www.heraldonline.com Open in urlscan Pro
23.196.44.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Effective URL:
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Submission: On December 24 via api (December 24th 2023, 3:17:10 am UTC) from AU — Scanned from AU

Summary HTTP 214 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 69 IPs in 5 countries across 51 domains to perform 214 HTTP transactions. The main IP is 23.196.44.26, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.heraldonline.com. The Cisco Umbrella rank of the primary domain is 216259.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 1st 2023. Valid for: a year.

This is the only time www.heraldonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
28	23.196.44.26 23.196.44.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.24.42 172.217.24.42	15169 (GOOGLE) (GOOGLE)
2	54.231.195.25 54.231.195.25	16509 (AMAZON-02) (AMAZON-02)
2	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	44.226.76.220 44.226.76.220	16509 (AMAZON-02) (AMAZON-02)
10	52.11.87.56 52.11.87.56	16509 (AMAZON-02) (AMAZON-02)
12	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	104.74.36.170 104.74.36.170	16625 (AKAMAI-AS) (AKAMAI-AS)
1	50.112.107.235 50.112.107.235	16509 (AMAZON-02) (AMAZON-02)
1 5	13.35.147.107 13.35.147.107	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	34.232.181.85 34.232.181.85	14618 (AMAZON-AES) (AMAZON-AES)
2	54.198.156.105 54.198.156.105	14618 (AMAZON-AES) (AMAZON-AES)
2	18.67.93.116 18.67.93.116	16509 (AMAZON-02) (AMAZON-02)
1	18.67.97.57 18.67.97.57	16509 (AMAZON-02) (AMAZON-02)
1	35.162.220.137 35.162.220.137	16509 (AMAZON-02) (AMAZON-02)
1	18.67.93.106 18.67.93.106	16509 (AMAZON-02) (AMAZON-02)
1	13.215.109.145 13.215.109.145	16509 (AMAZON-02) (AMAZON-02)
3	52.4.236.210 52.4.236.210	14618 (AMAZON-AES) (AMAZON-AES)
5	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.181.83 13.224.181.83	16509 (AMAZON-02) (AMAZON-02)
3	13.35.151.131 13.35.151.131	16509 (AMAZON-02) (AMAZON-02)
1	18.67.93.103 18.67.93.103	16509 (AMAZON-02) (AMAZON-02)
2	99.84.238.198 99.84.238.198	16509 (AMAZON-02) (AMAZON-02)
2	74.118.186.106 74.118.186.106	6336 (TURN-US-ASN) (TURN-US-ASN)
1	13.227.21.165 13.227.21.165	16509 (AMAZON-02) (AMAZON-02)
4	52.45.163.120 52.45.163.120	14618 (AMAZON-AES) (AMAZON-AES)
1	182.161.73.145 182.161.73.145	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	15.197.196.10 15.197.196.10	16509 (AMAZON-02) (AMAZON-02)
1	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.111.2 18.67.111.2	16509 (AMAZON-02) (AMAZON-02)
1	18.67.114.43 18.67.114.43	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	65.8.171.198 65.8.171.198	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.155.204.188 18.155.204.188	16509 (AMAZON-02) (AMAZON-02)
4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.153.160 124.146.153.160	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	13.224.181.56 13.224.181.56	16509 (AMAZON-02) (AMAZON-02)
3 4	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
4	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	142.251.221.65 142.251.221.65	15169 (GOOGLE) (GOOGLE)
1	3.239.232.4 3.239.232.4	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
3	142.250.76.100 142.250.76.100	15169 (GOOGLE) (GOOGLE)
6	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
3	18.244.214.70 18.244.214.70	16509 (AMAZON-02) (AMAZON-02)
1 5	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.67.111.115 18.67.111.115	16509 (AMAZON-02) (AMAZON-02)
4	44.219.13.108 44.219.13.108	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.79.170.153 54.79.170.153	16509 (AMAZON-02) (AMAZON-02)
2	103.229.10.211 103.229.10.211	16509 (AMAZON-02) (AMAZON-02)
2	142.250.204.8 142.250.204.8	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1 2	52.7.152.132 52.7.152.132	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.215.71.16 13.215.71.16	16509 (AMAZON-02) (AMAZON-02)
2 3	54.153.211.209 54.153.211.209	16509 (AMAZON-02) (AMAZON-02)
2	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
1	13.224.181.82 13.224.181.82	16509 (AMAZON-02) (AMAZON-02)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	64.233.170.156 64.233.170.156	15169 (GOOGLE) (GOOGLE)
2	142.250.67.3 142.250.67.3	15169 (GOOGLE) (GOOGLE)
3	3.33.255.181 3.33.255.181	16509 (AMAZON-02) (AMAZON-02)
1	44.193.106.93 44.193.106.93	() ()
1	34.149.26.226 34.149.26.226	15169 (GOOGLE) (GOOGLE)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.202.105.24 67.202.105.24	() ()
214	69

1 166.108.36.245 (United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

heraldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.196.44.26 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-44-26.deploy.static.akamaitechnologies.com

www.heraldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.195.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.226.76.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-76-220.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.11.87.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-87-56.us-west-2.compute.amazonaws.com

profile-api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.74.36.170 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-36-170.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.107.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-107-235.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.35.147.107 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-107.syd1.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.181.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-181-85.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.198.156.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-156-105.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.93.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-116.syd62.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.97.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-97-57.syd62.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.220.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-220-137.us-west-2.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-106.syd62.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.215.109.145 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-109-145.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.4.236.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-236-210.compute-1.amazonaws.com

api.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.181.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-83.syd1.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.151.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-151-131.syd1.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-103.syd62.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.238.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-238-198.sfo5.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.118.186.106 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.21.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-21-165.sfo20.r.cloudfront.net

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.45.163.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-163-120.compute-1.amazonaws.com

bidder.newspassid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.196.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae69789f15ba8a942.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-2.syd62.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.171.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-171-198.sfo53.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.204.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-204-188.sfo53.r.cloudfront.net

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.160 (Miyado, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.181.56 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-56.syd1.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.167.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net

e6aa54ac7bcb7f59e67f7c54e3df3cf5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-4.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.76.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.214.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-70.sfo53.r.cloudfront.net

cdn-prod.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-115.syd62.r.cloudfront.net

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.219.13.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-13-108.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.79.170.153 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-79-170-153.ap-southeast-2.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.152.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-152-132.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.215.71.16 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-71-16.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.153.211.209 (Sydney, Australia) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.181.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-82.syd1.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.255.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: aedf1f689f9b4287e.awsglobalaccelerator.com

app.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.106.93 (None, )

ASN- ()

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.26.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.26.149.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (None, ) 1 redirects

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	amplitude.com api2.amplitude.com — Cisco Umbrella Rank: 1294 profile-api.amplitude.com — Cisco Umbrella Rank: 50121 api.lab.amplitude.com — Cisco Umbrella Rank: 4086	5 KB
29	heraldonline.com 1 redirects heraldonline.com — Cisco Umbrella Rank: 210816 www.heraldonline.com — Cisco Umbrella Rank: 216259 sli.heraldonline.com Failed	449 KB
13	googlesyndication.com e6aa54ac7bcb7f59e67f7c54e3df3cf5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	111 KB
11	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	192 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491 jp-u.openx.net — Cisco Umbrella Rank: 15595	2 KB
6	securiti.ai cdn-prod.securiti.ai — Cisco Umbrella Rank: 13413 app.securiti.ai — Cisco Umbrella Rank: 16863	135 KB
6	ml314.com 1 redirects vi.ml314.com — Cisco Umbrella Rank: 7233 ml314.com — Cisco Umbrella Rank: 1824	13 KB
5	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 776 gum.criteo.com — Cisco Umbrella Rank: 424	13 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	75 KB
5	fullcontact.com tags.fullcontact.com — Cisco Umbrella Rank: 20920 api.fullcontact.com — Cisco Umbrella Rank: 20833	20 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2618	9 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 152	2 KB
4	adsrvr.org 3 redirects direct.adsrvr.org — Cisco Umbrella Rank: 3147 match.adsrvr.org — Cisco Umbrella Rank: 331	1 KB
4	newspassid.com bidder.newspassid.com — Cisco Umbrella Rank: 23523	18 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016 launchpad.privacymanager.io — Cisco Umbrella Rank: 2702 geo.privacymanager.io — Cisco Umbrella Rank: 2070	31 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 11626 www.i.matheranalytics.com — Cisco Umbrella Rank: 11414	44 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	2 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	75 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850 sync.crwdcntrl.net — Cisco Umbrella Rank: 799	13 KB
3	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2268 b-code.liadm.com — Cisco Umbrella Rank: 2977 rp.liadm.com i.liadm.com Failed	16 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
3	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 64701 ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 11520 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5637	2 KB
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 29909	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3954	470 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	150 KB
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 18949 pixel.quantserve.com — Cisco Umbrella Rank: 1011	10 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com — Cisco Umbrella Rank: 2550	1 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 25818	1 KB
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	26 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 805	210 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567	115 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3052 p1.parsely.com — Cisco Umbrella Rank: 2300	24 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 9948	141 KB
2	gstatic.com fonts.gstatic.com	81 KB
1	33across.com 1 redirects ssc-cms.33across.com	506 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644	2 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 983	257 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1296	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	857 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	897 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 484	673 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	877 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3712	164 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
0	1rx.io Failed sync.1rx.io Failed
0	yahoo.com Failed ups.analytics.yahoo.com Failed
214	51

