E7D5
261 B
858 B
Script
General
Full URL
https://ap.lijit.com/addelivery?zoneid=658444&tid=m_658444_7f8bc54206284cc5bf38804457e9717b&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.heraldnet.com&time=16%3A45%3A43&fd=1&be=sf&loc=https%3A%2F%2Fwww.heraldnet.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.heraldnet.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=m_658444_7f8bc54206284cc5bf38804457e9717b&iv=ov
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
2a92910126221cc07c412537a561ce41eb77a06a5290c8602ffe5f01dc1fa1f2

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
212
bid
c.amazon-adsystem.com/e/dtb/
23 B
373 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heraldnet.com%2F&pid=BxGyN1A5GL4uY&cb=0&ws=1600x1200&v=7.63.00&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit3%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit5%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit7%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit9%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit11%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit13%22%7D%5D&cfgv=0&pubid=f4e5f220-2efc-45a1-869f-0b293f8aec73&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
gvq23RNs9FH7yX2FzjZxGa7X09LClqm-tqC6N6l3vq1lng_9wxgsSQ==
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=1458930781088413&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.heraldnet.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=80252c571412919a168ce9762576d006&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
HccTJ4i2+j5CBiguOXSWjkgyuiHnEKb3sqfHVD4lagsamZW3uJeDmKQEEXtQ62Ezf7T/sgwEoAqEv72quSPIew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Apr 2021 16:45:43 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cookie set beacon
gslbeacon.lijit.com/ Frame 0665
6 KB
2 KB
Document
General
Full URL
https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
7852716279b380bb5f71680ff6cd568a2715c4e082e408b4e45a1f82c63b6125

Request headers

Host
gslbeacon.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldnet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=3c88cbabbdf2d8d9e2a654c2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

Server
nginx
Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxlkD0agDAIQ%2B%2FS2QHKv1fz8%2B7aOhHHl0KacA0eJztnSbDKMdwXTyInWTw7SsfgzkYEChNsbH8uNbP9Dh9UVfyU7EqCJ0PmhJSpwAaMnXEfEs2vQ75Hq83ROwn4KfhpwdVg3hJv2BPdD1amVHY%3D;Path=/;Domain=.lijit.com;Expires=Tue, 19-Apr-2022 16:45:43 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 19-Apr-2022 16:45:43 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=3c88cbabbdf2d8d9e2a654c2;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap4ams1
containertag
ap.lijit.com/ Frame E7D5
60 KB
6 KB
Script
General
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=658444&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
c2dfe119f7e25bb7a525514b69a886050a949f0102c90593cf916e3694ac6559

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame E7D5
43 B
567 B
Image
General
Full URL
https://vap1ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=658444&tid=m_658444_7f8bc54206284cc5bf38804457e9717b
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:43 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame E7D5
43 B
206 B
Image
General
Full URL
https://vap1ams1.lijit.com/data/fp?tid=m_658444_7f8bc54206284cc5bf38804457e9717b&zoneid=658444&starttime=1618850743582&adcfg=5&adcfg_response=32&addelivery=37&addelivery_response=79&lgfired=81&beacon=84&container=88&EOL=89&ctstart=0&elapsed_ms=89
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
Cornfield_Newsletter.jpg
soundpublishing.blueconic.net/rest/dialogues/files/10328104-cee7-42ac-9d3b-100338424d7c/
8 KB
9 KB
Image
General
Full URL
https://soundpublishing.blueconic.net/rest/dialogues/files/10328104-cee7-42ac-9d3b-100338424d7c/Cornfield_Newsletter.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
8ba52f2ac319e0776b27f5ffed869dfaeb7468635bd4d3f60f5e3b5abacf02ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 18 Apr 2021 16:45:43 GMT
server
-
etag
e085c84ab2254f58d67aff2b1b944d52
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
image/jpeg
content-length
8137
x-xss-protection
1; mode=block
expires
Tue, 19 Apr 2022 16:45:43 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame E7D5
0
225 B
Script
General
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=heraldnet.com&GDPR_v2=
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Mon, 19 Apr 2021 16:45:43 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame E7D5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1512&partner_device_id=3c88cbabbdf2d8d9e2a654c2&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=3c88cbabbdf2d8d9e2a654c2&gdpr=1&gdpr_consent=
95 B
427 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=3c88cbabbdf2d8d9e2a654c2&gdpr=1&gdpr_consent=
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Mon, 19 Apr 2021 16:45:43 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1512&partner_device_id=3c88cbabbdf2d8d9e2a654c2&gdpr=1&gdpr_consent=
alt-svc
clear
content-length
0
pixel
ps.eyeota.net/ Frame E7D5
0
344 B
Image
General
Full URL
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=&pid=51md42u&t=gif
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
merge
ce.lijit.com/ Frame E7D5
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=3c88cbabbdf2d8d9e2a654c2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=3c88cbabbdf2d8d9e2a654c2/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:43 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.18.219
content-length
0
expires
0
ct
ap.lijit.com/data/ Frame E7D5
43 B
206 B
Image
General
Full URL
https://ap.lijit.com/data/ct?tid=m_658444_7f8bc54206284cc5bf38804457e9717b&zoneid=658444&cid=18&geo=BE&all_tags=185%2C203%2C205%2C234%2C248%2C383%2C388%2C429%2C458%2C462%2C465%2C490%2C501%2C503%2C512%2C515%2C519%2C520%2C523%2C539%2C541%2C543%2C561%2C563%2C565%2C576%2C578%2C580%2C582%2C584%2C586%2C589%2C590&tss=42%2C42%2C43%2C46&fired_tags=519%2C520%2C541%2C590&count=4&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1&elapsed_ms=47
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:43 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldnet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
28 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2Cadunit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x250&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743756&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=106&adks=406828873&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x30&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d812978a0f1d0bb79763fd50b89b207748c1efb057914c9cc4dd804f147f5f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11605
x-xss-protection
0
google-lineitem-id
5663506935
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345941081
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
54 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2CadUnit1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743766&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=814&adks=3525437857&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x265&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
13fc325336b7b5c212c3456100104e8b9b1783efb2b5a37e548aa3c09250ccc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12202
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
9 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2CadUnit3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743772&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=1223&adks=3954675714&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x265&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
37b4162e33abcc6009f00dfc38da87c797306e58eb913a01954f9ae71d49c69c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5145
x-xss-protection
0
google-lineitem-id
5464832040
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138322130755
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
9 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2CadUnit5&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743778&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=5545&adks=690361786&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x265&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f8e39bd99530ba9621a64a517b14fca581b97ae3e1d4332c59b1b4e4b2fe8759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5117
x-xss-protection
0
google-lineitem-id
5464832040
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138322130740
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2CadUnit7&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743783&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=6190&adks=3685906942&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x265&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
13807993441401a37267a10627b796d90e19cc27d06577e8f272373cad191b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13347
x-xss-protection
0
google-lineitem-id
5643042417
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138343596976
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
34 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2CadUnit9&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743788&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=7092&adks=3180623369&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x265&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d942063c3edf3aa505595b14d85651f4787050dd4a258c7798f6fbc82369dc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13476
x-xss-protection
0
google-lineitem-id
5656571698
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346123715
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
9 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2CadUnit11&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743793&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=8140&adks=2666933970&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x265&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
5ef9915371fd42bbccac2b0b9cedde1a76bff22e665315ac4ad5895cf4b83c7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5144
x-xss-protection
0
google-lineitem-id
5630761365
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138341400531
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
443 B
262 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=280x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743797&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=8543&adks=896601501&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=341x0&msz=280x115&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6a72e6652d6c1e3a45aa5d2ded789a669a4541d28352dea5eccebacace4003fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
449 B
267 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=280x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743802&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=8543&adks=2495933709&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=341x0&msz=280x115&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
54cb413407cd2f75d5991dfe7a8d6e4d09ff2968c471ea2c74a13a50fc389a55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
440 B
262 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743807&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=8543&adks=1197313410&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x0&msz=120x115&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
51d5d82ec00ed4212ddda2738b3f2fc7afd1b3c3d32599308ba9b3ef1d977645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
440 B
261 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743811&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=1156&adys=8543&adks=273575670&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x0&msz=120x115&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
221cf051047f4e6620711bf6e7f4a1e3455515652f0c7c7a80a770b4092b0ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
443 B
263 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2Cadunit101&enc_prev_ius=%2F0%2F1&prev_iu_szs=500x200&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743815&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=2913&adks=1428158900&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=597x0&msz=500x215&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a9f94b464bf639b3090b49f087f182dbe9c778198e4d6e9ee433f56944c0ab3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
453 B
267 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177256747203230&correlator=1549006942572564&output=ldjh&impl=fif&eid=31060311%2C31060439%2C31060843%2C31060707&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210419&iu_parts=1036994%2Chome-video-support&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x50&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1618850743&dt=1618850743819&dlt=1618850740878&idt=1188&frm=20&biw=1600&bih=1200&oid=3&adxs=900&adys=3770&adks=3817026097&ucis=d&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=426x0&msz=300x265&ga_vid=675299959.1618850742&ga_sid=1618850744&ga_hid=238188580&ga_fc=false&fws=132&ohw=1600&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
aa93136145b51eccf8ceb7cf34a21f3163bc0b2b89cf06d6916aae09b7c48bc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
body_wh.svg
cdn.userway.org/widgetapp/images/
931 B
897 B
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 19 Apr 2021 16:45:43 GMT
via
1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-77-nzt-ray
vTYBkmD4x1w=
age
19
x-77-cache
HIT
x-cache
HIT
x-age
88586
content-encoding
br
x-77-nzt
AcO1rzJmGebvCloBAA==
last-modified
Mon, 18 Jan 2021 11:14:30 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
content-type
image/svg+xml
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
0gm788i4Qvsu-OPNdMosnlEyNyieioB9WsOU1KUtQOZYY1NyQNG8Zw==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
941 B
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 19 Apr 2021 16:45:43 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-77-nzt-ray
5F46/4gSqEQ=
age
20
x-77-cache
HIT
x-cache
HIT
x-age
88586
content-encoding
br
x-77-nzt
AcO1rzLPWPLvCloBAA==
last-modified
Mon, 18 Jan 2021 11:14:30 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000, public
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
td5NZCUrUEE5z29qs1kyIA8YY1cJoGdKDOSZKpM7-2jJyGBLkRLjcg==
sync
x.bidswitch.net/ Frame 0665
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.54.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=3c88cbabbdf2d8d9e2a654c2/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:43 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=263c02d27c970ea81123082b0b08109a&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.29.243
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 0665
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy&google_tc=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 0665
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
0
0
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:43 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=3c88cbabbdf2d8d9e2a654c2&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:3af07a10eb6573972ef74f7d04dd4a13
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:3af07a10eb6573972ef74f7d04dd4a13
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 19 Apr 2021 16:45:44 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:3af07a10eb6573972ef74f7d04dd4a13
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-16-48.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
tum
ums.acuityplatform.com/ Frame 0665
0
0

merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:46 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:46 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
no_match_opted_out
um.simpli.fi/ Frame 0665
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1618850743713&gdpr=1&gdpr_consent=
  • https://um.simpli.fi/no_match_opted_out
0
272 B
Image
General
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Apr 2021 16:45:43 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 19 Apr 2021 16:45:43 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 18 Apr 2021 16:45:43 GMT
reporting
ap.lijit.com/dsp/google/ Frame 0665
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=M2M4OGNiYWJiZGYyZDhkOWUyYTY1NGMy
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B
Image
General
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
data.adsrvr.org/track/cmf/ Frame 0665
70 B
265 B
Image
General
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=41af8265-cb5a-4f9c-94c3-6a46770de748
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=87&3pid=41af8265-cb5a-4f9c-94c3-6a46770de748
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=41af8265-cb5a-4f9c-94c3-6a46770de748
Date
Mon, 19 Apr 2021 16:45:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 0665
45 B
371 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=3c88cbabbdf2d8d9e2a654c2&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 19 Apr 2021 16:45:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Apr 2021 16:45:44 GMT
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=Ep8dy0acSJcJnxObEJkHmUDOE5wJyxKXRZvUEnPJ
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=Ep8dy0acSJcJnxObEJkHmUDOE5wJyxKXRZvUEnPJ
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=Ep8dy0acSJcJnxObEJkHmUDOE5wJyxKXRZvUEnPJ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
svr
match.prod.bidr.io/cookie-sync/ Frame 0665
0
111 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.202.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 0665
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.90 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1871316019338210763
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1871316019338210763
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1871316019338210763
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=SS8UXcnDMYbvlkl8eHe8&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=86&3pid=SS8UXcnDMYbvlkl8eHe8&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=SS8UXcnDMYbvlkl8eHe8&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT, Mon, 19 Apr 2021 16:45:44 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0665
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=g9DI2FX17NQm&ev=1&pid=558511&gdpr_consent=&gdpr=1
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=49&3pid=g9DI2FX17NQm&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=g9DI2FX17NQm&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-752f5
expires
-1
getuid
secure.adnxs.com/ Frame 0665
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

merge
ce.lijit.com/ Frame 0665
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=3c88cbabbdf2d8d9e2a654c2&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=7f9a607d-b3b7-4b00-b58c-15afa0eb9852&gdpr=1&gdpr_consent=
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=3&3pid=7f9a607d-b3b7-4b00-b58c-15afa0eb9852&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
MT3 3660 495c301 master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=7f9a607d-b3b7-4b00-b58c-15afa0eb9852&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Apr 2021 16:45:43 GMT
Cookie set merge
ce.lijit.com/ Frame 5B43
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3742494358711417634&gdpr=1&gdpr_consent=
43 B
2 KB
Document
General
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3742494358711417634&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://gslbeacon.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=3c88cbabbdf2d8d9e2a654c2; ctag=512:1618937143|515:1621442743|388:1621442743|580:1618937143|582:1618937143|520:1621442743|584:1618937143|234:1620060343|586:1618937143|203:1620060343|205:1618937143|589:1621442743|462:1618937143|561:1621442743|563:1621442743|565:1618937143|185:1618937143|541:1620060343; ljtrtbexp=eJxlkD0agDAIQ%2B%2FS2QHKv1fz8%2B7aOhHHl0KacA0eJztnSbDKMdwXTyInWTw7SsfgzkYEChNsbH8uNbP9Dh9UVfyU7EqCJ0PmhJSpwAaMnXEfEs2vQ75Hq83ROwn4KfhpwdVg3hJv2BPdD1amVHY%3D; _ljtrtb_5001=263c02d27c970ea81123082b0b08109a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

Server
nginx
Date
Mon, 19 Apr 2021 16:45:43 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_5001=263c02d27c970ea81123082b0b08109a;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwFwQERACAIBLAuJHieU9E2gKbw7O52pQEqS9itwM1Rc%2BCEq9LgTCRcMUPeB93nCmc%3D;Path=/;Domain=.lijit.com;Expires=Tue, 19-Apr-2022 16:45:43 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_1=3742494358711417634;Path=/;Domain=.lijit.com;Expires=Tue, 19-Apr-2022 16:45:43 GMT;Max-Age=31536000;Secure;SameSite=None ctag=512:1618937143|515:1621442743|388:1621442743|580:1618937143|582:1618937143|520:1621442743|584:1618937143|234:1620060343|586:1618937143|203:1620060343|205:1618937143|589:1621442743|462:1618937143|561:1621442743|563:1621442743|565:1618937143|185:1618937143|541:1620060343;Path=/;Domain=.lijit.com;Expires=Wed, 19-May-2021 16:45:43 GMT;Max-Age=2592000;Secure;SameSite=None ljtrtbexp=eJxlkD0agDAIQ%2B%2FS2QHKv1fz8%2B7aOhHHl0KacA0eJztnSbDKMdwXTyInWTw7SsfgzkYEChNsbH8uNbP9Dh9UVfyU7EqCJ0PmhJSpwAaMnXEfEs2vQ75Hq83ROwn4KfhpwdVg3hJv2BPdD1amVHY%3D;Path=/;Domain=.lijit.com;Expires=Tue, 19-Apr-2022 16:45:43 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=3c88cbabbdf2d8d9e2a654c2;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=3742494358711417634; Domain=.turn.com; Expires=Sat, 16-Oct-2021 16:45:43 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=3742494358711417634&gdpr=1&gdpr_consent=
content-length
0
date
Mon, 19 Apr 2021 16:45:43 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F119
8 KB
3 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://gslbeacon.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=29552
Expires
Tue, 20 Apr 2021 00:58:15 GMT
Date
Mon, 19 Apr 2021 16:45:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 173B
8 KB
3 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://gslbeacon.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=29552
Expires
Tue, 20 Apr 2021 00:58:15 GMT
Date
Mon, 19 Apr 2021 16:45:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 2DBC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...
776 B
813 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
8b49e053e2d28450ab1db4446cd1448315e533a41ac457e72ced85dddfc6e0cc