	Domain	Requested by
28	www.heraldonline.com	www.heraldonline.com
12	api.lab.amplitude.com	www.heraldonline.com
10	profile-api.amplitude.com	www.heraldonline.com
8	api2.amplitude.com	www.heraldonline.com
6	pagead2.googlesyndication.com	www.heraldonline.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	tpc.googlesyndication.com	www.heraldonline.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	ml314.com	1 redirects www.heraldonline.com ml314.com
5	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net www.heraldonline.com www.googletagservices.com
4	tags.srv.stackadapt.com	www.heraldonline.com tags.srv.stackadapt.com
4	gum.criteo.com	static.criteo.net gum.criteo.com
4	cm.g.doubleclick.net	3 redirects google-bidout-d.openx.net
4	bidder.newspassid.com	htlbid.com bidder.newspassid.com
3	app.securiti.ai	cdn-prod.securiti.ai
3	ps.eyeota.net	2 redirects
3	cdn-prod.securiti.ai	www.heraldonline.com cdn-prod.securiti.ai
3	www.google.com	www.heraldonline.com tpc.googlesyndication.com
3	match.adsrvr.org	3 redirects
3	static.criteo.net	securepubads.g.doubleclick.net htlbid.com static.criteo.net
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	api.fullcontact.com	tags.fullcontact.com
3	sb.scorecardresearch.com	1 redirects www.heraldonline.com
2	www.google.com.au
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dpm.demdex.net	1 redirects
2	sdk.iad-05.braze.com	www.heraldonline.com
2	www.googletagmanager.com	www.heraldonline.com www.googletagmanager.com
2	secure-us.imrworldwide.com	1 redirects
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	oajs.openx.net	1 redirects www.heraldonline.com
2	targeting.unrulymedia.com	htlbid.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	cdn.confiant-integrations.net	htlbid.com cdn.confiant-integrations.net
2	htlbid.com	www.heraldonline.com
2	www.i.matheranalytics.com	www.heraldonline.com
2	tags.fullcontact.com	www.heraldonline.com tags.fullcontact.com
2	js.matheranalytics.com	1 redirects www.heraldonline.com
2	fonts.gstatic.com	fonts.googleapis.com
1	ssc-cms.33across.com	1 redirects
1	js-sec.indexww.com	htlbid.com
1	api.rlcdn.com	htlbid.com
1	rp.liadm.com	b-code.liadm.com
1	pixel.quantserve.com
1	analytics.google.com	www.googletagmanager.com
1	rules.quantcount.com	edge.quantserve.com
1	sync.crwdcntrl.net	1 redirects
1	edge.quantserve.com	www.heraldonline.com
1	b-code.liadm.com	www.heraldonline.com
1	www.googletagservices.com	www.heraldonline.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	e6aa54ac7bcb7f59e67f7c54e3df3cf5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tg.socdm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ams-pageview-public.s3.amazonaws.com	www.heraldonline.com
1	d15kdpgjg3unno.cloudfront.net	htlbid.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	htlb.casalemedia.com	htlbid.com
1	direct.adsrvr.org	htlbid.com
1	bidder.criteo.com	htlbid.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	launchpad-wrapper.privacymanager.io	htlbid.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	tags.fullcontact.com
1	p1.parsely.com	www.heraldonline.com
1	cdn.parsely.com	www.heraldonline.com
1	idx.liadm.com	tags.fullcontact.com
1	jadserve.postrelease.com	s.ntv.io
1	s.ntv.io	www.heraldonline.com
1	vi.ml314.com	www.heraldonline.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.heraldonline.com
1	fonts.googleapis.com	www.heraldonline.com
1	heraldonline.com	1 redirects
0	sync.1rx.io Failed
0	sli.heraldonline.com Failed
0	i.liadm.com Failed	b-code.liadm.com
0	ups.analytics.yahoo.com Failed
214	83

This site contains links to these domains. Also see Links.

Domain
www.mcclatchy.com
account.heraldonline.com
subscribe.heraldonline.com
www.legacy.com
jobs.heraldonline.com
heraldonline.newspapers.com
k12nie.com
go.mcclatchy.com
t.news.heraldonline.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
heraldonline.obituaries.com
placeclassifieds.mcclatchy.com
classifieds.mcclatchy.com
business.mcclatchy.com
hiring.mcclatchy.com
www.winwithmcclatchy.com
heraldonline.com
myaccount.heraldonline.com
privacy-central.securiti.ai

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-27` - `2024-02-19`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
vi.ml314.com GTS CA 1D4	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.fullcontact.com Amazon RSA 2048 M02	`2023-12-06` - `2025-01-02`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
api.fullcontact.com Amazon RSA 2048 M03	`2023-10-12` - `2024-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
bidder.newspassid.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
app.securiti.ai Amazon RSA 2048 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2023-09-09` - `2024-10-07`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.iad-05.braze.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-07-27` - `2024-08-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Frame ID: F420F366384949AC3CC17E9FA72D918A
Requests: 116 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/de941cfd-6527-41e9-86c3-73035a540ed4
Frame ID: A6C2D04A51E0AAEF04AAE6E966B4985D
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/9634f1d5-d16a-462c-9841-13409425fbe5
Frame ID: E3E3A5F0865DDD419F83BF3204405421
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/fcd6aefd-7d2a-46b5-8efc-9c52c2a29bdf
Frame ID: F34E857ED53EDF4C891701AC36B98A22
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 77258B4B970EC8D54EE4BB9FA3BD7BAB
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.heraldonline.com&us_privacy=1---
Frame ID: 98A9DDFBCAE1F169630C12FFA169187B
Requests: 2 HTTP requests in this frame

Frame: https://e6aa54ac7bcb7f59e67f7c54e3df3cf5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF33A545432F05FDDE1BE2B2178C17EC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9rwdmTShrVnU5u_tvopKfn05RlI4yR_djW1Ns8TGHTnbGBUMbOM-QRSM3kqNqAEQWD96B2m92lze0wuFot1npr7R0rvu18M1ay91VJFwRljFJUexQVrHwhDwGr1L9sa3BvEtPEA2BM4Jjc_TrgVsh_J-MQbRBmDMcUTV6OAzRZ-exLrIwiP56aVPJr45MdtH4ohK5m6kz57p0yWV_6D4XNOfzu-I0lv_4XzzKoHrIOfFwnhDEbwHrYEsqHTwGOCHynN2BVW8Uax82FtKnmNG3Rbn7QA80bUOQjC8ALKsQ2YCc9KY6tJJt8gwJGOAxyS8dJ3ZpPzoNrcj4sxlHaFDexCMaWS2WuzTgVjIPEOEWZ-R03xgyXMTWzXDF5D-j-KXUrVKOcyjBcv1iCmK-XPA&sai=AMfl-YSk9x2em54Q9LQhqpchMQQVhz7Q-ugSS9Y6c2aK4AH5r-I94gU1d9kCS0JYNSOG3CiduvsBymgyrjsF_JJE3IJRUoAj0m0MbXC1BLjPpsyyIv8GOBgq-UYuuXIWPxQ1XpgcIRfxYv3BjHBa1T8R5Gw&sig=Cg0ArKJSzFMR2lHLWqFOEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 643120E9079D0EB0A1CD2902B9E828B4
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldonline.com&us_privacy=1---
Frame ID: BEA7440C4629B7EFB548316B2B8BCA47
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/053c9c1f-994b-4077-8614-4b077ca5fa79
Frame ID: 898A35E0832A99EA296460D15567BD9D
Requests: 7 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/70fb9ea1-f4fc-4a78-b8da-cee5a8cacc09
Frame ID: C1ADBD3900EAEE22CF275711C08BA467
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/6fd85beb-988a-4f14-b020-77c5aa85d98b
Frame ID: 7338594E0951DE24B4C5430D244BE941
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/fd3259fe-e9a9-4347-86f4-835949eee8b0
Frame ID: 04D60FC10C70709DD038F8BDFD7CA9D1
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/ce941c61-b309-4f47-ad5e-c0c55b789662
Frame ID: 4F1514B4466552DF258AD6E0EDAB1457
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.heraldonline.com/532c54c5-cda0-42b9-ad98-35372b0fe573
Frame ID: 74546257B8EB6E2645E73FC5E713E920
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A7D47057BBCC41407541C46FDEE479D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E18ADA1255C2F66733C3565514C1D81D
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 24CFC0297036279BEAA4334708773442
Requests: 1 HTTP requests in this frame

Frame: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=3a29cf42-4302-44f2-959e-c79f687badb7&publisherId=NPID10000002&siteId=3500000243&cb=1703387825894&bidder=newspassid
Frame ID: 696D46D7D3A271609B62974E51605692
Requests: 3 HTTP requests in this frame

Frame: https://bidder.newspassid.com/setuid?bidder=33across&uid=212391591249730
Frame ID: 36F399E8463849783BD3A94C26AA8011
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01ef?duid=5fb552a76ef3--01hjcx6yype58ae5f2y1xgxc3s&euns=0&s=&us_privacy=1---&version=v2.11.2&
Frame ID: 7FD35003D2ED2BD401EC78F4482F377E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 | Rock Hill HeraldClose navigation panel

Page URL History Show full URLs

http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html HTTP 301
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

214
Requests

78 %
HTTPS

0 %
IPv6

51
Domains

83
Subdomains

69
IPs

5
Countries

2041 kB
Transfer

6363 kB
Size

39
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mcclatchy.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/auth0
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://subscribe.heraldonline.com/holiday-sale
Title: $5 FOR 3 MONTHS SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/heraldonline/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://jobs.heraldonline.com/
Title: Jobs / Recruiting

Search URL Search Domain Scan URL

URL: https://heraldonline.newspapers.com/?xid=3096
Title: Archives

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/my-account
Title: Account Management

Search URL Search Domain Scan URL

URL: https://subscribe.heraldonline.com/beinformed
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://k12nie.com/?p=nie.heraldonline.com
Title: NIE

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-rock-hill/p/1
Title: Contact McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://t.news.heraldonline.com/webApp/mccSignupPage?siteName=heraldonline
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/therockhillherald
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/RHHerald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rhherald_preps/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/rockhillheraldonline
Title: YouTube

Search URL Search Domain Scan URL

URL: https://heraldonline.obituaries.com/
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/rockhill/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/rockhill/#navlink=subnav
Title: Browse Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/rockhill/
Title: Search Legal Notices

Search URL Search Domain Scan URL

URL: https://business.mcclatchy.com/rockhill
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://hiring.mcclatchy.com/recruitmentproducts
Title: Staffing Solutions

Search URL Search Domain Scan URL

URL: https://www.winwithmcclatchy.com/political-advocacy
Title: Political | Advocacy Advertising

Search URL Search Domain Scan URL

URL: https://heraldonline.com/mobile
Title: Rock Hill Herald App

Search URL Search Domain Scan URL

URL: http://t.news.heraldonline.com/webApp/mccSignupPage?siteName=heraldonline
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://myaccount.heraldonline.com/rhl_rh/home
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-herald/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy-central.securiti.ai/#/dsr-universal/0a979fab-900d-4113-aab0-e2bf786400ac
Title: Your Privacy Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html HTTP 301
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://js.matheranalytics.com/s/ma12095/74930704/all/ml.js?cb=1643 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

Request Chain 67

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703387823011&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703387823011&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html

Request Chain 119

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1

Request Chain 123

https://match.adsrvr.org/track/cmf/openx?oxid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5de54060-5460-4784-a23b-a23f542f42d4&ttd_puid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0&gdpr_consent=

Request Chain 124

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeissCo8X4AAJdrUwwAAAAA

Request Chain 125

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARZLseD8N0I-ks8AED41vgYipM8AAAGMmdOHZQ

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzdjMjAxZjQtZTY3NC0yYzlkLWMwOGEtNTFjYzdhODRhMDdj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzdjMjAxZjQtZTY3NC0yYzlkLWMwOGEtNTFjYzdhODRhMDdj&google_tc=

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDzcMFNdccrbhNW5FB8chUI&google_cver=1

Request Chain 166

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1703387827956 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1703387827956&ja=1

Request Chain 173

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640849529058099205&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640849529058099205&redir=

Request Chain 174

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=

Request Chain 175

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640849529058099205 HTTP 302
https://ml314.com/csync.ashx?fp=53ef9d946ddf1c3059b291866e067815&eid=50146&person_id=3640849529058099205

Request Chain 176

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2VHiusLppXDNML4XtQQND2oVGvjsO-VixtJkZnwU5sic&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 203

https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NWRlNTQwNjAtNTQ2MC00Nzg0LWEyM2ItYTIzZjU0MmY0MmQ0&gdpr=0&gdpr_consent=&ttd_tdid=5de54060-5460-4784-a23b-a23f542f42d4 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5de54060-5460-4784-a23b-a23f542f42d4&google_gid=CAESEFn4zPPLPoJWe1XzWi0EJBI&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://tags.bluekai.com/site/5386?id=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5de54060-5460-4784-a23b-a23f542f42d4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true

Request Chain 208

https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
https://bidder.newspassid.com/setuid?bidder=33across&uid=212391591249730

214 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request new-drummer-adds-chops-to-mack.html Show response
www.heraldonline.com/2011/07/08/3204275/
Redirect Chain

http://heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

25 KB
27 KB

1477ms
787ms

Document
text/html

23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 24876072d5f5f5e683e1154a1f5e069c9fec6ccd11a877b4df721ea96ea199c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 25837
content-type: text/html;charset=utf-8
date: Sun, 24 Dec 2023 03:17:01 GMT
etag: "64ed-RAukEpTCP8qDb9LfBo5rP2el2mA"
expires: Sun, 24 Dec 2023 03:17:01 GMT
last-modified: Sun, 24 Dec 2023 03:17:01 GMT
mi-api: WPS
mi-cache-age: 0
pragma: no-cache
server: MI
server-timing: ak_p; desc="1703387821034_1749567078_579432262_76180_8828_1_6_255";dur=1
surrogate-control: varnish=ESI/2.1
x-cachebust
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-robots-tag: noindex, nofollow
x-varnish: 944945096, 755205254

Redirect headers

Connection: Keep-Alive
Content-Length: 291
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 24 Dec 2023 03:17:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Server: Apache

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 515ms
98ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f10.1e100.net

Software

ESF /

Resource Hash

54e65529c34a13adf1ba88aa5d10514dc5a67cc72ca5a9328eaf3465b788fe91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 03:08:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Dec 2023 03:17:02 GMT

GET
H2 200 mi-styles.bd401e7751f7f59a1d9a.css
www.heraldonline.com/wps/build/webpack/css/ 221 KB
47 KB 11ms
10ms Stylesheet
text/css 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/webpack/css/mi-styles.bd401e7751f7f59a1d9a.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 35783c8648168a6a67fca5fef8346883565f6f7152a13c72a4b1fa2dca23f05c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:01 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 348
x-cachebust
server-timing: ak_p; desc="1703387821847_1749567078_579432634_28_7892_3_0_255";dur=1
content-length: 47377
last-modified: Fri, 15 Dec 2023 08:14:20 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"373ff-18c6c8a6b60"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 332931323, 1068733016 1073318626
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=111681
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 272 B
665 B 619ms
216ms Stylesheet
text/css 54.231.195.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 03:17:03 GMT
Last-Modified: Wed, 10 May 2023 23:40:01 GMT
Server: AmazonS3
x-amz-request-id: MQXE699JMDAKA1D4
ETag: "2d39810a5e64f8448f15544f86081077"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 272
x-amz-id-2: oTv/7EL4qpbOmAhmk/xk7+01CYRFUa3DmXxDC2Nyt2UbqCxIKiyFU8+0LZYZqauSrHVeDlr7D6A=