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=d8313050-7ef1-055a-1c9d-ddaf154877fc|1618850743
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=d8313050-7ef1-055a-1c9d-ddaf154877fc|1618850743; Version=1; Expires=Tue, 19-Apr-2022 16:45:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618850743|gekin0vNiygu; Version=1; Expires=Tue, 04-May-2021 16:45:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 19 Apr 2021 16:45:43 GMT
content-type
text/html
content-length
478
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=d8313050-7ef1-055a-1c9d-ddaf154877fc|1618850743; Version=1; Expires=Tue, 19-Apr-2022 16:45:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date
Mon, 19 Apr 2021 16:45:43 GMT
content-length
0
via
1.1 google
alt-svc
clear
0608867b
rtb.gumgum.com/usync/ Frame 30C1
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_7f8bc54206284cc5bf38804457e9717b&rand=5562&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0e9ccfeff5f31fca592299a5dc7d8924ccaebb59a325b4de315b006f1c49a3a6

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

date
Mon, 19 Apr 2021 16:45:43 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6; Domain=.gumgum.com; Expires=Tue, 19-Apr-2022 16:45:43 GMT; Path=/; Secure; SameSite=None
etag
W/"0a3fcd195166b0e43e8064377cf972485"
timing-allow-origin
*
content-encoding
gzip
container.html
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 07FB
6 KB
3 KB
Document
General
Full URL
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 19 Apr 2021 16:45:43 GMT
expires
Tue, 19 Apr 2022 16:45:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6743
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYOKiYiduHOXrkDMTNMLXzKyaQt1BxoXmT2FcONQPYITxCqIcGptfqvyvbCggVe1ghb2mFPr_j6v0D-wOcnwfuXtL-PyNYpNkIOdlHbfEEZbLw34vwPIObEPsp9wgOT8-f876Xx9rn5FICo6vApNsWOuh6w9kUzp92ZOh-97XyaXmkU8qzwi7EvkZh9-0qz6IxQCg2FE9Fw5RZTDcJlLkwgY6HihM9zWfvB7h5N3PfTfifuGc1paIzcIJOrjhl4HD1tXFZRryeIimRt4v7ioBpwBiu9jGytEHXtgCk&sai=AMfl-YT1DUt_7aJnYQO-6tocB8Wri1EqTd3H61SXQcQmJefhkHGsyemp9K-SRVlTUBhLU7UeQBgXVN-mkZ6PC-yL5YpGXMkXb6KOHn3UORzWQXv_w4bCIpYd6ujp5QklSNGo&sig=Cg0ArKJSzAO2QT8-KpMcEAE&adurl=
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 6743
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 16:43:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 6743
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 16:45:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6743
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:44 GMT
l
www.google.com/ads/measurement/ Frame 6743
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVRxgkvslGfXD-c2N5dClxnC1NAMP2DDRwoDP-uVZyUmeTcWkHQuJ4Hr80axZCmcbkdxqm
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

14143493972286829131
tpc.googlesyndication.com/simgad/ Frame 6743
277 KB
277 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14143493972286829131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
944295c9b667f8457e6dacc9cde4ed263d4ca435eb30320c44313bced0357d3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 07:17:45 GMT
x-content-type-options
nosniff
age
34079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283220
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 15:15:37 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 07:17:45 GMT
container.html
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4221
6 KB
3 KB
Document
General
Full URL
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 19 Apr 2021 16:45:43 GMT
expires
Tue, 19 Apr 2022 16:45:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 8D3A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGGxVg-GuDSlDZ1fI2Hx_Sw2LCCpIXs0-52O5UMHxi5KDEMXA6NpitVKrwiAfmYqlst1ytvZ1KKf49fTOeaSvq0rL3c8lyhQsdyCqcSfb01F4KCDBOZO_I2MbdyXKH1rqaCu0efzmiIpRp6mbk8yI5x6_E9CZU8Ha4xSZX1fOt2YPc3-_Ad3iZEu4vJO4axwuybQ5wPJErS4MrmNJSJRDwWIry7M-JFk_fTter8PACfE7SnbEXv1cbzCVfTovxZHUaPwd2B4MrR5LJyK00lZchD5_j0h81YfiN1NEOfw&sai=AMfl-YSXz1OHSM9bTnI5S8BKdEz1hn0lnQuP7rl7j1Ub9Pqz7bgN6CzVQh1sEdZk2IyFv0MU90ksTP2kysSc1tCvqqbgHuJ8sx1HuTuAQu5zHNAefnPpnktM0QMxedmInRI&sig=Cg0ArKJSzDcSoxuNyINaEAE&adurl=
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 8D3A
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 16:43:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 8D3A
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 16:45:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8D3A
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:44 GMT
l
www.google.com/ads/measurement/ Frame 8D3A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdq-UeXMpViaA2kUwOFNcwV_YRGMTmsU64DrAXgkPWwbSDXT_EW74l2ckRwrVIPBNU5f87
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

13536919462294945681
tpc.googlesyndication.com/simgad/ Frame 8D3A
65 KB
65 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13536919462294945681
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e66d2de12e195b37393c0844f85310686085aeb7d999a650e3565dd48d04a044
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 15:13:26 GMT
x-content-type-options
nosniff
age
351138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66731
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 18:17:01 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 15:13:26 GMT
container.html
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3AA7
6 KB
3 KB
Document
General
Full URL
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 19 Apr 2021 16:45:43 GMT
expires
Tue, 19 Apr 2022 16:45:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
showad.js
ads.pubmatic.com/AdServer/js/ Frame FA80
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=24908
Expires
Mon, 19 Apr 2021 23:40:52 GMT
Date
Mon, 19 Apr 2021 16:45:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 556B
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=24908
Expires
Mon, 19 Apr 2021 23:40:52 GMT
Date
Mon, 19 Apr 2021 16:45:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 6743
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuGHF0Hx3_-tZSf4J2-nB-ysXRwjgdfeQKdSuvsro4Xq2ZMXDe951WkOnS0XSoKvJ4Qyhk47gqyGdLQtuRFD-fSYX7Vo16_ZjOswDoCQh8EYn2U9d3I0TvvS59ZaZu9zX2RyshytaxA74AkF12pefS4XSx2c83gcA3Ur0mX0vI1ApUL3_g1ZrLeq5sNwYzduzItcj2SUhUEGg1GNoT7nDGi83c7K34xHAmTClSnaXqlGVkCjiDAh5pSJL_UPUEj8jvNUP0W9vc1gpVtauUrOukKuHq4QvhPOmIAYg2oqQ&sai=AMfl-YQzREWhnBLS_XOQ2ljEilJB3sp0zoytvv_gpW-CfDizLGyYjCU_Km4ow_SDjkiTcN_ngpUou8dpVCZ8KqzDMba7NcWrBAJCVz7PollOHByiiSLYO2UpKYQ7MDieDWC1&sig=Cg0ArKJSzFG1qOUKMxisEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Apr 2021 16:45:44 GMT
truncated
/ Frame 6743
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f1e7f7e5f637fa63cea33778f1d8410f6593255696de5b60a22113c9bb44fae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8D3A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwh3arp_ARd9hMHFlMvbZZGjVnK32IQi8RZS7Wb3JWVjvn_5iHpzeTH_gB5hHI2XpZKgEn_7NoJWs7c0IDDMyopligPYlOJgLFG-SYGIaaM72iHecdyqxY4QSNtNuBQkHflFTPyMtQLZbGwFAuqm8H_WswewwEEEf96tpD646bqTu43elJ_q6YR_sQsCPaJyxoe-zGXoYdFnUGKCNfF4Mtp77yimVCdvUXr-d7JkJvg4Q6RKOMi10u8cJSgRjLDvX6JEVhBwBmaS5OY0UI3zdtmPZOt3vQ8S0Tejy_02K9&sai=AMfl-YQnHNCvlqoz8AaqkKsO2Xq_GpPOhMKuvtdCbV-C83KYAo_zS7mtrvdgrPMTECL99-ez8FX1-adn1zx5G7818J3XQNkDr2GZUW0Ga-Z7otVhgXWliJvHczYSbNjvR8o&sig=Cg0ArKJSzP2WruTCGVErEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Apr 2021 16:45:44 GMT
truncated
/ Frame 8D3A
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96bd4b19afd60841e92f454ed1cacd104dfb154a6c01bec732cc6564089eb160