GET
H2 200 jquery-3.4.1.min.js Show response
www.heraldonline.com/wps/source/scripts/libs/ 86 KB
30 KB 10ms
9ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/scripts/libs/jquery-3.4.1.min.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:01 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 374201
x-cachebust
server-timing: ak_p; desc="1703387821863_1749567078_579432640_36_7279_2_0_219";dur=1
content-length: 30715
last-modified: Mon, 04 Dec 2023 15:38:39 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"15850-18c357b4018"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 225780976, 531566855 525833930
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=30831
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 heraldonlinecore.js Show response
www.heraldonline.com/yzoo-binsl/ 118 KB
36 KB 764ms
763ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3c18c992ea79a042f98e789b18251804e99c1a732bfd567d44f2b17724629257

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 60
x-cachebust
server-timing: ak_p; desc="1703387821863_1749567078_579432641_75423_7284_6_0_219";dur=1
content-length: 36412
last-modified: Thu, 21 Dec 2023 13:23:33 GMT
server: MI
etag: W/"1d95b-60d050197ff40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 310936984, 50333954 46139884
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=300
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mastheadPage.bundle-1f73ce979080160ec87c.js Show response
www.heraldonline.com/wps/build/webpack/ 92 KB
33 KB 10ms
9ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/webpack/mastheadPage.bundle-1f73ce979080160ec87c.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ca8497d21828b87d2b8815b8c5709d14ccac5911f6f654b539660fdcf5c059d0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3283
x-cachebust
server-timing: ak_p; desc="1703387822315_1749567078_579432863_26_7517_2_0_219";dur=1
content-length: 33030
last-modified: Tue, 19 Dec 2023 13:40:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"170c1-18c824ee610"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 314147134, 1053720840 1011449880
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=216160
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK f4a4d1d9-24e3-45de-8a59-708ec907199f Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/f4a4d1d9-24e3-45de-8a59-708ec907199f
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a046696801ec80078bf5692bf72014e1858ea0e827e1b19eae17af3ffa3ed32

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 7d9796bf-581a-4b54-8cd6-9e15ff97cee1 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/7d9796bf-581a-4b54-8cd6-9e15ff97cee1
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a646295bfa322621814bc2b5a9ed4b9eeba371e6ff11bfdb4d9e8f8c5db20466

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vendorBundle.f969c23ee8080125484f.js Show response
www.heraldonline.com/yzoo-binsl/ 87 KB
31 KB 24ms
24ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/vendorBundle.f969c23ee8080125484f.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b1da2a1da550a435946da6e49a9ade3363922bd6ba10bfbd7f733e62d64dde6c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 42399
x-cachebust
server-timing: ak_p; desc="1703387822662_1749567078_579433039_543_7489_1_0_219";dur=1
content-length: 31210
last-modified: Thu, 21 Dec 2023 12:25:19 GMT
server: MI
etag: W/"15ca9-60d043155c9c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 306053973, 185042446 24030861
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421307
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK e272e388-64a5-497c-b799-f1d07b9037de Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/e272e388-64a5-497c-b799-f1d07b9037de
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195de4dc686f2d98b3f4aa06ac93bf54dd5cf0bf07113a0557a6cc7f8ff276ee

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 53a3571f-eaa3-4c3b-9e92-38a50d67bebb Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/53a3571f-eaa3-4c3b-9e92-38a50d67bebb
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef2d5cff8e7ce28179612bc1f137a6f323d0dff45c95ff630fee21734846347

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK ec0e0267-c948-48d3-9b08-36ea9c577d3e Show response
https://www.heraldonline.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/ec0e0267-c948-48d3-9b08-36ea9c577d3e
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31597b45fe9848afbf9851daf52c1c20a384a3e5be3378809f2e528af34c097b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 danelei.beb7b7c4776c1e534900.js Show response
www.heraldonline.com/yzoo-binsl/ 15 KB
5 KB 46ms
45ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/danelei.beb7b7c4776c1e534900.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/f4a4d1d9-24e3-45de-8a59-708ec907199f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a6203f0a6c20fc5de7ca650e0014c34e8fcaa4a7ba5529653389c007d09ca0d4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38883
x-cachebust
server-timing: ak_p; desc="1703387822662_1749567078_579433040_3251_7466_2_0_146";dur=1
content-length: 4172
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"3aa8-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 430639796 316999105
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421387
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 escenic.a9910136ebe9c439430c.js Show response
www.heraldonline.com/yzoo-binsl/ 174 KB
46 KB 24ms
24ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/escenic.a9910136ebe9c439430c.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/7d9796bf-581a-4b54-8cd6-9e15ff97cee1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 39a0e4462e2946c80e91477d2d694bc0269e35ac69c14f75449bef1adc8aec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38862
x-cachebust
server-timing: ak_p; desc="1703387822685_1749567078_579433050_1407_8273_1_0_146";dur=1
content-length: 46583
last-modified: Thu, 21 Dec 2023 13:23:34 GMT
server: MI
etag: W/"2b7fc-60d0501a74180"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 288436304, 185042448 32353343
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421332
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 netdale.3741370e61489fbd98ef.js Show response
www.heraldonline.com/yzoo-binsl/ 103 KB
30 KB 18ms
17ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/netdale.3741370e61489fbd98ef.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/e272e388-64a5-497c-b799-f1d07b9037de
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2a857e7bddc26e899d8b330da1a76f7425f84e40e5bacdad8bdf88ec0112d513

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38862
x-cachebust
server-timing: ak_p; desc="1703387822708_1749567078_579433063_731_7541_1_0_146";dur=1
content-length: 30141
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"19d12-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 52823389, 425821964 283024496
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421333
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 nextCustom.7d49d78e7b7f4ba0e2c7.js Show response
www.heraldonline.com/yzoo-binsl/ 21 KB
8 KB 15ms
14ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/nextCustom.7d49d78e7b7f4ba0e2c7.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/53a3571f-eaa3-4c3b-9e92-38a50d67bebb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 33403b13541ca66c01e02356fff3df90bf9a21d6fb975e865fff3e13dfadcdb6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38884
x-cachebust
server-timing: ak_p; desc="1703387822710_1749567078_579433064_695_5314_1_0_146";dur=1
content-length: 7292
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"52e3-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 299539293, 181668801 48860603
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421267
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 woldoni.cfb4d87a66b25444c815.js Show response
www.heraldonline.com/yzoo-binsl/ 19 KB
6 KB 18ms
17ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/woldoni.cfb4d87a66b25444c815.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/ec0e0267-c948-48d3-9b08-36ea9c577d3e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e611107959bfdf5fe58802b27ee170c76f80a6d88ab2295e07682254f8e1709b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38884
x-cachebust
server-timing: ak_p; desc="1703387822708_1749567078_579433065_762_7481_1_0_146";dur=1
content-length: 5426
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"4c50-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 505319529 330730337
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421343
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 modal-v3.0.2.js Show response
www.heraldonline.com/yzoo-binsl/js/ 7 KB
2 KB 15ms
14ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/js/modal-v3.0.2.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 27315
x-cachebust
server-timing: ak_p; desc="1703387822694_1749567078_579433055_143_7390_2_0_219";dur=1
content-length: 2103
last-modified: Tue, 19 Dec 2023 12:37:13 GMT
server: MI
etag: W/"1b3d-60cdc2035d040"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 179568914 728171468
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=240583
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 logo.svg
www.heraldonline.com/wps/build/images/heraldonline/ 3 KB
2 KB 20ms
20ms Image
image/svg+xml 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/wps/build/images/heraldonline/logo.svg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f23a7571bc801ca854bc9f3adf6e654f07a2fca29e25c501e845b986784d9137