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
merge
ce.lijit.com/ Frame 2DBC
43 B
2 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6773d1c9-3dc2-00a0-01f7-a3e109de7b53&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2DBC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31a3607d-b3b7-4000-9ca9-258dbcda55f5
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31a3607d-b3b7-4000-9ca9-258dbcda55f5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
MT3 3660 495c301 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=31a3607d-b3b7-4000-9ca9-258dbcda55f5
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Apr 2021 16:45:43 GMT
sd
us-u.openx.net/w/1.0/ Frame 2DBC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UquSCwaox1dJq5xbUK2IWQD6nFxJ_51XBa9Cz00A
43 B
172 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UquSCwaox1dJq5xbUK2IWQD6nFxJ_51XBa9Cz00A
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=UquSCwaox1dJq5xbUK2IWQD6nFxJ_51XBa9Cz00A
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2DBC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8769262940802476245
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8769262940802476245
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8769262940802476245
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 2DBC
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=0b9d0f09-d776-3aad-464b-1547716f4401&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2DBC
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjdmMmRjYzMtMWUwMS02NDA5LTUzYWItNGZmZWJiOGQ4YTYx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2DBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQb6p7uTovJk-jsxSAdkog&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQb6p7uTovJk-jsxSAdkog&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJQb6p7uTovJk-jsxSAdkog&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 07FB
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7729
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 14:36:55 GMT
launcher-1.0.0.js
tj6w5.flx10.com/libs/ Frame 07FB
17 KB
6 KB
Script
General
Full URL
https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 14:04:14 GMT
server
NetDNA-cache/2.2
etag
W/"6074535e-42ae"
x-cache
HIT
content-type
application/javascript
cache-control
no-cache
expires
Wed, 14 Apr 2021 13:46:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07FB
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:44 GMT
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://rtb.gumgum.com/usersync?b=apn&i=9079642166036316933
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=9079642166036316933
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
X-Proxy-Origin
185.232.21.100; 185.232.21.100; 824.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid
ac16cdbe-e3de-497d-96c9-9d9a8d2831a2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=9079642166036316933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 30C1
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.54.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookie-sync
sync.outbrain.com/ Frame 30C1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6&obuid=ENC(G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DG6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DG6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YH2zugKXhHI9_Ue1uw4IuAAABHMAAAAB&obUid=G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT
0
307 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YH2zugKXhHI9_Ue1uw4IuAAABHMAAAAB&obUid=G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:46 GMT
Cache-Control
no-cache
X-TraceId
339a2991cf67c05a652ca6311d8caec0
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YH2zugKXhHI9_Ue1uw4IuAAABHMAAAAB&obUid=G6JuCD8DNEdxKgPH1XFfJndAT9-PG11PyzyAQIjsVmX7j89vlGyC2oZJCuWiomoT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
348
Expires
Mon, 19 Apr 2021 16:45:46 GMT
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=fca0ab79-ff63-02fb-2130-05aab93f4547
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=fca0ab79-ff63-02fb-2130-05aab93f4547
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=fca0ab79-ff63-02fb-2130-05aab93f4547
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
sync.srv.stackadapt.com/ Frame 30C1
43 B
168 B
Image
General
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.192.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:45 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-q4zOAU1E2pcYxVeK236KPt7qzb_HWvxClXx0~A
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-q4zOAU1E2pcYxVeK236KPt7qzb_HWvxClXx0~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 19 Apr 2021 16:45:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-q4zOAU1E2pcYxVeK236KPt7qzb_HWvxClXx0~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=afdfcf63-a12e-11eb-92c8-493c66029fd8
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=afdfcf63-a12e-11eb-92c8-493c66029fd8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=afdfcf63-a12e-11eb-92c8-493c66029fd8
Date
Mon, 19 Apr 2021 16:45:45 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
afdfcf64-a12e-11eb-92c8-493c66029fd8
services
sync.technoratimedia.com/ Frame 30C1
0
294 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
567972114
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 30C1
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=90e7f733-85fc-4775-8e47-522f87ba7052
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=90e7f733-85fc-4775-8e47-522f87ba7052
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=90e7f733-85fc-4775-8e47-522f87ba7052
date
Mon, 19 Apr 2021 16:45:45 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4194292375
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4194292375
  • https://sync.1rx.io/usersync/tradedesk/5fc86f77-f3e5-40d1-ae6e-c7caf4518b5b
  • https://sync.targeting.unrulymedia.com/csync/RX-683a29a2-de46-48a9-819e-e91cfda3594e-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-683a29a2-de46-48a9-819e-e91cfda3594e-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-683a29a2-de46-48a9-819e-e91cfda3594e-003
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-683a29a2-de46-48a9-819e-e91cfda3594e-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:47 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Mon, 19 Apr 2021 16:45:47 GMT
Server
Tengine
ETag
RX683a29a2de4648a9819ee91cfda3594e003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-683a29a2-de46-48a9-819e-e91cfda3594e-003
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame 30C1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=L6eaXa9tVRCM&ev=1&pid=558355
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=L6eaXa9tVRCM&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=L6eaXa9tVRCM&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-g4qnn
expires
-1
merge
ce.lijit.com/ Frame 30C1
43 B
3 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 16:45:44 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame F02A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=6c84607d-b3b7-4800-b940-a57f94727573&gdpr=1&gdpr_consent=
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=6c84607d-b3b7-4800-b940-a57f94727573&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=6c84607d-b3b7-4800-b940-a57f94727573&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 19 Apr 2021 16:45:44 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master zrh-pixel-x11
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=6c84607d-b3b7-4800-b940-a57f94727573; domain=.mathtag.com; path=/; expires=Tue, 17-May-2022 16:45:43 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=6c84607d-b3b7-4800-b940-a57f94727573&gdpr=1&gdpr_consent=
Expires
Mon, 19 Apr 2021 16:45:43 GMT
usersync
rtb.gumgum.com/ Frame 2585
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC
  • https://rtb.gumgum.com/usersync?b=atm&i=YH2zuQAAQ2mj5wAC&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YH2zuQAAQ2mj5wAC&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YH2zuQAAQ2mj5wAC&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YH2zuQAAQ2mj5wAC&gdpr=1&gdpr_consent=&_test=YH2zuQAAQ2mj5wAC
accept-ranges
bytes
date
Mon, 19 Apr 2021 16:45:45 GMT
via
1.1 varnish
x-served-by
cache-hhn4064-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1618850745.414614,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame F9FC
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kZGJhMmRiMS1jNThhLTQyMjktYmM3Ni02ZmVkMDBkZmEwYTY=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9kZGJhMmRiMS1jNThhLTQyMjktYmM3Ni02ZmVkMDBkZmEwYTY=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmqEkQMIQj9jFQDPLxECfYxomcK7xfXIn0cpw98wcBFS9A7xPTW0so0eHrRKls; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 19 Apr 2021 16:45:44 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 401A
8 KB
3 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=29551
Expires
Tue, 20 Apr 2021 00:58:15 GMT
Date
Mon, 19 Apr 2021 16:45:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5B3C
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.255.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 518C
0
0
Document
General
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 19 Apr 2021 16:45:44 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 6D1E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YH2zucCo5sEAAJ42Gu0AAAAA
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YH2zucCo5sEAAJ42Gu0AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YH2zucCo5sEAAJ42Gu0AAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 19 Apr 2021 16:45:45 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YH2zucCo5sEAAJ42Gu0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
2
X-SO-HostName
a-ad40007.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":16,"gdpr":true,"ipv4":"0.0.0.0","key":"YH2zucCo5sEAAJ42Gu0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40007"}
X-SO-Key
YH2zucCo5sEAAJ42Gu0AAAAA
X-SO-IP
185.232.21.100
X-SO-Cluster-ID
16
X-SO-Upstream-ID
a-ad40007
usersync
rtb.gumgum.com/ Frame 7289
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871316019338210763
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871316019338210763
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871316019338210763
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 19 Apr 2021 16:45:44 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAADvEyGtoZmhhYWpgbmJiaGK2SgyJb2RsAgBCrtDbIAAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 14 May 2022 16:45:44 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDQ2tjAyNDA3MxbiM9RN9Sky8KxIy4vMS3GX4jU0M7SwMDUwNzExNDEDABwLnQE0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 14 May 2022 16:45:44 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzQ2NDMwtDQ2tjAyNDA3MxbiM9RN9Sky8KxIy4vMS3EHABpZQUUlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871316019338210763
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 1A33
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=SS8UXcnDMYbvlkl8eHe8&pi=gumgum
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=SS8UXcnDMYbvlkl8eHe8&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.18.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=SS8UXcnDMYbvlkl8eHe8&pi=gumgum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_ddba2db1-c58a-4229-bc76-6fed00dfa0a6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 19 Apr 2021 16:45:44 GMT Mon, 19 Apr 2021 16:45:44 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=SS8UXcnDMYbvlkl8eHe8&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4221
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7729
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 14:36:55 GMT
launcher-1.0.0.js
tj6w5.flx10.com/libs/ Frame 4221
17 KB
6 KB
Script
General
Full URL
https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 14:04:14 GMT
server
NetDNA-cache/2.2
etag
W/"6074535e-42ae"
x-cache
HIT
content-type
application/javascript
cache-control
no-cache
expires
Wed, 14 Apr 2021 13:46:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4221
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:44 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3AA7
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7729
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 14:36:55 GMT
launcher-1.0.0.js
tj6w5.flx10.com/libs/ Frame 3AA7
17 KB
6 KB
Script
General
Full URL
https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 14:04:14 GMT
server
NetDNA-cache/2.2
etag
W/"6074535e-42ae"
x-cache
HIT
content-type
application/javascript
cache-control
no-cache
expires
Wed, 14 Apr 2021 13:46:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AA7
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:44 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FA80
0
75 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51433076&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:42 GMT
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 07FB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF9DT3bt792MMJuydjVaSOuXWCd_SKNI-vnp0LNg92y3fajMgwBiq1HRvFHGSLE1sW-iPHLgsxHtP1iJ1H1yyfb65boB-ZjMGT2zCkbecKB2fN3XQUmBZSrSak1ro8eTCUzA5NZb1T1EXVJH2xw9uAjIF2-xfgooNmqfopH5UasbYDw0nd_8oXcJ4AtTm-Dho9VBIPBwRuQ6S4PofNFvWQeG7407Z6fN141YWwTrQH39c2JBQ_f1jLt6yei7n9V7LzVP3CKo1183IcBbv5sDA7UI6tLdhVx4_c1K6eLw&sai=AMfl-YS-AK6yH07CqjbM8LIt9_HAeLkOSLjy9LpLT8IV8og2nOkjpHwLbcop9F35cPWiN0s3Y4CfvimcgMCDvWNMbDbiSdSQUGfiYtwOgfGRxgZIx8NIEEEnnZNPYXxnm4Y&sig=Cg0ArKJSzKcXxoSL4hYGEAE&urlfix=1&adurl=
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 4221
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvB4550V1HSous8RvrHskdoBAbDOy3BoHxrll8nt1NmvBFKRUHGQtMY2x_ZsJ8mXZbKvAGhcQuNOwz1oEgqk4z_ApCJx0X_UDBdQLEZD-trUfgK1WzkakSKN5lVJdb7z4D3H_XocB3LGREP4YyqpTc0EglaZy4idy4zz8SpLJKXmYIRxD0zSVPTBPGmOO2_Lx74NaICL76IzofX9DVIo5mPSy5h6MhqXd_Q-p-8_S7XC1AttM8kLe99zu8sqhSbeBtWOhufuVQWPaac5SM9-cQwOEeIzFflyRpPWCyL9A&sai=AMfl-YQqmngTzbBQPIfMte4R3UnMHNmImfT_Xrc_F36zBN1e2pidog8AUNrLzMhM98VGqkCIRvTtDzLRvixjUHuGfnRdUJjvF5uc8xqzbYtFjmrTVjt4jCx-J1yqvCWPBc3S&sig=Cg0ArKJSzOJXhOg-vXoeEAE&urlfix=1&adurl=
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
showad.js
ads.pubmatic.com/AdServer/js/ Frame 076A
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=24908
Expires
Mon, 19 Apr 2021 23:40:52 GMT
Date
Mon, 19 Apr 2021 16:45:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 3AA7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcaTGa95FqIszFbO64jEYpRzm5w1jjgHZDi6GQ7aTh6hNftELEPp-OlDS1Ja_Ty3t0XoEBqLpDn1RwtzAx16TuGxaMz_hwR8mI1yjYpIqyqCoPRUml6Y03Z4VP3TzzZciC0YzAi4ruerRi48kV_IwnOlb_HLzfUDbbWVWX1S1sPCVrWsxegHJHgZFesC2ESohQdCLJVlis0KwG4wk75pEmg5lkAXDwdu2Y492ayykJDstrIqMmg5Eo2p9kTS-KqSh1VNdLKcFr6ZoMW8mAsjgllQ2zWxRTGj0QGBb1bIw&sai=AMfl-YTJRnSGWW58ZGrrr_SqKm_uyYZk-rrJjiwSHmk-Crx1eMsyUm9bT3oZeefTX0bSS2fL3WVkhViYVaWdPbwuXU7sWU2xfbvnh_BeqD1JcKpU4V_PawcZTpm8cN6S9eb5&sig=Cg0ArKJSzHGiolQ175f5EAE&urlfix=1&adurl=
Requested by
Host: d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
URL: https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022103020108001/ Frame 3A5E
190 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
502256
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55149
x-xss-protection
0
server
sffe
date
Tue, 13 Apr 2021 21:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"28692e13adbc87cf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:14:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 3A5E
12 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
502256
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Tue, 13 Apr 2021 21:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:14:48 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 3A5E
87 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
502256
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Tue, 13 Apr 2021 21:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:14:48 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 3A5E
27 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
502256
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Tue, 13 Apr 2021 21:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:14:48 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 3A5E
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
502256
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 13 Apr 2021 21:14:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Apr 2022 21:14:48 GMT
css
fonts.googleapis.com/ Frame 3A5E
3 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:15:52 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:44 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4524897078196450542/ Frame 3A5E
14 KB
14 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4524897078196450542/downsize_200k_v1?w=600&h=314
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8db0b83756e1b440cd5756ee19f969b84d04c6b14c62682814284c2b12d92ff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:35:43 GMT
x-content-type-options
nosniff
age
263401
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14260
x-xss-protection
0
last-modified
Wed, 31 Oct 2018 00:40:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 15:35:43 GMT
truncated
/ Frame 3A5E
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3A5E
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c49ebbfdb242ffbf36cd9104eb99e49c7323379502a80d8e394994dcb948450e

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A5E
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
7730
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 20 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3A5E
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 18 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
66519
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 19 Apr 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame 3A5E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTheNQRL87uuN1FH8749oMdQVyQxZYQXbvPlDT8pYg0dNlfn990B8OoW73JtrfRmPC1Nu1d
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 3A5E
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIFD_uLN9YMmVAZCOrASs_6rwA6a4o61i_YDbo8ANnLyrsqsJEAEgxvvWeWC5-MeA3AGgAe3Dw_QCyAEJ4AIAqAMByAMKqgTmAU_QZ6DfVR3xBIdpoudRlkM534FEATBUvr0gZBIP0InAhin6b7VrBjlcDl5hfsBxoan7Zjq8uzpxVVLPeuu8P8-VkbsfexHxijLR-ITQuG3G1Y31yyoCRUPinokBncGErNOkeJN2pPRdAXWYIJMuAHv9TMc0MZjxfg68hujfHimSXes7a2QK1sR0NbFe2QUJyYUjUcdV74bB_ClRSU4OIJPKhx6orpo3CUCqARSGgg9W7cVECdAkgzOpYNjTzeZGR3M7rD2Hhi4W9pOHv4Qe6HZlG7CWhG3IeFO4gAF5vX9Jn1KfB0ShwATB5OOwyAPgBAGSBQQIBBgBkgUECAUYBKAGLoAH-7u8iwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQuMEl0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi0zNDk3NTc1NTcwNDI1MTQ0gAoDyAsBuBOIJ9gTDbIXGgoYCAASFHB1Yi00NTczMjMxNTUwMzU1MjIx&sigh=v7MXfA0ua7Y&template_id=5000
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3A5E
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
398562
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 3A5E
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.heraldnet.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
110526
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
truncated
/ Frame 07FB
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b730f07c1a720b2d952d29da480558d9ee9e61e322437cadda1b4cec0921b1fe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/ Frame 1662
86 KB
24 KB
Document
General
Full URL
https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
aba4298fc0658ee3ea0044db20b2eed9af64b74d3ece1f6881484b3dbb7b23c0

Request headers

:method
GET
:authority
tj6w5.flx10.com
:scheme
https
:path
/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
text/html
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
expires
Mon Apr 26 2021 16:45:45 GMT+0000 (Coordinated Universal Time)
vary
Accept-Encoding
server
NetDNA-cache/2.2
x-cache
MISS
content-encoding
gzip
view
securepubads.g.doubleclick.net/pcs/ Frame 07FB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYDnueNT3sSJdCjkJZGl3x02RH0O41UsbSq7K8TJd19aupQlPF6yHgRtIWRDxiVqRMk3Tryb65oW8N7Ssrx2GBgpTYq6B2CWooYQ-16mPFNwjuBButFFvKpC6BXMFlyNUM6Dx4VdOskNCjmYkNrYjhuVk9ty7_MowXFDBVdAUgLX0zYF1jtuFeGl9-BJn89sshwnJWAbPH86EjW6py0GQpr0rjXl8s6oo7fMLxxS2u5-FrIH4TEyGCuvphVc1b3NBDPsb38nET433TT4tYSZdpZOg6juXHX7bU9wLLv4pZ&sai=AMfl-YQNolTbvVOygxO5cMvd_8pMSgv5w7Bt76Z6B5-aT36vUaSU19RJG6uVRO9UGmta19m_VcNBZPoJo8Hd__a24Q9ER9cMhR36YXUamNVrmT19X1WpatQOxgnDtSNJxS0&sig=Cg0ArKJSzP7viRaiPIbiEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Apr 2021 16:45:44 GMT
truncated
/ Frame 3AA7
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6170ba360f9f54bf43c494c0afeb1c56915947607b130d01229287ee738af906

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/ Frame 7276
78 KB
23 KB
Document
General
Full URL
https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
02c788fbfa3ac2df57d2c0beb335f93626cd23fc41a3012c2d670c224b8c9b83

Request headers

:method
GET
:authority
tj6w5.flx10.com
:scheme
https
:path
/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
text/html
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
expires
Mon Apr 26 2021 16:45:45 GMT+0000 (Coordinated Universal Time)
vary
Accept-Encoding
server
NetDNA-cache/2.2
x-cache
MISS
content-encoding
gzip
view
securepubads.g.doubleclick.net/pcs/ Frame 3AA7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkLn4fYEd9kywz-MWujqO6yrin1WbY3QSZA4DTPsIX_emKdPQxYYiOqW7mfIzuG6sHKgyLNbwZYQgmkSAoPQGpIX_I_nGzgB_epZWxzU4OfDTJ-P96RHwVCLbxZXu7dPxy1V71HEccGD4FaaSDBd2CHC-DuLK6QaULomV96cAcEPL4eAotq1rrqmXFuR_EV0b6Ye_UuXTR0Yj2O0Mb1LMQBdPQ-YJmuwb47ET1iPiTY_BGDTbmGePJJ1lOcIVYfqza4OCxIl7GxJZBMYLCH2InKquwhQ7brXBSEMKlc6R9zA&sai=AMfl-YRhCxgXieTGSB0MPsAWB1taf0m3WBGGE06WAalVBDk8MOfmW9XOh0iOOXA9M4bxO3CViODzm2uMWmemSkbhalgTx2aUFWI8_yBc4rXKNrB1wuj31vPwYm_MDnOUH38Z&sig=Cg0ArKJSzAov6unOcFzmEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Apr 2021 16:45:44 GMT
truncated
/ Frame 4221
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb7a18bfd4b4ed8f71c34eba066bacaeedfe9cb91b04511ba7d1abced8c7586b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/ Frame E1E7
86 KB
24 KB
Document
General
Full URL
https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
990516163179d9bf43c67339d445415928956e42e220843f7ca592cd9ad5b63e