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1703387822746_1749567078_579433076_517_8408_1_0_146";dur=1
content-length: 1316
last-modified: Tue, 19 Dec 2023 13:40:55 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"c09-18c824eda58"
mi-cache: MISS
vary: Accept-Encoding
x-varnish: 863536506, 974652731
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=322522
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v35/ 39 KB
39 KB 118ms
3ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldonline.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:35:50 GMT
x-content-type-options: nosniff
age: 283272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39552
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 20:09:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 20:35:50 GMT

GET
BLOB 200
OK 7da2850a-27e9-42e5-90ce-79eaa460fa7f Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/7da2850a-27e9-42e5-90ce-79eaa460fa7f
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 729845d1754207c3f0db940608e937a64c15dec620f6d0af01704e7dd526b29b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 104ms
4ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldonline.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 06:41:03 GMT
x-content-type-options: nosniff
age: 419759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 06:41:03 GMT

GET
H2 200 favicon-32.png
www.heraldonline.com/wps/build/images/heraldonline/ 251 B
711 B 10ms
10ms Image
image/png 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/wps/build/images/heraldonline/favicon-32.png
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b37450191a725333bfc7bbbccc90c46f16100c799741a849f650fa7a0e55c4b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 50567
x-cachebust
server-timing: ak_p; desc="1703387822775_1749567078_579433091_25_7652_1_0_146";dur=1
content-length: 251
last-modified: Mon, 04 Dec 2023 15:53:02 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"fb-18c35886b30"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 216647419, 420839704 301795418
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=265704
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
BLOB 200
OK 5b10821d-a878-4a1c-9587-4f9ed013cee5 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/5b10821d-a878-4a1c-9587-4f9ed013cee5
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d7cfb3a719e09c6543262424b56156f4164853ca9bb7e63e51f956a66cd04d3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 naeliya.59d31bd968887cd5c7e3.js Show response
www.heraldonline.com/yzoo-binsl/ 8 KB
3 KB 17ms
17ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/naeliya.59d31bd968887cd5c7e3.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/7da2850a-27e9-42e5-90ce-79eaa460fa7f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6bce3fd2a74fe4ef36079a29cde8fee398f3f9ce90d6dd8d0ce6d19ecfe92c4a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38750
x-cachebust
server-timing: ak_p; desc="1703387822784_1749567078_579433094_456_7764_1_0_146";dur=1
content-length: 2577
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"1fdc-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 174197140 46956627
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421258
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 01f43bae-503f-4c88-b4d8-bf3414b02269 Show response
https://www.heraldonline.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/01f43bae-503f-4c88-b4d8-bf3414b02269
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e098380aefb62bbbe428c62b843c4fda4575131ff1c90c6d70df1ab53b974e25

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 53f5c927-4fa5-45e7-b086-b4b8db77d4b4 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/53f5c927-4fa5-45e7-b086-b4b8db77d4b4
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8093a8ec5761d9771e303f518f88d48e2e84a811278f2a9fda1b920a33e6189c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 domkut.72df7051077600aba518.js Show response
www.heraldonline.com/yzoo-binsl/ 6 KB
2 KB 63ms
61ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/domkut.72df7051077600aba518.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/5b10821d-a878-4a1c-9587-4f9ed013cee5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fe2745aa3cce40295e39a32a3fc84fe2ffe0e5748a3db9184be1fdf369949759

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38884
x-cachebust
server-timing: ak_p; desc="1703387822853_1749567078_579433132_4831_7415_1_0_146";dur=1
content-length: 1973
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"1687-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 42634474, 442237446 314508653
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421375
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 31ms
16ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=88280&tk=Sd8Lhw2fKivbawYXOa0sKaCgKxoI2fc6Kjw9Z4GOBSB2s3d&fp=

Requested by

Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/01f43bae-503f-4c88-b4d8-bf3414b02269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Sun, 24 Dec 2023 03:17:02 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sponsored.147ba8d4bf436a0a2596.js Show response
www.heraldonline.com/yzoo-binsl/ 5 KB
2 KB 17ms
17ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/sponsored.147ba8d4bf436a0a2596.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/53f5c927-4fa5-45e7-b086-b4b8db77d4b4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f7c607018d111292dcbcd123b2038a61b3d33b1130338ab2a74fa54ed5d174c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38856
x-cachebust
server-timing: ak_p; desc="1703387822853_1749567078_579433133_448_7456_1_0_146";dur=1
content-length: 1905
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"1464-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 54919336, 435620397 300620504
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421300
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 171ms
170ms Fetch
application/json 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/escenic.a9910136ebe9c439430c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

39648f385aed2f5f7fe2ebfd7992ea87ffc6c6356b181650d75d53e9088f1dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-6587a2af-28aea5e7388f10154c23c7f5
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 482ms
159ms Preflight 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 460ms
152ms Preflight 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Sun, 24 Dec 2023 03:17:03 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-6587a2af-4b4a27ad41c0de7c5cbc16a2
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 457ms
150ms Preflight 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Sun, 24 Dec 2023 03:17:03 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-6587a2af-4220a3711a6c5436235145f1
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 459ms
152ms Preflight 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Sun, 24 Dec 2023 03:17:03 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-6587a2af-7b86eacc3ff0603d57e0def3
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 457ms
151ms Preflight 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Sun, 24 Dec 2023 03:17:03 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-6587a2af-4acf2a20568f8e2326dc795a
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 457ms
151ms Preflight 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&comp_id=apflrqef

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
date: Sun, 24 Dec 2023 03:17:03 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-6587a2af-41621ffe136dbaa16601b2e3
x-content-type-options: nosniff

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 57ms
14ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 734
cache-control: no-store
content-length: 0
date: Sun, 24 Dec 2023 03:17:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65879fd0-723508c3260469ef0979b036
x-cache: HIT
x-cache-hits: 100
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.906271,VS0,VE0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 55ms
13ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 734
cache-control: no-store
content-length: 0
date: Sun, 24 Dec 2023 03:17:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65879fd0-723508c3260469ef0979b036
x-cache: HIT
x-cache-hits: 99
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.906186,VS0,VE0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 55ms
14ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 734
cache-control: no-store
content-length: 0
date: Sun, 24 Dec 2023 03:17:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65879fd0-723508c3260469ef0979b036
x-cache: HIT
x-cache-hits: 100
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.906201,VS0,VE0

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
436 B 165ms
164ms Fetch
application/json 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

f02d8d4d6de83d5e35211735eac43aa8aab30c9ca7f7337e77cc7e5adfccdb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-6587a2af-4376941c33b7774b0ab916ab
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
436 B 167ms
164ms Fetch
application/json 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

f02d8d4d6de83d5e35211735eac43aa8aab30c9ca7f7337e77cc7e5adfccdb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-6587a2af-3258f8cb452ffbda1d506f0b
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
436 B 165ms
163ms Fetch
application/json 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

f02d8d4d6de83d5e35211735eac43aa8aab30c9ca7f7337e77cc7e5adfccdb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-6587a2af-1679ab11798476034c8ced36
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
435 B 165ms
162ms Fetch
application/json 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

f02d8d4d6de83d5e35211735eac43aa8aab30c9ca7f7337e77cc7e5adfccdb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-6587a2af-419030ec6c554eaa07eccc5c
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true

GET
H2 400 userprofile Show response
profile-api.amplitude.com/v1/ 331 B
598 B 167ms
165ms Fetch
application/json 52.11.87.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&comp_id=apflrqef

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.87.56 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-87-56.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

f1e3a281e91589c55263083ed41b09ba75dceab7f7691e25df55e146b4dcb127

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-6587a2af-6a12c1e21e84c5b950b3feaf
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
content-length: 331

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 228 B
287 B 235ms
234ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/woldoni.cfb4d87a66b25444c815.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e73c544e2b2e9d3c4b8b1abd373b9a6b80e0c13f0cd4afe3deb9b75eac0aa54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJzb3BoaS1ncm91cC0zIl0=
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJiOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsInZpc2l0X251bWJlciI6MSwiZGV2aWNlX3Btb2RlIjoiMSIsImRldmljZV9vcmllbnRhdGlvbiI6InVuc3VwcG9ydGVkIiwiZGV2aWNlX3NjcmVlbl9zaXplIjoiMTYwMHgxMjAwIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJzb3BoaS1ncm91cC0zIiwiZGF0ZSI6IjIwMjMtMTItMjQifX0=