Request headers

:method
GET
:authority
tj6w5.flx10.com
:scheme
https
:path
/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-type
text/html
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
expires
Mon Apr 26 2021 16:45:45 GMT+0000 (Coordinated Universal Time)
vary
Accept-Encoding
server
NetDNA-cache/2.2
x-cache
MISS
content-encoding
gzip
view
securepubads.g.doubleclick.net/pcs/ Frame 4221
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWRBivkn-yt3uPfH4FsMGfP3yBiLV2IcBioKvNIHEEbpdyUby36KMthGYPQ4YxzLs8yLqs6fxBysBVTuZUzXMpN4AtnxXFMgaUxwUe7mjq8yibvrHjumBCd-Hb-BexMwv1bf508s45xpN1mU2E5KwHKrvlTaiUta7uihL1TCjXBMuI8kTewMripiKMe58vbAcmib2G29rQZVTroAdjTqf97B2GAF_EViTUmTKKEHa6XnNayleomAow0qB69NBKJ0Sy5ACMteOB1BIJaL3AXf9lhPkP968lnr8k46IuD1L2&sai=AMfl-YTfoHrfX71MfSUMgn7bMl9bf33GD6nJB_f2wq9U5LvbEL8Inuaby7uOobrHRF0fuwX5WQy0RddfrNLn5CbpcnSQr8PXC1h2OMJchd9-AhyMcJmfsvbW3o-NzBkiNDT5&sig=Cg0ArKJSzJvkJY8PzFSSEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Apr 2021 16:45:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A6CD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUh-I2KK-81BEhhrbXVZOX3xu23MWqfTLSWx3Y9KBUqQpBEzim8yFRAPXt356umjD375diWx777I5HL2fLzNKN9xwEhUdvA5mkDJqwMdC9A_N8yQ9tKdpUS0LZMYBg3QQJOiThoLCjHNzwwe19OFjQ4ScBdl8oFg9fXiYTXuI9gFPP7wnhmPgqCCu5QSIRLhCqj4z1umHPCq6MsLzjnUxyhIFeQNWzvw2B6nwhK6c-gPQkJ03TIaT9MZvPEulrMc-OAP281d4ER78lQdgGKcIEjx4XS7RVoxpzneSmDQ&sai=AMfl-YQoP674G3K2sf9zhfnJiKCabAm18cuUEiqqLhubqmIRLLYb05jLH7xAQEN3XqKQTHGOZTFi5_JUYDsF3dSlb6gLrDBy-5nJw_ufxqS0vTLGnQVbuWxpJYBL1TZORF4&sig=Cg0ArKJSzJsB5wrB39GSEAE&adurl=
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame A6CD
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 16:43:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame A6CD
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 May 2021 16:45:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A6CD
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:45 GMT
18245268949194894767
tpc.googlesyndication.com/simgad/ Frame A6CD
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/18245268949194894767
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2777aa83495a2a26ab335b8cecba52f4ea5575fcd5d80f57ae03cc73cb899e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 08:08:50 GMT
x-content-type-options
nosniff
age
31014
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22387
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 21:51:44 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 08:08:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A6CD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfkO421O38Imsw7D41SDQyYsE4KE9PAW2Ct8vvET_luhnFtB-ZqsDLjeXepFZMKwnaX0cylG8F2mjM7dRM8leq76X36RBeHA_iydqfaOQpXM821mGsQb9G4FN-x2z1OfHC7ces_8GwV413FRWrgKaajmWuHypTi8JjTc1aTSXQ4aaDV_fgZKxMBQarzq4irl3RaZoVcyhHhKJdKnt0PQLPA40ybF4ixgiEo1cbk61LWw3K36JlyyzOlO-E6BM4WVMOsZQMmLy_UeMkw89a5De864RAo1vEBiGDZMjn6LjN&sai=AMfl-YTRSCmVrVlZ7pQMI4m5k2h5U3YHMdRRBMHM-btn7LTRMrfYERPqFPTHzBWPVmLMVG4X7Yc2HJUL2nFZHOdb7e6lNW3lCAHCMegIUWJ3NfZoKG-woZarjC-B1XFui00&sig=Cg0ArKJSzC3yZLTMdWjzEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Apr 2021 16:45:45 GMT
truncated
/ Frame A6CD
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cfffadaa33db012e0fd5109b8b81b94fdec67b8cc151a4dc37753e3137d098a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 6743
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEBgQgI_utA9KecgwQhO-8fDYx4MPUZWBxGM-bnWjBVpBebJTnxeAqt_KKo_S1Ug52jXFidrEDEjplyAqxeCnNQIOEERh2qjgpxfI-3ZY&sig=Cg0ArKJSzN19DvwSzouWEAE&id=lidar2&mcvt=1000&p=106,315,356,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=406828873&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1618850744013&dlt=0&rpt=219&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 7276
235 B
256 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Tinos:700&text=Saving%20ALfeIsEyHowtdmrNRC%C2%AE
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e4b98a840cd0aaca96f4c720eb83239ec0f0ba90e86008ee99d8b7228e91959
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame 7276
238 B
254 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:700&text=Naloxne%20isbrdctyhmugp%2E
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f94e7614a5f3235e00da28d9b68762c169db1f0197c5d5beca458e0d66ad91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame 7276
234 B
254 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:italic&text=%28they%20arno%E2%80%9Cbig%E2%80%9D%29
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b501a0a4447cc901efe7a43352d3491045f6ea4f1b95cab37ab8af979d67a7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
349b359c9810313ab7cce14bda3d43fafd44065f
tqe36.flx10.com/ Frame 7276
78 KB
52 KB
Font
General
Full URL
https://tqe36.flx10.com/349b359c9810313ab7cce14bda3d43fafd44065f?subset=Get%20ridofl%2Cxpunsmca%E2%80%94w%2Ekbyg
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
08ae13eae594f2da4c8f3e8559fdb17a0ffc864013b37a8120e1f35968813402

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 03:16:12 GMT
server
NetDNA-cache/2.2
x-amz-request-id
17R2K8NTPHAXPT32
etag
W/"a89cf050c859a23e4b6d9cf5989acf9e"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31104000
x-amz-id-2
/PXRX1tY7IHueMhEpcLi8beTndqfporlhpPX9xmGsgPDMKv7ScaztSikckhW4zb/zl/3glJtdWc=
expires
Thu, 14 Apr 2022 16:45:45 GMT
b699367cade7b171b68ea9b7e4e9dc2477c12e38
tqe36.flx10.com/ Frame 7276
93 KB
64 KB
Font
General
Full URL
https://tqe36.flx10.com/b699367cade7b171b68ea9b7e4e9dc2477c12e38?subset=w%2Etakebcyourmdsg%20
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.203 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0c2ba3c35316ae8e6730758bfdf60e1f90d0db8a1044b122d03b6b75b55942a8

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
content-encoding
gzip
last-modified
Mon, 05 Aug 2019 15:09:18 GMT
server
NetDNA-cache/2.2
x-amz-request-id
AF9F04ZVDY2GKFK1
etag
W/"bfc84fcb6a1c571b2b96ae83833e6de1"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31104000
x-amz-id-2
Dj8RCVUM+MUTB09WXaMT8aT56DO2UGWfnCqm8gQKZl7ogIRPIJvYBIitzUvWIfG2CLSUqQoVj/4=
expires
Thu, 14 Apr 2022 16:45:45 GMT
font
fonts.gstatic.com/l/ Frame 7276
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=buE1poGnedXvwj1AW0FswjEfuZcPKmRsPNwaUz_xTVKDkD4mgqWe96AAzUg&skey=d2066bbd7f2ceff4&v=v16
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:700&text=Saving%20ALfeIsEyHowtdmrNRC%C2%AE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
527deb218955264a10068ec4f64babeae87ce47250576ae8d960ed63b3cdcc97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 07:20:57 GMT
x-content-type-options
nosniff
age
33888
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8328
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 21:19:59 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Apr 2021 07:20:57 GMT
font
fonts.gstatic.com/l/ Frame 7276
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=mem5YaGs126MiZpBA-UN7rg-UPp6IojV7sm0OU3h1gfsgvzu8rpi53tfMA&skey=cd9e1a36bb25a3c3&v=v18
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:700&text=Naloxne%20isbrdctyhmugp%2E
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
403fee602a7653d026dac9fc715f70d97ac6243c9ed61c27bfae0b6b6b1f5aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 07:20:57 GMT
x-content-type-options
nosniff
age
33888
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4264
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:45:44 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Apr 2021 07:20:57 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A5E
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5AMDb1GE4vD2chWkdRoczKWXdPs_KyVgDTHAKIS0jYTvw43ky8_SXteUzOUqDLCNQsWxGxds5ieFLKV6hh-oTM1qeFjqgma8uQZGChsexd5Ln9AGBzkuHPTMH8Q&sai=AMfl-YRpC-sK4Eljlve1St1NWWUYbyITbMeaH6X6g_Ecs16nH5TMxvQ6jATyTB4nSv-vuPIXct1fJbLO3H73hvOklxXa492Rm8lKvyx3W_nq4rtNW839goq4_cdCBksLUila&sig=Cg0ArKJSzMH_qUEvTePUEAE&cid=CAASPeRowT70OLhcuOizBNuh1hUvYOLELc92Mre5jRcKKLAlvWozDYm3x0aG6A1biw8M4Y0G_CRujXLIcMeS-6Q&id=ampim&o=315,1064&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=182&tls=1182&g=54.40000295639038&h=54.40000295639038&tt=1183&r=v&avms=ampa&adk=3525437857
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 1662
251 B
267 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Condensed:700&text=%E2%80%9CNo%20MreWisabutm%E2%80%9D
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c8e2b5ed061af69475b8b865f39011bf904a0719a93a21b4001275922079f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame 1662
233 B
253 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900&text=Asited%20Lvngra%24250%2Fmoh4%2E3
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ba75d1291d9b4419a0561b234fe2c99fc26577cc67cca6d56bf9cd1d232ae4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame 1662
228 B
250 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900italic&text=Ofering%20aCotumRhbl
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5737ff67c7fc8314ec004d4e1048b3ee420d8280f55631dd1c3ea89b601c1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame 1662
261 B
275 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,b&text=%E2%80%A2%20IndeptLivgAsSklNurCa425%2E30KHERPhycT%E2%80%8BOoU
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae90bc9102be2aad262e10af7100d466f907b8841fa92f4ef005c30e6d15b5f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame 1662
219 B
236 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:500&text=Contac%20UsTdy%2E
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1bd3a77d79ddffddbc18c76650022f09a63408352dfe8507cc3c7afa7cd532c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
font
fonts.gstatic.com/l/ Frame 7276
3 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=mem6YaGs126MiZpBA-UFUJ0bZ9xMKo_67c6wNUHo0Rz0lnABHiqRDg&skey=743457fe2cc29280&v=v18
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:italic&text=%28they%20arno%E2%80%9Cbig%E2%80%9D%29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
901294825a23a09350b15f791e2dde175a25ba5c7e560c3f060ced14f25eb1e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 07:20:57 GMT
x-content-type-options
nosniff
age
33888
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3560
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:45:44 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Apr 2021 07:20:57 GMT
fY4lFOMkHLvcxsc0inKy7EMSyzBzFIow.png
k3vzn.flx10.com/ Frame 7276
827 B
1 KB
Image
General
Full URL
https://k3vzn.flx10.com/fY4lFOMkHLvcxsc0inKy7EMSyzBzFIow.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
61c2c3111f6c2e490fe39d76228f32fda2cc49d381fdb1fcc27b6e8e80fb9173

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Sun Apr 25 2021 07:27:27 GMT+0000 (Coordinated Universal Time)
jbHnQF0e1l2GS6XjTAhItNnNX5rIvOmw.png
k3vzn.flx10.com/ Frame 7276
1 KB
2 KB
Image
General
Full URL
https://k3vzn.flx10.com/jbHnQF0e1l2GS6XjTAhItNnNX5rIvOmw.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5d0c34bbe6ee57a3166161d491a6bbed5601772059f51ae72740e4b17410e885

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Sun Apr 25 2021 07:27:27 GMT+0000 (Coordinated Universal Time)
eTfSBw4ZDC66YObs8yaedHnCKihylVFo.png
k3vzn.flx10.com/ Frame 7276
607 B
933 B
Image
General
Full URL
https://k3vzn.flx10.com/eTfSBw4ZDC66YObs8yaedHnCKihylVFo.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9b4b245314aed4da69b220870f23164f915c8e2f7dc5f6dab0bea44ebfdbc8df

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Sun Apr 25 2021 07:27:27 GMT+0000 (Coordinated Universal Time)
Zoh2AR1UGgEPTilphkzY4HfXPZogmfEH.png
k3vzn.flx10.com/ Frame 7276
173 B
509 B
Image
General
Full URL
https://k3vzn.flx10.com/Zoh2AR1UGgEPTilphkzY4HfXPZogmfEH.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
317b9e18fd743948265acd728933efda43d8cef23713043b1a21ef818fdbbc05

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
cAZiyjyMQY9nAsoJycYyDwI49olkwt8a.png
k3vzn.flx10.com/ Frame 7276
185 B
521 B
Image
General
Full URL
https://k3vzn.flx10.com/cAZiyjyMQY9nAsoJycYyDwI49olkwt8a.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7de78bbd6ea03e8aca7c15c4daf9c1167404f2e38a92e3feb6f5fe5d00ec5185

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
font
fonts.gstatic.com/l/ Frame 1662
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=ieVi2ZhZI2eCN5jzbjEETS9weq8-32meKCYKftMRNXIbg7UgqBY7Wqj-JTuSAh2M&skey=b54a1a8c4612f15a&v=v19
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed:700&text=%E2%80%9CNo%20MreWisabutm%E2%80%9D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d0bc8acbbc74a313ef2072d9257f22f2cce84fc5990d28e7968efe24d828bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:09 GMT
x-content-type-options
nosniff
age
9276
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2872
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:45:44 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Apr 2021 14:11:09 GMT
font
fonts.gstatic.com/l/ Frame 1662
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmEU9vBgUwCu-xwd0vGB_abiprGg&skey=ee881451c540fdec&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500&text=Contac%20UsTdy%2E
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f5b99f9ec5508c81625b5f58b463b3bede3d7d3911e84988eae9b8858965808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:09 GMT
x-content-type-options
nosniff
age
9276
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2652
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Apr 2021 14:11:09 GMT
font
fonts.gstatic.com/l/ Frame 1662
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmYUtvBgUlCuXcurh8SE-BQBV-B1G_Mo9hQCbh23uo&skey=934406f772f9777d&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900&text=Asited%20Lvngra%24250%2Fmoh4%2E3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
61ec9f94e46190be991cd7b314654c70a6d26552b7cf4ce75e08639d0a7bd856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:11 GMT
x-content-type-options
nosniff
age
9274
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4504
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Apr 2021 14:11:11 GMT
font
fonts.gstatic.com/l/ Frame 1662
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOjCnqEu92Fr1Mu51TLBBc4GNPS1sccGhnRZz53Cli1NIl-Wjw&skey=b80be3241fe40325&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900italic&text=Ofering%20aCotumRhbl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebe638b2c3f24e96ac597f7bc6a4a846e6b677ac25aeefc3c513018bffbde724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:11 GMT
x-content-type-options
nosniff
age
9274
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3840
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Apr 2021 14:11:11 GMT
font
fonts.gstatic.com/l/ Frame 1662
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmWUlvBgUQCu_Cp7t6Tjr3RBFWKHiWFbZefR3GyWy68ztOtgRavRQHn7S0MIaToaCw0ksm&skey=c06e7213f788649e&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,b&text=%E2%80%A2%20IndeptLivgAsSklNurCa425%2E30KHERPhycT%E2%80%8BOoU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ec6e98b67e5b4a238434c5c74cbbed8aba33f3783112f6e3a1c7c61faca10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:11 GMT
x-content-type-options
nosniff
age
9274
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5520
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Apr 2021 14:11:11 GMT
WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png
k3vzn.flx10.com/ Frame 1662
395 B
721 B
Image
General
Full URL
https://k3vzn.flx10.com/WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
911bc0a553b8fdf97468f22756854bea86441871b31e332c2d8b53dae12942a5

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 15:53:43 GMT+0000 (Coordinated Universal Time)
b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png
k3vzn.flx10.com/ Frame 1662
903 B
1 KB
Image
General
Full URL
https://k3vzn.flx10.com/b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2ce56f91d809d8d73a15716a6f4f1fca326f9f59149d0d45b814a88c908405a3

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 15:53:43 GMT+0000 (Coordinated Universal Time)
eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png
k3vzn.flx10.com/ Frame 1662
491 B
817 B
Image
General
Full URL
https://k3vzn.flx10.com/eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png?width=10&height=10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2b8867b3c3dc87e80ebefbbb2ca78d93a5672864290231a8323c8942591e6ed4

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:45 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 15:53:43 GMT+0000 (Coordinated Universal Time)
fY4lFOMkHLvcxsc0inKy7EMSyzBzFIow.png
k3vzn.flx10.com/ Frame 7276
7 KB
7 KB
Image
General
Full URL
https://k3vzn.flx10.com/fY4lFOMkHLvcxsc0inKy7EMSyzBzFIow.png?width=205.931&focusX=50&focusY=50&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3d8d88b159c9ecc2a00d3ca640f74696f190ea758a1c4b53dbfef49e35120202

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
jbHnQF0e1l2GS6XjTAhItNnNX5rIvOmw.png
k3vzn.flx10.com/ Frame 7276
2 KB
2 KB
Image
General
Full URL
https://k3vzn.flx10.com/jbHnQF0e1l2GS6XjTAhItNnNX5rIvOmw.png?width=154.03600000000006&focusX=50&focusY=50&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3da213495c035c7b2a80ba41b63adf7a9268aaafebd0870ec2913fbb2df5bb6f

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
eTfSBw4ZDC66YObs8yaedHnCKihylVFo.png
k3vzn.flx10.com/ Frame 7276
2 KB
2 KB
Image
General
Full URL
https://k3vzn.flx10.com/eTfSBw4ZDC66YObs8yaedHnCKihylVFo.png?width=131.41439999999997&focusX=50&focusY=50&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c2fe8556afca34427cdc1d9e9aa19bef83cc91e7c091345ad60261af12ff1951