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 193
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.922632,VS0,VE221
x-amzn-trace-id: Root=1-6587a2af-617f83a22cb473b74318202a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
133 B 231ms
229ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/woldoni.cfb4d87a66b25444c815.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJiOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsInZpc2l0X251bWJlciI6MSwiZGV2aWNlX3Btb2RlIjoiMSIsImRldmljZV9vcmllbnRhdGlvbiI6InVuc3VwcG9ydGVkIiwiZGV2aWNlX3NjcmVlbl9zaXplIjoiMTYwMHgxMjAwIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDIzLTEyLTI0In19

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.922847,VS0,VE214
x-amzn-trace-id: Root=1-6587a2af-069935314c7666535039bd5c
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
214 B 228ms
228ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/woldoni.cfb4d87a66b25444c815.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJiOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsInZpc2l0X251bWJlciI6MSwiZGV2aWNlX3Btb2RlIjoiMSIsImRldmljZV9vcmllbnRhdGlvbiI6InVuc3VwcG9ydGVkIiwiZGV2aWNlX3NjcmVlbl9zaXplIjoiMTYwMHgxMjAwIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDIzLTEyLTI0In19

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 42
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.922599,VS0,VE214
x-amzn-trace-id: Root=1-6587a2af-069935314c7666535039bd5c
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
BLOB 200
OK 72f8b7ae-4e30-4740-8743-aa0757bd584c Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/72f8b7ae-4e30-4740-8743-aa0757bd584c
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69523c3379f776b523746a8a788ff7942fdfe366e76d5dddd7f66e6fb95b80c1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 621 KB
164 KB 28ms
11ms Script
application/x-javascript 104.74.36.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/72f8b7ae-4e30-4740-8743-aa0757bd584c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.74.36.170 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-36-170.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f9a5f24c4d1eb64942b68f1e4fbadf78a8a1a3d15c49d32f3507fd321b8f53c0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 03:17:02 GMT
Content-Encoding: gzip
x-amz-request-id: WVK6G34GBR8PBEVK
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: /fs2u0oVj8dajEEDuLCFRmg6zfYS/URgWPsAFnfER0gIgCNDuVEPgJ8Dhn5z3yP/+GWWzdXjh/w=
Last-Modified: Fri, 15 Dec 2023 03:25:54 GMT
Server: AmazonS3
ETag: "b8c7a72b1ba3639b0dcbafd3b20372ae"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
BLOB 200
OK 2103ae5b-edfe-42e8-8770-434776f94054 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/2103ae5b-edfe-42e8-8770-434776f94054
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a047930359bd58062b618ac4a6e9475fcc576f28adeb829707312f93514d952

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 41b84508-2da3-4933-bd66-86e7c6d53060 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/41b84508-2da3-4933-bd66-86e7c6d53060
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df748aef521863946d1997ab2f67089074635102ae6f9d92d2014b36716fd886

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 12f5805e-6f9f-40ac-8a05-bd046b5b871d Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/12f5805e-6f9f-40ac-8a05-bd046b5b871d
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dd8a2039143a2215832e291e5540757056cecfa77e283ab1cb35c8aca9c7e8a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 performance.b0f9cc1ecee1bdc52f69.js Show response
www.heraldonline.com/yzoo-binsl/ 14 KB
5 KB 24ms
22ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/performance.b0f9cc1ecee1bdc52f69.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/2103ae5b-edfe-42e8-8770-434776f94054
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fde58cbf65cbe6761e9b1dc4fd7a8045c3a28aa374f918ac5f084c46a3e6fa43

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38856
x-cachebust
server-timing: ak_p; desc="1703387822919_1749567078_579433169_511_10105_1_0_146";dur=1
content-length: 4708
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"387e-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 830735729, 524976463 348783797
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421256
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.570c160bcc45b4c89c3c.js Show response
www.heraldonline.com/yzoo-binsl/ 31 KB
11 KB 28ms
27ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/41b84508-2da3-4933-bd66-86e7c6d53060
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0e9c4fcd4a16a172175f91be6fce89f5c52272fc7791fd58d00ccf25e9e783df

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38736
x-cachebust
server-timing: ak_p; desc="1703387822919_1749567078_579433170_1592_10084_1_0_146";dur=1
content-length: 10693
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"7b78-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 836534297, 527599085 345210934
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421315
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 miFooter.04c3d061d6aeebc00061.js Show response
www.heraldonline.com/yzoo-binsl/ 12 KB
4 KB 27ms
27ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/miFooter.04c3d061d6aeebc00061.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/12f5805e-6f9f-40ac-8a05-bd046b5b871d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dc3a54a67fff2aad738e7e631913dcb2ee55751fdd8324520b4ed9be6814ef1e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38885
x-cachebust
server-timing: ak_p; desc="1703387822931_1749567078_579433178_533_8126_1_0_146";dur=1
content-length: 3971
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"30ca-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 39233335, 430803221 309136607
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421366
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 t Show response
jadserve.postrelease.com/ 583 B
877 B 466ms
163ms Script
text/javascript 50.112.107.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.112.107.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-107-235.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f3aab042e219aedb99bfd80766f2c9797109f38fc9c1b6d11b366369ca7debd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 354
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
BLOB 200
OK 89d4cb13-d34e-4437-9c60-cbad07a12f01 Show response
https://www.heraldonline.com/ 380 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/89d4cb13-d34e-4437-9c60-cbad07a12f01
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4e753842160e0b1dcf80256e53777ef4f2345f364cbf8e6de312c765c017286

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 380
Content-Type: [object object]

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
109 B 167ms
167ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/woldoni.cfb4d87a66b25444c815.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJiOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsInZpc2l0X251bWJlciI6MSwiZGV2aWNlX3Btb2RlIjoiMSIsImRldmljZV9vcmllbnRhdGlvbiI6InVuc3VwcG9ydGVkIiwiZGV2aWNlX3NjcmVlbl9zaXplIjoiMTYwMHgxMjAwIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDIzLTEyLTI0In19

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.984357,VS0,VE153
x-amzn-trace-id: Root=1-6587a2af-069935314c7666535039bd5c
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 13ms
13ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 734
cache-control: no-store
content-length: 0
date: Sun, 24 Dec 2023 03:17:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65879fd0-723508c3260469ef0979b036
x-cache: HIT
x-cache-hits: 101
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.969960,VS0,VE0

GET
BLOB 200
OK de941cfd-6527-41e9-86c3-73035a540ed4 Show response
https://www.heraldonline.com/ Frame A6C2 466 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/de941cfd-6527-41e9-86c3-73035a540ed4
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 466
Content-Type: text/javascript

GET
BLOB 200
OK 9634f1d5-d16a-462c-9841-13409425fbe5 Show response
https://www.heraldonline.com/ Frame E3E3 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/9634f1d5-d16a-462c-9841-13409425fbe5
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d36b97832b3c94a65881f0b9f2bbcb4d2c8750f406c5094158d714e0f85d55b9

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 555
Content-Type: text/javascript

GET
BLOB 200
OK fcd6aefd-7d2a-46b5-8efc-9c52c2a29bdf Show response
https://www.heraldonline.com/ Frame F34E 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/fcd6aefd-7d2a-46b5-8efc-9c52c2a29bdf
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

GET
H2 200 pdp.gif
www.heraldonline.com/yzoo-binsl/ 42 B
462 B 764ms
764ms Image
image/gif 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/yzoo-binsl/pdp.gif?k=eyJpZCI6Im1pX3RpX3JoaF9iOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjNfMTcwMzM4NzgyMjg0N18xNzAzMzg3ODIyODM1IiwiZG9tSW50ZXJhY3RpdmUiOjM3MTAsInJlcXVlc3RTdGFydCI6MTk3M30=
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 391816
x-cachebust
server-timing: ak_p; desc="1703387822990_1749567078_579433210_75128_10569_1_0_146";dur=1
content-length: 42
last-modified: Tue, 19 Dec 2023 12:37:13 GMT
server: MI
etag: "2a-60cdc2035d040"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 572654858, 300910359 791577844
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86358
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame A6C2 4 KB
2 KB 19ms
4ms Script
application/javascript 13.35.147.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/de941cfd-6527-41e9-86c3-73035a540ed4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-107.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:00:24 GMT
content-encoding: gzip
via: 1.1 1c8c09a2d2295d49b2248ce893dbb6c6.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
age: 27768
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: c40242R0zjet3dpPYCnykwGd17IKl6TCl2M2N4f2cVQpZWUtK3-c7A==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/11/ Frame E3E3
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930704/all/ml.js?cb=1643
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