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
css
fonts.googleapis.com/ Frame E1E7
251 B
267 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%20Condensed:700&text=%E2%80%9CNo%20MreWisabutm%E2%80%9D
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c8e2b5ed061af69475b8b865f39011bf904a0719a93a21b4001275922079f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame E1E7
233 B
253 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900&text=Asited%20Lvngra%24250%2Fmoh4%2E3
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ba75d1291d9b4419a0561b234fe2c99fc26577cc67cca6d56bf9cd1d232ae4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame E1E7
228 B
250 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900italic&text=Ofering%20aCotumRhbl
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5737ff67c7fc8314ec004d4e1048b3ee420d8280f55631dd1c3ea89b601c1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame E1E7
261 B
275 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,b&text=%E2%80%A2%20IndeptLivgAsSklNurCa425%2E30KHERPhycT%E2%80%8BOoU
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae90bc9102be2aad262e10af7100d466f907b8841fa92f4ef005c30e6d15b5f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
css
fonts.googleapis.com/ Frame E1E7
219 B
236 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:500&text=Contac%20UsTdy%2E
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1bd3a77d79ddffddbc18c76650022f09a63408352dfe8507cc3c7afa7cd532c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 16:45:45 GMT
server
ESF
date
Mon, 19 Apr 2021 16:45:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Apr 2021 16:45:45 GMT
b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png
k3vzn.flx10.com/ Frame 1662
2 KB
3 KB
Image
General
Full URL
https://k3vzn.flx10.com/b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png?width=137.74000000000004&focusX=55.83&focusY=11.54&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4fe0ba1dee960eaef6ba57f886fe28dd437ed4ecc93599157eb9e971eb7f2a1b

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png
k3vzn.flx10.com/ Frame 1662
47 KB
47 KB
Image
General
Full URL
https://k3vzn.flx10.com/eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png?width=217.95899999999997&height=90&focusX=70.17&focusY=25.31&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
09dbd394145748d972e976a55df3c77e6cfbbcf79add06ee8e61e9503244cdee

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png
k3vzn.flx10.com/ Frame 1662
5 KB
5 KB
Image
General
Full URL
https://k3vzn.flx10.com/WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png?width=99.00000000000001&focusX=50&focusY=50&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7e96cf5e02156caef27c7a29c8f62b57b39f1785814b9d5f656dcfe53b941958

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
font
fonts.gstatic.com/l/ Frame E1E7
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=ieVi2ZhZI2eCN5jzbjEETS9weq8-32meKCYKftMRNXIbg7UgqBY7Wqj-JTuSAh2M&skey=b54a1a8c4612f15a&v=v19
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed:700&text=%E2%80%9CNo%20MreWisabutm%E2%80%9D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d0bc8acbbc74a313ef2072d9257f22f2cce84fc5990d28e7968efe24d828bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:09 GMT
x-content-type-options
nosniff
age
9276
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2872
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:45:44 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Apr 2021 14:11:09 GMT
font
fonts.gstatic.com/l/ Frame E1E7
3 KB
3 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmEU9vBgUwCu-xwd0vGB_abiprGg&skey=ee881451c540fdec&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500&text=Contac%20UsTdy%2E
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f5b99f9ec5508c81625b5f58b463b3bede3d7d3911e84988eae9b8858965808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:09 GMT
x-content-type-options
nosniff
age
9276
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2652
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Apr 2021 14:11:09 GMT
WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png
k3vzn.flx10.com/ Frame E1E7
395 B
721 B
Image
General
Full URL
https://k3vzn.flx10.com/WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png?width=10&height=10
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
911bc0a553b8fdf97468f22756854bea86441871b31e332c2d8b53dae12942a5

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:46 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 15:53:43 GMT+0000 (Coordinated Universal Time)
b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png
k3vzn.flx10.com/ Frame E1E7
903 B
1 KB
Image
General
Full URL
https://k3vzn.flx10.com/b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png?width=10&height=10
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2ce56f91d809d8d73a15716a6f4f1fca326f9f59149d0d45b814a88c908405a3

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:46 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 15:53:43 GMT+0000 (Coordinated Universal Time)
eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png
k3vzn.flx10.com/ Frame E1E7
491 B
817 B
Image
General
Full URL
https://k3vzn.flx10.com/eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png?width=10&height=10
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2b8867b3c3dc87e80ebefbbb2ca78d93a5672864290231a8323c8942591e6ed4

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:46 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 15:53:43 GMT+0000 (Coordinated Universal Time)
font
fonts.gstatic.com/l/ Frame E1E7
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmYUtvBgUlCuXcurh8SE-BQBV-B1G_Mo9hQCbh23uo&skey=934406f772f9777d&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900&text=Asited%20Lvngra%24250%2Fmoh4%2E3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
61ec9f94e46190be991cd7b314654c70a6d26552b7cf4ce75e08639d0a7bd856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:11 GMT
x-content-type-options
nosniff
age
9275
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4504
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Mon, 19 Apr 2021 14:11:11 GMT
font
fonts.gstatic.com/l/ Frame E1E7
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOjCnqEu92Fr1Mu51TLBBc4GNPS1sccGhnRZz53Cli1NIl-Wjw&skey=b80be3241fe40325&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900italic&text=Ofering%20aCotumRhbl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebe638b2c3f24e96ac597f7bc6a4a846e6b677ac25aeefc3c513018bffbde724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:11 GMT
x-content-type-options
nosniff
age
9275
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3840
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Apr 2021 14:11:11 GMT
font
fonts.gstatic.com/l/ Frame E1E7
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmWUlvBgUQCu_Cp7t6Tjr3RBFWKHiWFbZefR3GyWy68ztOtgRavRQHn7S0MIaToaCw0ksm&skey=c06e7213f788649e&v=v27
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,b&text=%E2%80%A2%20IndeptLivgAsSklNurCa425%2E30KHERPhycT%E2%80%8BOoU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83ec6e98b67e5b4a238434c5c74cbbed8aba33f3783112f6e3a1c7c61faca10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://tj6w5.flx10.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:11:11 GMT
x-content-type-options
nosniff
age
9275
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5520
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 23:28:49 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 20 Apr 2021 14:11:11 GMT
WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png
k3vzn.flx10.com/ Frame E1E7
5 KB
5 KB
Image
General
Full URL
https://k3vzn.flx10.com/WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png?width=99.00000000000001&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7e96cf5e02156caef27c7a29c8f62b57b39f1785814b9d5f656dcfe53b941958

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png
k3vzn.flx10.com/ Frame E1E7
2 KB
3 KB
Image
General
Full URL
https://k3vzn.flx10.com/b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png?width=120.84800000000007&focusX=61.88&focusY=0&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b6c2798f4f908ff4f76fd98dce9ea1859ff17e0fbda26b08ca1975b335627d21

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png
k3vzn.flx10.com/ Frame E1E7
36 KB
37 KB
Image
General
Full URL
https://k3vzn.flx10.com/eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png?width=163.5816&height=90&focusX=70.17&focusY=25.31&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
809fa9ab66a2734db283d26920647a8880ea2a8a40e85dbdc7469298b3a3e047

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
jbHnQF0e1l2GS6XjTAhItNnNX5rIvOmw.png
k3vzn.flx10.com/ Frame 7276
2 KB
2 KB
Image
General
Full URL
https://k3vzn.flx10.com/jbHnQF0e1l2GS6XjTAhItNnNX5rIvOmw.png?width=154.03600000000006&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3da213495c035c7b2a80ba41b63adf7a9268aaafebd0870ec2913fbb2df5bb6f

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
eTfSBw4ZDC66YObs8yaedHnCKihylVFo.png
k3vzn.flx10.com/ Frame 7276
2 KB
2 KB
Image
General
Full URL
https://k3vzn.flx10.com/eTfSBw4ZDC66YObs8yaedHnCKihylVFo.png?width=131.41439999999997&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c2fe8556afca34427cdc1d9e9aa19bef83cc91e7c091345ad60261af12ff1951

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
fY4lFOMkHLvcxsc0inKy7EMSyzBzFIow.png
k3vzn.flx10.com/ Frame 7276
7 KB
7 KB
Image
General
Full URL
https://k3vzn.flx10.com/fY4lFOMkHLvcxsc0inKy7EMSyzBzFIow.png?width=205.931&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3d8d88b159c9ecc2a00d3ca640f74696f190ea758a1c4b53dbfef49e35120202

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png
k3vzn.flx10.com/ Frame 1662
5 KB
5 KB
Image
General
Full URL
https://k3vzn.flx10.com/WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png?width=99.00000000000001&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7e96cf5e02156caef27c7a29c8f62b57b39f1785814b9d5f656dcfe53b941958

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png
k3vzn.flx10.com/ Frame E1E7
5 KB
5 KB
Image
General
Full URL
https://k3vzn.flx10.com/WzLcMyn1m7MY7tYWdt0fCJI2o8AWdCeH.png?width=99.00000000000001&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7e96cf5e02156caef27c7a29c8f62b57b39f1785814b9d5f656dcfe53b941958

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:47 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:47 GMT+0000 (Coordinated Universal Time)
cAZiyjyMQY9nAsoJycYyDwI49olkwt8a.png
k3vzn.flx10.com/ Frame 7276
331 B
667 B
Image
General
Full URL
https://k3vzn.flx10.com/cAZiyjyMQY9nAsoJycYyDwI49olkwt8a.png?width=70.03399999999999&height=90&focusX=50&focusY=50&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a7b470797d848561645fb1771f3355cec0be3e66e699a69c15a025410d67632b

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
Zoh2AR1UGgEPTilphkzY4HfXPZogmfEH.png
k3vzn.flx10.com/ Frame 7276
325 B
661 B
Image
General
Full URL
https://k3vzn.flx10.com/Zoh2AR1UGgEPTilphkzY4HfXPZogmfEH.png?width=67.99700000000006&height=90&focusX=50&focusY=50&zoom=100
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1f268ce9ce75aa7c8e930dd98bc99bed49ab9d2c9180de524d431c89824a8ec1

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png
k3vzn.flx10.com/ Frame 1662
2 KB
3 KB
Image
General
Full URL
https://k3vzn.flx10.com/b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png?width=137.74000000000004&focusX=55.83&focusY=11.54&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4fe0ba1dee960eaef6ba57f886fe28dd437ed4ecc93599157eb9e971eb7f2a1b

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png
k3vzn.flx10.com/ Frame E1E7
2 KB
3 KB
Image
General
Full URL
https://k3vzn.flx10.com/b8iPN9Zb3tJ70MKSqSNQb4alxLRIQIaA.png?width=120.84800000000007&focusX=61.88&focusY=0&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b6c2798f4f908ff4f76fd98dce9ea1859ff17e0fbda26b08ca1975b335627d21

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png
k3vzn.flx10.com/ Frame E1E7
36 KB
37 KB
Image
General
Full URL
https://k3vzn.flx10.com/eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png?width=163.5816&height=90&focusX=70.17&focusY=25.31&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/728x90/?cacheBuster=2071439025&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsufKJBRfJD9KrIRYXHDd-wv61pKgbnZg7-5uOSoBwzCXNmuBaD_mMcjp6KQEp-E2EMXalwTRlsfzWGKzyvDfxh3KGH6uNObaS4uJEy45az0TM4Ozy1U_Vi0jEvlpGBUDZXWzLnPEKus3Aq1JdEl1z_zYIGgnN3mt2UpEVXSBTd9vJt-VznkDXHODWgIqj6N89iyGqT_9cHCpOfVrp01LTvNbA7Ouscivhwuc7phywGNNM_joNoEOjEHmVZtiXmUhVYovOPYC4PW3GuqhVPtvUXSqs0bSq80UJftwA%26sai%3DAMfl-YSHOn-hNyBG8s4j2jpBWa3BPR5GquPybUqCU28uWOAkLY6QKZ_S_PPTn72FqsxGXuNvHvHY-V8YiToUJiL36lNayM6xCHfCmzEzIpYZBhRuYtjAjLh3qV18YJsMn9C2%26sig%3DCg0ArKJSzBicrObF2bwOEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
809fa9ab66a2734db283d26920647a8880ea2a8a40e85dbdc7469298b3a3e047

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png
k3vzn.flx10.com/ Frame 1662
47 KB
47 KB
Image
General
Full URL
https://k3vzn.flx10.com/eByGNwEEwPfg4GzKyiQqdvyvWXZO2pUY.png?width=217.95899999999997&height=90&focusX=70.17&focusY=25.31&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/gSdQmthHXk5/-/breakpoint/970x90/?cacheBuster=1788116827&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstGlmw4VBSFuB68Nsyp8LdJeUGpJDRcp7iRqyNe2ZbHaeNQnoU2S6q5fFAPlOF25_4ZNBsHZkZo2XUgpsADP53Q0J5geabaJL2OG8zuUXq7maEBcR1xlkv9ja3ZKZgw6axlZHpk0TBxkRYmGTViij-Qg7ijgrYIMnkWy8uARnSSHc92tl9xt5ZaGtSUQuE7GULiGlEa_1wvTwlprsUyuCa_8an1-_KYIbBu-xkc_Xgh8-X9r6aMerEmrTmy12lqLEoJOO8dQgEyHjplwb9Ha8vXHIS1DiOpGo3Fw%26sai%3DAMfl-YTxEXoJMMecRxWCTJo32Qr53vNJcEyabu5FYvg2LaurRYi-W-uTiiAMj7fWxfWgpaMUtAaetF9RGRUjhIuTUSzkV2Ts_jZh8VyGMn-0y2mc9IugwZwuaLJGssPMdWw%26sig%3DCg0ArKJSzHXuAh8QDECZEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
09dbd394145748d972e976a55df3c77e6cfbbcf79add06ee8e61e9503244cdee

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
cAZiyjyMQY9nAsoJycYyDwI49olkwt8a.png
k3vzn.flx10.com/ Frame 7276
331 B
657 B
Image
General
Full URL
https://k3vzn.flx10.com/cAZiyjyMQY9nAsoJycYyDwI49olkwt8a.png?width=70.03399999999999&height=90&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a7b470797d848561645fb1771f3355cec0be3e66e699a69c15a025410d67632b

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
Zoh2AR1UGgEPTilphkzY4HfXPZogmfEH.png
k3vzn.flx10.com/ Frame 7276
325 B
651 B
Image
General
Full URL
https://k3vzn.flx10.com/Zoh2AR1UGgEPTilphkzY4HfXPZogmfEH.png?width=67.99700000000006&height=90&focusX=50&focusY=50&zoom=100
Requested by
Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/EW2euv2fQGO/-/breakpoint/970x90/?cacheBuster=77478920&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssiQqNCJP8spE0TwE64u8w0dKkCkmZEUv8ulUMQDE4BCyu5LWRlwWpqbS6w3d_Pa66s_Oub6y6fyUaC8FMrahPw9O1o3R6Fp54MD4QrI9ksCEyACmZFvgk7oTllsD0Vv_oGTBcwU1s57YUZXzRp8ySeAkT1lj_L-iADyJ8rvzotle0r_dmIMHIgeAzaZpJV1VbCaJb1-qhIU2Q8RO6Yh3oj3Sgc-KfMtFdJ0VuyiyLDz8Pr6i_ueQgBxcF1m6tn5TuIjlNMx_mFyzSF4ohFIVPGZhPOVYSExNmCOtw%26sai%3DAMfl-YQKaTvna9crk2hPzyyr1Rr1uIK7tdGc4AtHoDja1kIP18Dz3RLXIrqMDqxjcOMpYagONcU1WUOp76BMuKhgc0oCEDui_PPGKMsGWXqNp-mtxNyLJuKgbh4arzhNg6pL%26sig%3DCg0ArKJSzGHOrN00Iy8iEAE%26urlfix%3D1%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.29 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1f268ce9ce75aa7c8e930dd98bc99bed49ab9d2c9180de524d431c89824a8ec1

Request headers

Referer
https://tj6w5.flx10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
server
NetDNA-cache/2.2
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
public, max-age=864000
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires
Mon Apr 26 2021 16:45:48 GMT+0000 (Coordinated Universal Time)
status
api.userway.org/api/seo-widget/v0/page/https%3A%2F%2Fwww.heraldnet.com%2F/DESKTOP/WIDGET_OFF/
77 B
295 B
Fetch
General
Full URL
https://api.userway.org/api/seo-widget/v0/page/https%3A%2F%2Fwww.heraldnet.com%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-04-19/widget_app_base_1618819690699.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.138.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-138-29.us-west-2.compute.amazonaws.com
Software
/ Express
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:48 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
77
x-service-version
3a4b2361788f9f2ac73da6643b55668d386d6c5a
467
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/
110 B
854 B
XHR
General
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/467?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-04-19T18%3A45%3A50%2B02%3A00&ts=1618850750958
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.145.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-145-231.compute-1.amazonaws.com
Software
- /
Resource Hash
9c25ff8b6501fad0f16cb99ec6d42a681d11898b6799339358e313c17ec1677c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
120
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
script.js
powerad.ai/
140 KB
29 KB
Script
General
Full URL
https://powerad.ai/script.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
fafbeb10f42797b14f3a2e2b314758bb3ca34feca37044ac489081428f285517

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 18:56:34 GMT
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"22f96-178d6e45f43"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:fc00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 15:16:17 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
5373
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
gIQJ0WEzJg5v4UN-sPeP68qUVzMpBFnAYjFqjYLys1o9BXvNotqjkA==
expires
Tue, 20 Apr 2021 15:16:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beba0ad40c2f72388aa7cf7066939a17e278da774184dc62261b4c35cb25c2d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Apr 2021 16:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
ping
ping.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=heraldnet.com&p=%2F&u=WO_lYCIy5GnDVqKkF&d=heraldnet.com&g=55206&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10525&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=10993&t=Iw2wUBCID1aB_wIjvBlxwpADaKK9G&V=126&i=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&tz=-120&sn=1&sv=BY7CVLG9xfgaz1YVBadiGuDTXVDz&sd=1&im=067b0ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.197.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 19 Apr 2021 16:45:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1448
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 19 Apr 2021 16:31:04 GMT
expires
Tue, 19 Apr 2022 16:31:04 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
887
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 1448
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
7098
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Tue, 19 Apr 2022 14:47:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=1177256747203230&bg=!5-Sl5KDNAAZUuIlwVLg7ACkAdvg8Wi5tzhVWRpAYN08ZcE9lJ5WOJqPX7CL3PllijdrIZwz4v8eIxQIAAABYUgAAAA1oAQcKAG4eZMC8Rw2vPtzm2w0gMZundOC2LXf1o9FwOR82FMqzcWZiPfR7ed9v-908iNINkXC7W1zoGhxUe26_ubCzxwNm8vsu6bGFdR16bn5Fkme6ILLnF0y_BJfjtf765Y6nMkktp7cjDITxsKIJKIgc0ZkCGrdOeUm6UyMvdODrNUN6Tn7U_3ztMSkeJkMR6v_mCG-eZ7UQ4iSb6JaxOV_jTnFzVvhjX2ZtN3xRH_1H9IN30HVxvLpH8P8E5IY8ADSzK2hUR5TRe67Sg0CLICgbbge7lksOGsWQ-KfjOeiPR0lUw3hQ8J87Q1280Kb19kBXPeHTaBO0b55VsSzA0CaC8R_YtRelCyaSlpC4Ifej3RF2J57x-7oF47ka-L4xlrA8eNQFBoLYBiBBG8k2wJR_KFcFui0eaHYb0VkxsUC5T9Fp-nIuVgoHc-FTkzr1HjTZdPPYiBgTHfAS-25sp_rr948A3DcHuYM0RCZTqWY--i5QDsU4AgDpQbDGmt5fVXRmQHP3H-4ImjAaNUR0IO98EKxx6fap9HOVJrYHzthNGp_LKJ4UCzvF50bBAmEg-WxK2zeBL-f-GVB-K7BbnHpXJ5A_gT_SV4tYycUORewYx3cnZbmWJUNOnS_nZOmNIs1bp7xxbV_L5XbhPLvkF1u4_TNVz_xCfO4MA9l6CEUY_As3YYTLj_NFRTyhdBh-eHG8tdKBgoe4DOtO2_7dIuQPfTknbloa7vGE5p8E-i_gBt-cqCn1o_qI_5qbzYfxgzFrdpJ33SLJifFXgHodOd498BIEnZmMFpZ5J5EQexEuxpgLAb1BpPC45R7wrTRgRSjOVDUQj9or9r8uyx3ZKDmcAoG3596dIMeAmPmgor0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
reporting.powerad.ai/
2 B
412 B
Ping
General
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Apr 2021 16:45:51 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
pbjs_wrapper.v1.0.js
hb.brainlyads.com/ Frame 61B1
17 KB
6 KB
Script
General
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1fb754cec74956af6531826d6f73a28e8bb2049d3bb3913c524e4d7583b0435c

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Apr 2021 13:36:18 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"607c35d2-444d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 20 Apr 2021 16:45:51 GMT
prebid.js
hb.brainlyads.com/ Frame 61B1
388 KB
120 KB
Script
General
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a0c0670e777ee9b5749bc6a0c47ce9e54a6aec175851365e4565387695f8d29a

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 16:01:23 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"60786353-60faa"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 20 Apr 2021 16:45:51 GMT
/
powerad.ai/pubPls/
2 KB
1 KB
XHR
General
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.heraldnet.com%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
316e93e8aaedddf62fbc01b517c3164eca29d46451a904c3a5a015cb297fc4b8

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:51 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"634-j1rds3OGdpE1uAGoefJP51fPAbw"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.heraldnet.com
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
js
www.googletagmanager.com/gtag/
93 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-112
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a2dbfa44a2176f310725202f356dc948858245b5c540d599f717e4d684eee49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37396
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 15:40:52 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Apr 2021 16:45:51 GMT
js
www.googletagmanager.com/gtag/
93 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-112&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52608-71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a69cd121efe2e8540bb96200ad1fc838a98b6b0c39d0b8dd9f7e4be615a2be3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 16:45:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37443
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 15:40:52 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Apr 2021 16:45:51 GMT
/
reporting.powerad.ai/
2 B
412 B
Ping
General
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 19 Apr 2021 16:45:51 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
collect
www.google-analytics.com/j/
2 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=238188580&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHjAAUABAAAAAC~&jid=973309090&gjid=1082163936&cid=675299959.1618850742&tid=UA-137034616-112&_gid=111894227.1618850752&_r=1&gtm=2ou472&z=365299497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Apr 2021 16:45:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
2969
date
Mon, 19 Apr 2021 15:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Mon, 19 Apr 2021 17:56:22 GMT
collect
stats.g.doubleclick.net/j/
1 B
67 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-137034616-112&cid=675299959.1618850742&jid=973309090&gjid=1082163936&_gid=111894227.1618850752&_u=KHjAAUABAAAAAC~&z=202886637
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Apr 2021 16:45:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=2&f_privb=0&tid=4a819426-0c61-4bd9-bdea-17c2aa128411&pid=ee82453a-eaa9-4598-99a9-8e054c8ae0d9&dtm=1618850751894&qnm=_matherq&visible=1&tabid=26d25ac1-26d6-4e13-a22a-7fec99b95367&url=https%3A%2F%2Fwww.heraldnet.com%2F&vp=1600x1200&ds=1600x10525&tofa=1618850752&vid=1&lvidt=1618850752&duid=49c61e75bd3cd5e0&fp=1072425006&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxODg1MDczOTk2NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIzMjYwIiwiZmV0Y2hTIjoiNTMyIiwiZG9tYWluUyI6IjUzMyIsImRvbWFpbkUiOiI1MzQiLCJjb25uUyI6IjUzNCIsImNvbm5FIjoiNzY5Iiwic3NsUyI6IjU0OCIsInJlcXVTIjoiNzcwIiwicmVzcFMiOiI5MTIiLCJyZXNwRSI6IjEwMjEiLCJkb21Mb2FkIjoiOTE0IiwiZG9tSW50ZXIiOiIzMTUwIiwiZG9tTG9hZFMiOiIzMTc1IiwiZG9tTG9hZEUiOiIzMjE2IiwiZG9tQ21wbHQiOiIxMDk5MyIsImxvYWRTIjoiMTA5OTMiLCJsb2FkRSI6IjExMDI2In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-210-103.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 16:45:51 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
metrics
connect-metrics-collector.s-onetag.com/
0
73 B
Ping
General
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 19 Apr 2021 16:45:52 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/
0
72 B
Ping
General
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 19 Apr 2021 16:45:53 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=3c88cbabbdf2d8d9e2a654c2&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

576 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| php_vars number| nwviewportwidth number| nwviewportheight string| nwSite string| nwPubDate string| nwProtocol string| nwServer string| nwEdition string| nwUserCkSubscripDays number| nwuserCkDefaultDays string| nwContentId string| nwECopyAccess string| nwDayPassAccess string| nwMeterAccess string| nwMustRegister string| nwMeterThreshold number| nwMeterDefaultDays string| nwContentCallback string| nwIllegalChars number| nwPasswordLength string| nwDoNonSubCheck string| nwSkipConfirmation string| nwTheme string| uiVersion string| nwLabelColor string| nwInputFontSize string| nwInputFontColor string| nwFacebook string| nwGoogle string| nwDialogWidth string| nwDialogHeading string| nwECopy string| nwDayPass string| nwTerm string| nwWelcome string| nwMeterUsed string| nwLoginIcon string| nwLoginInstruct string| nwLoginIdLabel string| nwPasswordLabel string| nwButtonLogin string| nwButtonCancel string| nwButtonRegister string| nwInvalidLogin string| nwNoValidSubscrip string| nwInsufficientFunds string| nwForgotPasswordLinkText string| nwPurchaseOptionsHeading string| nwDayPassHeading string| nwECopyHeading string| nwTermSubscripHeading string| nwDayPassBuyButtonText string| nwECopyBuyButtonText string| nwTermSubscripBuyButtonText string| nwCancelButtonText string| nwDayPassIconURL string| nwTermIconURL string| nwECopyIconURL string| nwTermBuyIconURL string| nwDayPassBuyIconURL string| nwECopyBuyIconURL string| nwPublicTerminalText string| nwRegistrationHeading string| nwNonSubRegistrationHeading string| nwAccountFieldText string| nwLastNameFieldText string| nwFirstNameFieldText string| nwEmailFieldText string| nwEmailConfirmFieldText string| nwUserNameFieldText string| nwPasswordFieldText string| nwConfirmPasswordFieldText string| nwRegisterButtonText string| nwUserRegistrationText string| nwUserChoiceSub string| nwUserChoiceNonSub string| nwRegistrationIconURL string| nwRegAuthButton string| nwConfirmButton string| nwECopyConfirmButton string| nwConfirmCancelButton string| nwConfirmUpdateButton string| nwPurchaseConfirmHeading string| nwECopyPurchaseConfirmHeading string| nwEPassRatesHeading string| nwLabelSunday string| nwLabelMonday string| nwLabelTuesday string| nwLabelWednesday string| nwLabelThursday string| nwLabelFriday string| nwLabelSaturday string| nwECopyCreditAmts string| nwConfirmSaleText string| nwECopyConfirmSaleText string| nwRegisteredMessage string| nwRegisteredAuthorized string| nwNonSubAccountFound string| nwNonSubAccountFail string| nwAlertText string| nwMessageText string| nwMeterUpMessage string| nwIsTeaserBlock string| nwTeaserId string| nwRegisteringMessage string| nwContentWidth string| nwLabelStyle string| nwPublicTerminalTextStyle string| nwHeadingStyle string| nwLogoutMessage string| nwLogoutID string| nwFloatLogout string| nwLogoutText string| nwLogoutStyle string| nwLogoutDivStyle string| nwLogoutDivHTML string| nwNoLogoutMessage number| nwReauthTimeMin string| nwLogAdvDivContent string| nwLogAdvStyle boolean| nwInitLogin string| nwLowerCaseMessage number| nwDefaultPurchasePanel string| nwTwitter string| nwInvalidAccount string| nwFacebookJS string| nwFacebookAPIKey string| nwFacebookInitialize string| nwFacebookLoginInstruction string| nwRegisterWithFacebookButton string| nwLoginWithFacebookButton string| nwDeleteAllOnLogout string| nwShowAccountManageButton string| nwAccountManageButton string| nwCookieDomain string| nwNonSubRegistrationPanelChecked string| nwSubRegistrationPanelChecked string| nwDebug string| nwMobileButtonWidth string| nwAfterLogin string| nwNoShowOptionsAfterLogin string| nwAfterLogout boolean| nwIsLoggedIn string| nwLoggedInAndAuthorizedCallback string| nwAfterRegistrationCallback string| nwCustomRegistrationPanel string| nwCustomPurchasePanel string| nwCustomLoginTable string| nwNoSubscriptionSelectedMessage function| newzware_offerClicked function| newzware_afterRegistration function| newzware_getWebLogin boolean| nwResizable string| nwShowLogout string| nwSSO string| nwShowMeterMessage string| nwMeterBoxHTML string| nwUseJQueryInputStyle string| nwUseInputStyle object| nwInputJQueryStyle object| nwInputStyle string| nwUseMainDivStyle object| nwMainDivStyle string| nwAppId number| nwMeterBoxOpenThreshold string| nwJQueryEffect string| nwLoadThemeSeparate string| nwJQueryDialogClass string| nwVerifyEmail string| nwValidateEmailMessage string| nwForceEmailAsUserName number| nwMeterBoxSlideBoxWidth boolean| nwNoActionOnInit string| nwShowLoginCallback string| nwShowRegistrationCallback string| nwShowPurchaseCallback string| nwMeterLimitReachedCallback boolean| nwMeterExpireEndOfMonth string| nwPromoCk string| nwFacebookInvalidMessage object| nw_exdate string| nwParams object| urlParams object| nwRPage function| newzware_redirectToRPage function| newzware_doLogoutRedirect function| newzware_autoRedirect object| _0x7a9c number| nwNetworkType function| newzware_v function| newzware_vc string| nwAuthURL string| nwWebLoginURL string| nwForgotURL string| nwForgotAcctURL string| nwCCCheckURL string| nwNonSubCheckURL string| nwCreateGenURL string| nwCreateSubURL string| nwValidateSubURL string| nwDayPassURL string| nwVariableURL string| nwSSMURL string| nwSSMLoginURL string| nwMeterURL string| nwLogoutURL string| nwPulseURL string| nwCurrURL string| nwAuthCk string| nwUserCk string| nwUserLgCk string| nwUserSecCk string| nwMeterCk string| nwVariable string| nwCompName string| nwCookiesDisabledURL string| nwPrRateIdCk string| nwAlert1 string| nwAlert2 string| nwHighlight1 string| nwHighlight2 string| nwMainHTML string| nwLoginAdditionalText string| nwRegistrationOptionBuff string| nwRegistrationOptionsPanel string| nwLoginTable string| nwTermOption string| nwECopyOption string| nwDayPassOption string| nwPurchasePanel string| nwRegistrationPanel string| nwAuthorizePanel string| nwConfirmPanel string| nwEOptionBuff object| nwECopyArr number| gg string| nwECopyPanel function| $ function| jQuery function| DP_jQuery_1618850741640 function| nwJQuery object| _0xc507 object| todayDate string| newzwareFilesAdded string| nwNetwork boolean| nwSSOTried boolean| nwMeterDone function| newzware_loadTheme function| newzware_epassInit function| newzware_isAuthorized function| newzware_checkPulse function| newzware_start function| newzware_login function| newzware_purchaseCancelled function| newzware_loginCancelled function| newzware_isMainVisible function| newzware_showProcessing function| newzware_doLogin function| newzware_registrationAuthorize function| newzware_nwtrim function| newzware_authorization function| newzware_parseDate function| newzware_getUH function| newzware_createMainPanel function| newzware_createLoginPanel function| newzware_createPurchasePanel function| newzware_createRegistrationPanel function| newzware_facebookLogin function| newzware_doFacebookSubRegistration function| newzware_facebookInit function| newzware_createRegistrationOptionsPanel function| newzware_createAuthorizePanel function| newzware_createConfirmPanel function| newzware_createECopyPanel function| newzware_showPurchasePanel function| newzware_showConfirmationPanel function| newzware_showECopyConfirmationPanel function| newzware_cancelConfirmation function| newzware_cancelECopyConfirmation function| newzware_cancelRegistration function| newzware_showRegistrationPanel function| newzware_hideAuthorizePanel function| newzware_hideLoginShowRegistration function| newzware_hideLoginShowPurchase function| newzware_hideRegistrationShowPurchase function| newzware_hideRegistrationShowAuthorize function| newzware_hideLogout function| newzware_afterLogout function| newzware_afterLogin function| newzware_showLogout function| newzware_doLogout function| newzware_showContent function| newzware_hideAll function| newzware_hidePurchase function| newzware_clearMessage function| newzware_showLogin function| newzware_hideMain function| newzware_showMain function| newzware_cookiesEnabled function| newzware_setSessionCookie function| newzware_setCookieMin function| newzware_setCookie function| newzware_getCookie function| newzware_deleteCookie function| newzware_dayPass function| newzware_ecopy function| newzware_confirmSingleDaySale function| newzware_confirmECopySale function| newzware_purchaseDayPass function| newzware_doSSMRedirect function| newzware_autoLogin function| newzware_purchaseTermSubscription function| newzware_purchaseECopy string| newzware_hex_chr function| newzware_rhex function| newzware_str2blks_MD5 function| newzware_add function| newzware_rol function| newzware_cmn function| newzware_ff function| newzware_gg function| newzware_hh function| newzware_ii function| newzware_calcMD5 function| newzware_setRegistrationType function| newzware_hideRegistrationBlocks function| newzware_showRegistrationChoice function| newzware_doFacebookNonSubRegistration function| newzware_registerNonSubUsingFacebook function| newzware_createGeneralAccount function| newzware_registerUsingFacebook function| newzware_createOnlineAccount function| newzware_showMessage function| newzware_hasIllegalChars function| newzware_forgotPassword function| newzware_forgotAccount function| newzware_updateBillingInformation function| randomString function| newzware_loadJSCSSFile function| newzware_checkLoadJSCSSFile function| newzware_autoLoginAndStart function| newzware_meterBoxOpen function| newzware_meterBoxClose function| newzware_getDaysForMonthMeter function| newzware_attachLoginEvent object| ai_front boolean| ai_dummy object| googletag object| gptAdSlots object| picturefillCFG function| picturefill function| selectAll function| deselectAll function| activateSelected function| deactivateSelected function| processReqFailure function| processReq function| goToMonth function| setAction function| setChosenDate function| openCalendarPopup function| switchMode function| hide function| show function| hideButton object| WebFont object| blueConicPreListeners function| BCClass object| blueConicClient object| jwDefaults object| webpackJsonpjwplayer function| jwplayer number| _sf_startpt object| dataLayer function| fbq function| _fbq function| gtag object| sp_userVar object| sp_userLgVar object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| __connect object| _mather object| _matherq object| tid function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| __ctcg_65349_0_exec string| PDV_POLL_q10799437 number| PDV_share10799437 number| PDV_id10799437 number| PDV_w10799437 boolean| pollClosed10799437 object| PDV_A10799437 string| def function| Sanitize string| a2a_track_pub number| a2a_no_3p number| PD_ck10799437 string| PD_ck_name10799437 string| PDV_n10799437 undefined| PD_button10799437 string| PDV_nurl10799437 function| _$ function| is_secure function| getHead undefined| PDV_server10799437 undefined| AA10799437 undefined| PDV_html10799437 function| PDF_mc10799437 function| PDF_a10799437 function| PDF_o10799437 function| PDF_checkOther10799437 function| PD_prevote10799437 function| PD_vote10799437 function| PDF_getTags10799437 function| PDF_urlEncode10799437 function| PDF_rand10799437 function| PDF_loadStyleSheet10799437 function| PDV_go10799437 function| PDF_setCookie10799437 function| PDF_getCookie10799437 function| PDF_callback10799437 function| get_sanitizer_10799437 function| sanitize_HTML_10799437 function| unescape_HTML_10799437 function| prepare_HTML_10799437 function| PD_addEventListener10799437 function| PDF_log10799437 object| fileref object| _userway_config object| UserWayWidgetApp object| _sf_async_config function| nwCheckLoginButton function| showContent function| nwdemo_doAfterLogin function| nwdemo_doAfterLogout function| showMeterMessage function| showLogInBox function| nwforgotPassword object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_390004 boolean| _userway object| closure_lm_863617 function| _docReady object| pbjs object| atdpbjs boolean| isUserActive boolean| windowActive undefined| _yetiAXTInstances undefined| _yetiAXTUnitConfig function| InteractionTypeImpl function| _createClass function| _classCallCheck object| initClasses object| activeClasses string| endEvent function| animate object| MotionUI object| Foundation object| wp function| b64e function| b64d function| ai_insert function| ai_insert_code function| readCookie function| amzn_uam object| apstag object| jQuery172005308713414927846 function| onLogImpressionComplete function| atdpbjsChunk object| _pbjsGlobals object| Mustache object| _bcp function| RuleService object| justDetectAdblock function| FormRuleService function| BlueConicEngagement object| bcConnectionUtil function| md5 function| BlueConicMetaDataService function| BlueConicDataLayerUtil object| jsonpath function| fbAsyncInit boolean| apstagLOADED object| bc_json468 object| FB string| sovrn_beacon_tid object| LJT_Ads function| processGoogleToken object| googleToken object| googleIMState number| __google_ad_urls_id number| google_unique_id object| UserWay object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| h object| s number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| GoogleGcLKhOms object| google_image_requests number| startTime object| paGlobal function| callUnitMan object| pa_pbjs_fw