148 KB
43 KB

3ms
3ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 16:31:25 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Nov 2023 15:14:59 GMT
server: nginx
age: 38738
etag: "7c7b83c1a7aee9d99fa9f7b5fa2e2f6c"
vary: Accept-Encoding
x-cache: HIT Fri, 17 Nov 2023 15:29:09 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43804

Redirect headers

date: Sun, 24 Dec 2023 03:17:03 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-served-by: 3-gc-uswest1-t41p1035

GET
H/1.1 200
OK fullcontact.js Show response
tags.fullcontact.com/anon/ Frame F34E 36 KB
13 KB 45ms
2ms Script
application/javascript 13.35.147.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fullcontact.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/fcd6aefd-7d2a-46b5-8efc-9c52c2a29bdf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-107.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aea5f120a20b1ea5420d77bbafc9b25243efbe5ccc44d8402d3f1c83afd5d97

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 22:32:35 GMT
Content-Encoding: gzip
Via: 1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
Last-Modified: Thu, 09 Nov 2023 23:42:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SYD1-C1
Age: 47492
x-amz-server-side-encryption: AES256
ETag: W/"9f9d28537ce83140b8842b560cfd887c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 8dt-dT8V3cok_sf4JcWZzP7JMem8kQffHBjx6DtSwlu8sn80Ny3Hkw==

GET
H2

204

b2
sb.scorecardresearch.com/ Frame A6C2
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703387823011&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drumm...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703387823011&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drum...

0
225 B

141ms
141ms

Image
text/plain

13.35.147.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703387823011&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Server: 13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-107.syd1.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
via: 1.1 1c8c09a2d2295d49b2248ce893dbb6c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SYD1-C1
x-amz-cf-id: jZrOUq3O0iz4xG6c-CkoRmLUOKxp3-ZdDULWpwEKl_2gJVcv_hqX3w==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 24 Dec 2023 03:17:03 GMT
via: 1.1 1c8c09a2d2295d49b2248ce893dbb6c6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SYD1-C1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703387823011&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&c8=404%20%7C%20Rock%20Hill%20Herald&c9=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html
content-length: 0
x-amz-cf-id: 50zmjsSt3l9H3vL3V6nFMd0vMedOumjF2jgE-QMP-tj4E4SjWJH6NQ==

GET
H/1.1 200
OK fc-li.js Show response
tags.fullcontact.com/anon/ Frame F34E 17 KB
7 KB 2ms
2ms Script
application/javascript 13.35.147.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fc-li.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-107.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 11:22:20 GMT
Content-Encoding: gzip
Via: 1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
Last-Modified: Thu, 09 Nov 2023 23:42:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SYD1-C1
Age: 57283
x-amz-server-side-encryption: AES256
ETag: W/"d8ccf84ad80ea623b93d63e307d96a7e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: OgxpiiBPwwvhuetwIlQYpcL6DOKW-RdIe8q1qJOiif4eRSZsDVXSvg==

GET
H2 204 any Show response
idx.liadm.com/idex/unknown/ Frame F34E 0
374 B 636ms
210ms XHR
text/plain 34.232.181.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/any?duid=5fb552a76ef3--01hjcx6yype58ae5f2y1xgxc3s

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.181.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-181-85.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 2
access-control-allow-origin: https://www.heraldonline.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: 4971aaca36b799c4
expires: Sun, 24 Dec 2023 04:17:03 GMT

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 171ms
170ms Fetch
application/json 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/escenic.a9910136ebe9c439430c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

f33c96fdfb2c7ed90d4842e5c816f96c660a007b6223fc503423cf0a196bb80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-6587a2af-4b68642b1cf69c63502a59ed
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 180ms
160ms Preflight 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame E3E3 43 B
245 B 965ms
209ms Image
image/gif 54.198.156.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&ptype=other&pubname=The%20Herald&sec=404&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=all&tid=0cf74ef8-2c85-4d34-9a4b-eb0aa7d515f2&pid=58f0c217-23aa-4464-b9ae-633784d5b999&dtm=1703387823321&qnm=_matherq&visible=1&tabid=35612db8-83c9-436e-9add-080e30640ac8&refr=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&vrefr=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&vp=0x0&ds=0x0&tofa=1703387823&vid=1&lvidt=1703387823&duid=76617d33-626a-4853-8938-6a94df471225&fp=757557249&cid=ma12095&mrk=74930704&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcwMzM4NzgxOTA2NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMC42bWIiLCJoZWFwVCI6IjE2LjFtYiIsImZzdFBhaW50IjoiMzY5OCIsImZldGNoUyI6IjEyODQiLCJkb21haW5TIjoiMTk2NiIsImRvbWFpbkUiOiIxOTY2IiwiY29ublMiOiIxOTY2IiwiY29ubkUiOiIxOTc0Iiwic3NsUyI6IjE5NjgiLCJyZXF1UyI6IjE5NzQiLCJyZXNwUyI6IjI3NjEiLCJyZXNwRSI6IjMyNDgiLCJkb21Mb2FkIjoiMjc2NSIsImRvbUludGVyIjoiMzcxMCIsImRvbUxvYWRTIjoiMzcxMCIsImRvbUxvYWRFIjoiMzcxMyJ9fQ
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-156-105.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Sun, 24 Dec 2023 03:17:04 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 htlbid.css
htlbid.com/v3/heraldonline.com/ 3 KB
671 B 855ms
826ms Stylesheet
text/css 18.67.93.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/heraldonline.com/htlbid.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/netdale.3741370e61489fbd98ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-116.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:05 GMT
content-encoding: br
via: 1.1 a63f63c0130cd2db055700cdbe2c6c88.cloudfront.net (CloudFront)
last-modified: Thu, 30 Nov 2023 14:35:24 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
etag: W/"6079441ba3e393b1ed99fc06f4fd2fea"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: rdAuZlOJydPGOI4P2SEUccE3kgmR60BR4M1JaqXV9h5HQTJEYaUyYg==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/heraldonline.com/ 526 KB
140 KB 860ms
832ms Script
application/javascript 18.67.93.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/netdale.3741370e61489fbd98ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-116.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5d0343dcc66a7e49d2d672b4c4a9e751f91c8be8260f112b2707a2f9c1c18ef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:05 GMT
content-encoding: br
via: 1.1 a63f63c0130cd2db055700cdbe2c6c88.cloudfront.net (CloudFront)
last-modified: Thu, 30 Nov 2023 14:35:24 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256
etag: W/"d7a7845d8726c81b440f97bb06c1210b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: r_ALi8B26g6f1VVlMo6Jo4Yaqem2e__KC6dnVMbLTdM95o5Kur4hPw==

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 29 B
220 B 214ms
209ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/woldoni.cfb4d87a66b25444c815.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
X-Amp-Exp-Flag-Keys: WyJ6b25lLWNvbnRlbnQiXQ==
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJiOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q1X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImZsYWdfa2V5Ijoiem9uZS1jb250ZW50IiwiZGF0ZSI6IjIwMjMtMTItMjQifX0=

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 49
x-served-by: cache-bne12527-BNE
x-timer: S1703387824.518627,VS0,VE197
x-amzn-trace-id: Root=1-6587a2af-1284e7c42b9f66ae2bc40d62
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 14ms
13ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 735
cache-control: no-store
content-length: 0
date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65879fd0-723508c3260469ef0979b036
x-cache: HIT
x-cache-hits: 102
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1703387823.495853,VS0,VE0