0 Cookies

13 Console Messages

Source Level URL
Text
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js(Line 6)
Message:
google_DisableInitialLoad is deprecated and will be removed. Please use googletag.pubads().isInitialLoadDisabled() instead to check if initial load has been disabled.
console-api log URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js(Line 60)
Message:
AMZN UAM - Debug Sovrn Plugin: Disabled pub ID: f4e5f220-2efc-45a1-869f-0b293f8aec73 Slot ID: div-gpt-1, Slot Name: /1036994/adUnit1, Size Map: [970, 90] Slot ID: div-gpt-3, Slot Name: /1036994/adUnit3, Size Map: [970, 90], [728, 90], [320, 50] Slot ID: div-gpt-5, Slot Name: /1036994/adUnit5, Size Map: [970, 90], [728, 90],[320, 50] Slot ID: div-gpt-7, Slot Name: /1036994/adUnit7, Size Map: [970, 90], [728, 90],[320, 50] Slot ID: div-gpt-9, Slot Name: /1036994/adUnit9, Size Map: [970, 90], [728, 90],[320, 50] Slot ID: div-gpt-11, Slot Name: /1036994/adUnit11, Size Map: [970, 90], [728, 90],[320, 50] Slot ID: div-gpt-13, Slot Name: /1036994/adUnit13, Size Map: [970, 90], [728, 90],[320, 50]
console-api log URL: https://soundpublishing.blueconic.net/plugin/library/b13fa292e488f686e1df49e0043faac0(Line 498)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://soundpublishing.blueconic.net/plugin/library/b13fa292e488f686e1df49e0043faac0(Line 493)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://cdn.blueconic.net/soundpublishing.js(Line 138)
Message:
[BC]DataLayer available
console-api log URL: https://cdn.blueconic.net/soundpublishing.js(Line 138)
Message:
[BC]Item will not be scraped due to incorrect type: !== article
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 869459273124027.
console-api log URL: https://cdn.blueconic.net/soundpublishing.js(Line 138)
Message:
[BC][ERROR] an error occured in callback function: [function() { // Values have been loaded, safe to get now var bcTime = profile.getValue('7_days_timestamp'); var timeNow = Date.now() var oneDay = oneDay = 24 * 60 * 60 * 1000; var timeDifference = (timeNow - bcTime) var bcDays = Math.round(Math.abs(timeDifference / oneDay)) var bcArticle = $('h1.entry-title')[0].innerText //console.error(bcArticle) if (bcDays < 7){ profile.addValue('articles_read_7_days', bcArticle); blueConicClient.profile.updateProfile(); } else { profile.setValue('articles_read_7_days', bcArticle); profile.setValue('7_days_timestamp', timeNow); blueConicClient.profile.updateProfile(); } }], error: [TypeError: Cannot read property 'innerText' of undefined]
console-api log URL: https://cdn.blueconic.net/soundpublishing.js(Line 138)
Message:
[BC][ERROR] --stacktrace--
console-api log URL: https://cdn.blueconic.net/soundpublishing.js(Line 138)
Message:
console.trace
console-api log URL: https://cdn.blueconic.net/soundpublishing.js(Line 138)
Message:
[BC][ERROR] --end stacktrace--
console-api info URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.heraldnet.com/
console-api warning URL: https://hb.brainlyads.com/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
adservice.google.com
ajax.googleapis.com
aorta.clickagy.com
ap.lijit.com
api.recruitology.com
api.userway.org
b1sync.zemanta.com
b2cdn.automatad.com
bcp.crwdcntrl.net
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.blueconic.net
cdn.jwplayer.com
cdn.userway.org
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
d.turn.com
d67262af6407f20983ca2ca43b9cb66b.safeframe.googlesyndication.com
data.adsrvr.org
entitlements.jwplayer.com
eu-u.openx.net
everett-tpweb.newsengin.com
everett.newzware.com
everettweb.newzware.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
go.automatad.com
gslbeacon.lijit.com
hb.brainlyads.com
heraldnet-wa.newsmemory.com
heraldnet.com
image6.pubmatic.com
imasdk.googleapis.com
js.matheranalytics.com
k3vzn.flx10.com
log.outbrainimg.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
ob.cheqzone.com
obs.cheqzone.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.tapad.com
platform.twitter.com
powerad.ai
pr-bh.ybp.yahoo.com
ps.eyeota.net
pxdrop.lijit.com
reporting.powerad.ai
rtb.gumgum.com
rtb.mfadsrvr.com
s0.2mdn.net
secure.adnxs.com
secure.polldaddy.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
soundpublishing.blueconic.net
ssl.p.jwpcdn.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
tcheck.outbrainimg.com
tg.socdm.com
tj6w5.flx10.com
tpc.googlesyndication.com
tqe36.flx10.com
um.simpli.fi
ums.acuityplatform.com
us-u.openx.net
vap1ams1.lijit.com
widget-pixels.outbrain.com
widgets.outbrain.com
widgets.recruitology.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.heraldnet.com
www.i.matheranalytics.com
x.bidswitch.net
ums.acuityplatform.com
100.24.222.120
104.108.144.24
104.108.145.205
104.111.233.227
104.198.41.198
104.244.42.8
107.178.250.234
108.161.188.228
13.224.102.117
13.224.102.29
13.224.102.4
13.224.102.5
13.224.103.105
13.32.25.38
13.33.139.109
132.226.41.106
142.250.186.162
142.250.186.98
151.101.114.49
152.199.22.243
159.253.128.188
161.129.63.157
161.129.63.206
169.197.150.7
18.158.22.14
18.195.155.181
18.195.54.133
18.202.255.125
18.211.226.152
184.30.20.198
184.30.20.241
184.30.21.80
185.184.8.30
185.29.132.144
185.33.223.178
185.59.220.197
185.64.190.78
192.0.123.248
193.0.160.128
198.148.27.140
202.241.208.55
213.19.147.151
216.17.34.116
216.52.2.19
23.111.9.203
23.20.158.212
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:2190:1400:1:a3fa:7cc0:93a1
2600:9000:2190:fc00:18:1fcd:34e:d2a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:125e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2001
2a00:1450:4001:801::2008
2a00:1450:4001:801::200a
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2006
2a00:1450:400c:c0d::9a
2a02:6ea0:c700::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::626
3.125.70.222
34.117.123.47
34.203.138.195
34.225.145.231
35.156.198.184
35.227.248.159
35.244.159.8
37.157.4.25
46.228.164.13
52.21.173.249
52.26.138.29
52.30.140.199
52.49.202.212
52.74.95.103
52.95.123.41
54.166.210.103
54.234.151.247
54.246.18.165
54.85.197.32
54.87.192.123
66.155.71.149
69.173.144.165
69.173.151.90
70.42.32.127
70.42.32.63
72.251.249.14
72.251.249.9
89.187.169.26
94.31.29.29
99.83.181.31
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
02968840bd37379e053edd3aaa1a1278e6221b2cc788de01a6b988197b065f8b
02c788fbfa3ac2df57d2c0beb335f93626cd23fc41a3012c2d670c224b8c9b83
048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e73cdd74774a1d60c2570e0df7ee94b53077d478b1a0aad86ac5ad04f4e0af
0799ca406e24cf80ffb56302fb1512e10a940694c720097c62014e4f0fca533b
08ae13eae594f2da4c8f3e8559fdb17a0ffc864013b37a8120e1f35968813402
09dbd394145748d972e976a55df3c77e6cfbbcf79add06ee8e61e9503244cdee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba1e79d6238797e6b0241fbde95a7f28b297b03f92ec106e95974918c95af18
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c2ba3c35316ae8e6730758bfdf60e1f90d0db8a1044b122d03b6b75b55942a8
0c89be77331ea60874a60cfe55b66c3917c72bc3584db0b8ea3e23faad36b5e0
0cfffadaa33db012e0fd5109b8b81b94fdec67b8cc151a4dc37753e3137d098a
0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3
0e9ccfeff5f31fca592299a5dc7d8924ccaebb59a325b4de315b006f1c49a3a6
0f1e7f7e5f637fa63cea33778f1d8410f6593255696de5b60a22113c9bb44fae
0f5fb2d2955373c1ab2e198244d0129f7311c6ed3c79197ca14976acc70f46fa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1314465e7736d414ff6f92885818c878f0716ef30c1a1f0046e35535f9f730ee
13807993441401a37267a10627b796d90e19cc27d06577e8f272373cad191b94
13fc325336b7b5c212c3456100104e8b9b1783efb2b5a37e548aa3c09250ccc5
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1535a53d2967255b5595729e74fa6e33dfac334651f102e826a0d7bd117b4ec9
1760945676efe45dbf0f7710c4f3974f65c5bc2fce8c222eced823b14f096b20
1778185099d540dfdf515feabb8eee5dad6049473e2dde2d5013a51dcfdfdf41
197dc8f7a586bafd68c94b77ce6cb3b977aafb731370137f231842de42a759d7
1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c
1ba75d1291d9b4419a0561b234fe2c99fc26577cc67cca6d56bf9cd1d232ae4f
1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8
1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f268ce9ce75aa7c8e930dd98bc99bed49ab9d2c9180de524d431c89824a8ec1
1f5b99f9ec5508c81625b5f58b463b3bede3d7d3911e84988eae9b8858965808
1fb754cec74956af6531826d6f73a28e8bb2049d3bb3913c524e4d7583b0435c
208794b2f7e29f502f275f225400db91e0e9bae2b90ea312247b35a91bfef259
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
221cf051047f4e6620711bf6e7f4a1e3455515652f0c7c7a80a770b4092b0ba2
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
23b729b9788acd71a92585ada201a1929987d44a6fb579cb6b3ef5487d2dc903
243cda291a2dc52cc42ea4c74fec3e6435a6cf5b0c8084f35e995479cb1a3b2c
247a6529ea618a483d96fca03720ebbaef43cbb8ed8c4008d746fd11afb78e63
2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4
262f8625b518a30d7544a7a78671b3357e0665634ce1c4106ebd5f7500befddb
26a7336cc678a07c2e05d26fdbdcd096d3cac3243f6b08cfa2966bcba4f687be
2777aa83495a2a26ab335b8cecba52f4ea5575fcd5d80f57ae03cc73cb899e04
2a92910126221cc07c412537a561ce41eb77a06a5290c8602ffe5f01dc1fa1f2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8
2b619d7ace8eef7b748c323ea67e5a04bee2b66fe50982ced5d97b08d6c5b9ee
2b8867b3c3dc87e80ebefbbb2ca78d93a5672864290231a8323c8942591e6ed4
2be21fd0e608a55c2840f8448b8f351c936b2f3296a94f7c57f6c2631e433d94
2ce56f91d809d8d73a15716a6f4f1fca326f9f59149d0d45b814a88c908405a3
2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4
2dd0eb5e44c81a864cd68e633a69701248b9298b0dc7eb2c75e67e2b1c19b4bc
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
2f94e7614a5f3235e00da28d9b68762c169db1f0197c5d5beca458e0d66ad91c
316e93e8aaedddf62fbc01b517c3164eca29d46451a904c3a5a015cb297fc4b8
317b9e18fd743948265acd728933efda43d8cef23713043b1a21ef818fdbbc05
342e1f9f80c843ef6e4f61b2e084c63df05a498ca47f209ff2467bcbf7bece6f
35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3729a60443eeed0a2f1248e5de7109f84137cd7302e8fcb5ef0038edfa59f8a9
37b4162e33abcc6009f00dfc38da87c797306e58eb913a01954f9ae71d49c69c
37f424eea05384463f70a2ecb799c322c916e2b9323653727f4cc5568c1b0742
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3d8d88b159c9ecc2a00d3ca640f74696f190ea758a1c4b53dbfef49e35120202
3da213495c035c7b2a80ba41b63adf7a9268aaafebd0870ec2913fbb2df5bb6f
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0a410907f0c00576df0edce6061eb887259d98df5bac77f56c94083b22ac3a
400d0cf8ae321fc33886909f2b45df91590d41f0ec0cb9c183945e7c3c75c4de
403fee602a7653d026dac9fc715f70d97ac6243c9ed61c27bfae0b6b6b1f5aee
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
42ad3e306d4071ccd181d2928456f12f209e82159874ba8bcd06f98d9b740755
42d0bc8acbbc74a313ef2072d9257f22f2cce84fc5990d28e7968efe24d828bd
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
45026a39934f10a8d572e771d807244911893dcea02bb78000a0e7482c4341d6
451c664426f6846491da7801951b2db9f9b38d2b5379ff555ae5acf8729740cd
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71
48f713e21645adc946b64429cd6f40eafa6afe56fca53d61a93c8be3f937f096
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6
4a4dcc65f1da4029d2748dbdda40733c52c4f54f6fa57aac9a4026e5121f66fd
4bff85bdfa50bd0194b0b74c94c7756e41ba4d3df20e06beeeefe0cf48793d86
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cdaeb5b8f2a45ba262f5a035677275bd5a4f0edf01f16c2a1bb2aaff1ae5c4c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9117f00b958920d6a594588c82bb74e5cf045d786c548b15b91ae65d11cc0f
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fe0ba1dee960eaef6ba57f886fe28dd437ed4ecc93599157eb9e971eb7f2a1b
5116785d741135ddae0e5f45dc18fa10c99ab9e1ebd551f754cc20e3512ec0b1
51d5d82ec00ed4212ddda2738b3f2fc7afd1b3c3d32599308ba9b3ef1d977645
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c
527deb218955264a10068ec4f64babeae87ce47250576ae8d960ed63b3cdcc97
52e29f60239353397753521d7db1bedab079d521e615cb13575eac86a5999beb
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cb413407cd2f75d5991dfe7a8d6e4d09ff2968c471ea2c74a13a50fc389a55
54cbc7d44ac2e29b52b19dd1aaaf217aa6bffa8a2c49a6100a841a3c265562d1
54d37ef3359431f625b3fcd7949709afde6d6f7be2b70b2f4a029a216995a27c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566eca20ef08e18d9a7d1e168e454cb123bb65044e4c81129556d7ebdc490ec5
5705067b04a9723496336e0230d78363dc32ef4a1065199d2c0f0a2e7cbef57d
59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a1b1531dc3babb40d32115e8a2184d0b6469a4058d36e10586b8e7247133113
5a2dbfa44a2176f310725202f356dc948858245b5c540d599f717e4d684eee49
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
5bd5b5223235b6aa0d1d35eeb2d062ed550a16859abdd00bf7804b8087560717
5d0c34bbe6ee57a3166161d491a6bbed5601772059f51ae72740e4b17410e885
5dd6142912ad29fb7aedf4875d239ff95c2d36d928d3539fc5477865c5975c97
5ef9915371fd42bbccac2b0b9cedde1a76bff22e665315ac4ad5895cf4b83c7d
5f8a6ec76cb7852a46232f5662fe39852a9c7a93ad60946b84c71d4f8596d707
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
616d20cd978147f6dee344b2d8ffe65f50043cdb4579f2bab4587696054cb892
6170ba360f9f54bf43c494c0afeb1c56915947607b130d01229287ee738af906
6188144b4acec4d9b337924faa86ac52e5fca5cf9645a30e3c0990b301d9669a
61c2c3111f6c2e490fe39d76228f32fda2cc49d381fdb1fcc27b6e8e80fb9173
61ec9f94e46190be991cd7b314654c70a6d26552b7cf4ce75e08639d0a7bd856
62af1e8309ae48dfe2e09ede22abe3a3b25c6c6d0b934c8256c5de337e378b1d
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
67e483e657b7ee64bf099313a30abe5aa35768cf3533a2b3fde5845559e1c57e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
69fd57b8f7406b9f0bbb75862491e39dc4830ea1f4fe8a4d85ab2f3e28fcbb00
6a72e6652d6c1e3a45aa5d2ded789a669a4541d28352dea5eccebacace4003fe
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b501a0a4447cc901efe7a43352d3491045f6ea4f1b95cab37ab8af979d67a7b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c25b5c0ed51665f0003fc29d4a4f1b4cc2210b67d564ba6ac9451fe38ee6e9a
6c8e2b5ed061af69475b8b865f39011bf904a0719a93a21b4001275922079f3b
6e4b98a840cd0aaca96f4c720eb83239ec0f0ba90e86008ee99d8b7228e91959
705ba2b417ccdc013a5b14431cb2c3b427dfc77d5499ce1c1b706e7f160a0625
70a976160d9638c26ea5a7b669c994f1b5be29bc0371c74f9a32bfb18e0f7bc1
712695fe96271f4f67f435caff5c523ccef6ae65a8a2f8c5b4201c368dd897bb
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74c8444d737906c79b9d10b45bff07012bd2b7b2e65bcbf9b9e24f6686f7a4c5
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
7701512dc7d4ce601a6a7e636d607a4cec9be090bee829b34fb890ea80bd1956
7852716279b380bb5f71680ff6cd568a2715c4e082e408b4e45a1f82c63b6125
7b96ce0ec2836167ade704e7c4e8ae71a2275c3ab0b14dd76f9588c78696034a
7de78bbd6ea03e8aca7c15c4daf9c1167404f2e38a92e3feb6f5fe5d00ec5185
7e96cf5e02156caef27c7a29c8f62b57b39f1785814b9d5f656dcfe53b941958
7f0890169a7fee4763c199cac419cccf3796b66762d00a30d5953ed8d2c62d87
7fa92652a46250a99a545de25844960e9e056e3e7cebf88fe9ccd6d8a1eb39a8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8008c1dfca8283271b50de6e1fad0941c4f68d14d57942ad62ed687e177c407b
809fa9ab66a2734db283d26920647a8880ea2a8a40e85dbdc7469298b3a3e047
80ebf145974758185f90b6a2474f68ca795324759d84dd35ab2f24bcb4955337
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8343f8a15fde6c4eedf613a368dcf9290465cf903b0c3b7ccf382c871e5a2439
83ec6e98b67e5b4a238434c5c74cbbed8aba33f3783112f6e3a1c7c61faca10c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
87d7f454e807e122c5e603d07ef00a4c2bbafe85b387917c783e67ce2b0afd48
8949ade1efe9213784872ce84a8209ef0fa36e0d2c90247874b5c3a13cc4b7e6
89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de
8b49e053e2d28450ab1db4446cd1448315e533a41ac457e72ced85dddfc6e0cc
8ba52f2ac319e0776b27f5ffed869dfaeb7468635bd4d3f60f5e3b5abacf02ca
8bafdbc1398f2f5ff2ac82e98c27f9aa55c8f020aeeb93d3a2221d6a7dc5bc99
8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337
8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2
8d0375a5a2c9c5a0efae14e0d606a6ae4d455591dae67e2ab555fde96b492e6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db0b83756e1b440cd5756ee19f969b84d04c6b14c62682814284c2b12d92ff9
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
901294825a23a09350b15f791e2dde175a25ba5c7e560c3f060ced14f25eb1e6
911bc0a553b8fdf97468f22756854bea86441871b31e332c2d8b53dae12942a5
944295c9b667f8457e6dacc9cde4ed263d4ca435eb30320c44313bced0357d3d
96208a9ced2cdb0957df26efecd17f971d43e8b8bbc83438a4156d888efff725
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
96bd4b19afd60841e92f454ed1cacd104dfb154a6c01bec732cc6564089eb160
972ac298dd2a05e110d4b7b214603764bab15a60a50908cc26dd58e8762b4b50
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
990516163179d9bf43c67339d445415928956e42e220843f7ca592cd9ad5b63e
9915ad7020bb23a7b29d02edcfe774bc20361aca35230c82c0feae7a8c341214
997b5a8a040a0539ce78635188566c3aad9b3b22e07d014f0509e577e6266495
9b4b245314aed4da69b220870f23164f915c8e2f7dc5f6dab0bea44ebfdbc8df
9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535
9c25ff8b6501fad0f16cb99ec6d42a681d11898b6799339358e313c17ec1677c
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9ddb047fa6ce118fe54b064d8867e54dbf09f334c6abe26a62eb49bb6812fe91
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c0670e777ee9b5749bc6a0c47ce9e54a6aec175851365e4565387695f8d29a
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a2bcbd6f6d23664abb09edc9db55802300eee4bf73fcbff4da59e4e55dca4a9c
a31efd608dd30de7c8c72c08efeb56333bc9cc66efa8d752d7ed7c4739f288c0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a503e3d61df6cc2f4cfc9c6c6f319e25284c1f1a118dd25dd342acc0920cfa5c
a67e08f8b9d51012b45d2d4c10a502329849730b93d3f64cbe9c125bc9a95099
a69cd121efe2e8540bb96200ad1fc838a98b6b0c39d0b8dd9f7e4be615a2be3f
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b470797d848561645fb1771f3355cec0be3e66e699a69c15a025410d67632b
a9f94b464bf639b3090b49f087f182dbe9c778198e4d6e9ee433f56944c0ab3e
aa5a8488bea1f9e7113558cd30e31284e8a583cfc9de8ca30f744c6c1a0bf76c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa93136145b51eccf8ceb7cf34a21f3163bc0b2b89cf06d6916aae09b7c48bc7
aba4298fc0658ee3ea0044db20b2eed9af64b74d3ece1f6881484b3dbb7b23c0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae90bc9102be2aad262e10af7100d466f907b8841fa92f4ef005c30e6d15b5f5
afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a07d4cb3070159b3d71476503337ec13b6fb7d85e6a8f68ea08ed7ebfea0db
b39ffd22ab4b2d2866ad094f9776fb09a84c7da1bd596375ba90eccbaaf14e3e
b539e4e49bc544295400b6af2432515133af9f842399ad5a13f8d8931e579a07
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b644a750f974849ea7c6aa5ed4113b44e267e65dba5012a1dae5eed61188dcf4
b6883299c3d3152bb389cf1891a6b3680fa43e740970c99f9d7cb2ef22ebc4e8
b6c2798f4f908ff4f76fd98dce9ea1859ff17e0fbda26b08ca1975b335627d21
b730f07c1a720b2d952d29da480558d9ee9e61e322437cadda1b4cec0921b1fe
ba2e79472ddd8ef226db6c38902360775b52a6fdb41a3bfed2eada6d3fd3a0f5
bb1018df6a63bd92f513b7f274c967a17a8fcc671b1a19dd627c6e6ef93b1e6e
bb7a18bfd4b4ed8f71c34eba066bacaeedfe9cb91b04511ba7d1abced8c7586b
bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa
bc2ff6223e7966baa37c4790f5944631d23b41ab78dc058cae8678a0c3600f5a
bcbdc9457e16503b7587932a430a615af36ba6e2086c1b79237687fe6e54f1a7
beba0ad40c2f72388aa7cf7066939a17e278da774184dc62261b4c35cb25c2d0
bebcba73f4767f64b08599cd5a1c9e893ef1aedd9f0b1e9c670fdacd639c092b
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf536458b5560147dd589df8ab8e5400ec9f902a6ad32a20b6b86a6063c72a7c
bf7c9484fdc988e2ee44d62563d76afcd64cd75e1c9aae4c2fd195d9ba4fe649
c1cbf1f53f7d3c0f391c1d16c079b78b97e20941dd87b594de5f29acbb25cf99
c1d62ef27bbd69aeba42f62953fcb0b3fe8c7ed157d34a3e0873c94c0c72bdd6
c2dfe119f7e25bb7a525514b69a886050a949f0102c90593cf916e3694ac6559
c2fe8556afca34427cdc1d9e9aa19bef83cc91e7c091345ad60261af12ff1951
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c49ebbfdb242ffbf36cd9104eb99e49c7323379502a80d8e394994dcb948450e
c5331f8ffd2eb0c25d361f40dc7387cccaafe2b2c4d836bf86ce48649b5b7cb4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca139458db756618cec4fabb1767595ce767a168890a3b6e36d096704b19bc2b
cd4b6b239802c7c9455f4be7bcc3b05125c2cd82f8f2f73b8c857a6a5e2b1736
cd5f276369776160d635bdc8121c3e858bfaf1edbdfc20632f30c17d4d144ad2
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d071d6a42e0fcda15e8c56d7f49f0152e2b93e6e754bbe91911ff6ddaf9890bb
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d1aaf17ff188ca2f2b910a444b1e6a66bfebeafc671cc61a9bcf333555659ac1
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d41dc5e09c78f2a0c74517646d0f1f582f98256b20c3081e8269685f067fe220
d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db
d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d812978a0f1d0bb79763fd50b89b207748c1efb057914c9cc4dd804f147f5f9d
d942063c3edf3aa505595b14d85651f4787050dd4a258c7798f6fbc82369dc87
dc5ddc93ea153c05202bb974dbd591cf30ce83474d1d24aa30d5740e20955c8d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df58f6744dec6aadf10b274f313e5b9fa923bbdc8392626864386d28ff6b6e63
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
dff50263f547982eed5a64e041d0f70e67fb663f587f495e6cd3bd031d54fbdb
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e1bd3a77d79ddffddbc18c76650022f09a63408352dfe8507cc3c7afa7cd532c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66d2de12e195b37393c0844f85310686085aeb7d999a650e3565dd48d04a044
e751b37cc56eae3eece72b87b02a919925dce3f4b6476be21cfa38d9bdb2e394
e88b98ae9e7861ba27ac35185b92656e16a4f2762ba483212ce6d90bf0db9f3c
e8c3b34ef6125539e488f71b085fe1e791bc97565113ff55d59f7b60933de3db
e975461605e231da77d416343725a2f2593f1088d36022c1ad7a1739fe8083fd
ebb2903ce5afcb1d4b62d24b418ba96890d8fb9dfe4702d922c155eefdb60ab3
ebe638b2c3f24e96ac597f7bc6a4a846e6b677ac25aeefc3c513018bffbde724
ec8a03c4246607e0da9412b75a0509000a06184380b5746170ff2dc90edb7d8f
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664
f4dafe12c175bea066d181046fc16033b292eabe490511a118d1f1c0b89eefe7
f5737ff67c7fc8314ec004d4e1048b3ee420d8280f55631dd1c3ea89b601c1b9
f6eac5136ed04200691bb5065730bf75f9ff90b2f4150bb3522856c5a973a34d
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f8e39bd99530ba9621a64a517b14fca581b97ae3e1d4332c59b1b4e4b2fe8759
f8f6b53a798ea07aac5fc7d4babc3aaaab97ddb27fb117de2f5c3ec107503879
fa6ac12608d91ecee751159d0ba7cb891d54511088b5cd45c89685c8252300c6
fafbeb10f42797b14f3a2e2b314758bb3ca34feca37044ac489081428f285517
fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2
fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7
fdfc76464eaf6fea9c8e56a8d0aabce68fdad479bd12db874874d17e3beb1545
ffb4d3cdf7d159d5bc379aa6834c7f89693243ed7a53eb8fa739e837f2c086ba