GET
BLOB 200
OK b28ef106-13eb-4df9-ac56-ec0e420f114c Show response
https://www.heraldonline.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/b28ef106-13eb-4df9-ac56-ec0e420f114c
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf9e0e437a7242ccb145fd7c33dcde53ce757650fd680acdd6164f604e62b1d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 1 KB
756 B 218ms
216ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/woldoni.cfb4d87a66b25444c815.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0ad62f88cfbe521881823b3b018a1f97bf2ea0e273ab5f89aab78e586b2ce9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiJiOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiUkhIIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8yMDExLzA3LzA4LzMyMDQyNzUvbmV3LWRydW1tZXItYWRkcy1jaG9wcy10by1tYWNrLmh0bWwiLCJoYXNfZm9jdXMiOiJ5ZXMiLCJpZnJhbWVfbmVzdGluZyI6InRvcCIsInBhZ2VfbGV2ZWwiOiJPdGhlciIsInBhZ2VfbmFtZSI6IkVycm9yOjQwNCB8IFJvY2sgSGlsbCBIZXJhbGQiLCJwYWdlX3BhdGgiOiIvMjAxMS8wNy8wOC8zMjA0Mjc1L25ldy1kcnVtbWVyLWFkZHMtY2hvcHMtdG8tbWFjay5odG1sIiwicHVibGljYXRpb25fbmFtZSI6IkhlcmFsZCBPbmxpbmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2RrX2luaXRfc3RhdHVzIjoic3RvcmFnZSIsInNlY3Rpb24iOiI0MDQiLCJzZXJ2ZXIiOiJ3d3cuaGVyYWxkb25saW5lLmNvbSIsInRheG9ub215IjoiT25saW5lfFN5c3RlbVJlc3BvbnNlfEVycm9yfHwiLCJ1cmwiOiJodHRwczovL3d3dy5oZXJhbGRvbmxpbmUuY29tLzIwMTEvMDcvMDgvMzIwNDI3NS9uZXctZHJ1bW1lci1hZGRzLWNob3BzLXRvLW1hY2suaHRtbCIsImRldmljZV9wbW9kZSI6IjEiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q1X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImRhdGUiOiIyMDIzLTEyLTI0In19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 660
x-served-by: cache-bne12527-BNE
x-timer: S1703387824.519185,VS0,VE204
x-amzn-trace-id: Root=1-6587a2af-545dab695f4bd96555abae91
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 17ms
7ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1800
age: 735
cache-control: no-store
content-length: 0
date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65879fd0-723508c3260469ef0979b036
x-cache: HIT
x-cache-hits: 103
x-content-type-options: nosniff
x-served-by: cache-bne12527-BNE
x-timer: S1703387824.501675,VS0,VE0

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 165ms
164ms Fetch
application/json 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/escenic.a9910136ebe9c439430c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

77176019b46d1fe5e5b8dfe70d741c98fa01ea452be01438aaa110c0b783938b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-6587a2af-2f21b7557aea72e570f0d898
content-length: 94

GET
H2 200 parsely.d05ece40bb06d3adddee.js Show response
www.heraldonline.com/yzoo-binsl/ 5 KB
2 KB 24ms
10ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/parsely.d05ece40bb06d3adddee.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/b28ef106-13eb-4df9-ac56-ec0e420f114c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4572cde5e751ea85882221c45d869121a65ef2e2fd2b95c26dd4355190ea844f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38870
x-cachebust
server-timing: ak_p; desc="1703387823503_1749567078_579433430_530_8438_1_0_146";dur=1
content-length: 1766
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"12a8-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 773041950, 508563720 319790716
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421354
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 168ms
154ms Preflight 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000

GET
BLOB 200
OK fc383553-d4c6-4b8a-bcf5-8e8e9b90d711 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/fc383553-d4c6-4b8a-bcf5-8e8e9b90d711
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93726210bcee02b1b63b7a9ba59f901d106fed6729ae1aafc4e85108b2d945be

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 p.js Show response
cdn.parsely.com/keys/heraldonline.com/ 66 KB
23 KB 17ms
3ms Script
application/javascript 18.67.97.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/heraldonline.com/p.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/fc383553-d4c6-4b8a-bcf5-8e8e9b90d711
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.97.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-97-57.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 7e6f46b7bac7345de8666b80d10084702f163727054cec5707958b21c03eecb2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: public
date: Sat, 23 Dec 2023 11:25:31 GMT
content-encoding: gzip
via: 1.1 903696f43fdfc4019d7102b6711e9fca.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 18:59:58 GMT
server: nginx
x-amz-cf-pop: SYD62-P1
age: 57092
etag: W/"620d49ae-1070c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: xb8SW4ENUhDTInS1d6O90t24s3weq76fJyTV7iZwydZBDC5y62kn6g==
expires: Sun, 24 Dec 2023 11:25:31 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 617ms
152ms Image
image/gif 35.162.220.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1703387823548&plid=19917739&idsite=heraldonline.com&url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&sref=&sts=1703387823546&slts=0&title=404+%7C+Rock+Hill+Herald&date=Sun+Dec+24+2023+11%3A17%3A03+GMT%2B0800+(Australian+Western+Standard+Time)&action=pageview&pvid=67403384&u=pid%3D0fe3c7ae1735c997378a59f73ab45f1b
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.220.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-220-137.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 03:17:04 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 24-Dec-2023 03:17:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16115/ Frame F34E 39 KB
12 KB 13ms
2ms Script
text/javascript 18.67.93.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16115/sync.min.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-106.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d17e9fe9a43c70a5f0f9116f55f5bcef2c9131d08a5a22bf35542ff193605b4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:12:00 GMT
content-encoding: gzip
via: 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:48:15 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 61504
x-amz-server-side-encryption: AES256
etag: W/"d693fca6c67d287a6887ed6b09fc4574"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 7heJuk8St3WgJJ86VJ91lRB-LYgn7293IVrKuwWzQ9L281TCRAwH4Q==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F34E 156 B
539 B 537ms
185ms XHR
application/json 13.215.109.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16115/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.215.109.145 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-215-109-145.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 21d09a99930de7d54dcbfa583200d7e5728928f9837edc6149b4875680f214ca

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache
x-server: 10.42.11.249
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
BLOB 200
OK e6281a2f-b9df-4b4b-9071-5c08e3342951 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/e6281a2f-b9df-4b4b-9071-5c08e3342951
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14ce3b81ccfc257a12dd365d766d97bb5197395a1717e74d5d09425638804dd3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 159ms
159ms Preflight 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 166ms
165ms Fetch
application/json 44.226.76.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/escenic.a9910136ebe9c439430c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.76.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-76-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

e43eb99e2ef32c0661e394f3d124f5576c2fd67005361d96ac6cdeabca27d157

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-6587a2af-6ceebcec2aa357be2d27386a
content-length: 94

GET
H2 200 iterate.e214a91e4f7c9b0a7c65.js Show response
www.heraldonline.com/yzoo-binsl/ 2 KB
1 KB 14ms
14ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/iterate.e214a91e4f7c9b0a7c65.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/e6281a2f-b9df-4b4b-9071-5c08e3342951
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b2ad9300a8067a880aca995f7cb7ea3fea3c4a6758452fe6f309d2e1ea66f5f6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:03 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 42415
x-cachebust
server-timing: ak_p; desc="1703387823737_1749567078_579433575_447_7859_1_0_146";dur=1
content-length: 1057
last-modified: Thu, 21 Dec 2023 12:25:19 GMT
server: MI
etag: W/"6d1-60d043155c9c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1008142622 789514985
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421363
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H/1.1 204
No Content webtag.rtp
api.fullcontact.com/v3/ Frame F34E 0
0 849ms
218ms Fetch 52.4.236.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.rtp?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.236.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-236-210.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Date: Sun, 24 Dec 2023 03:17:05 GMT
X-Content-Type-Options: nosniff
X-Rate-Limit-Limit: 300
X-Rate-Limit-Remaining: 300
X-FullContact-RateDelay: 0
Connection: keep-alive
X-XSS-Protection: 1
X-FC-RID: a0ad0853-b54d-4440-a74f-ebd8df20b0c5
Referrer-Policy: same-origin
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin, Origin
X-Frame-Options: sameorigin
Access-Control-Allow-Origin: https://www.heraldonline.com
X-Rate-Limit-Reset: 60
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex,nofollow

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 508ms
410ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

11d41cd35185d4299f45f94f85cb57dd29d7c58fe9d5526198aef09640f8c388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29204
x-xss-protection: 0
server: cafe
etag: 629 / 19715 / 31080057 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 03:17:04 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 141 KB
32 KB 330ms
16ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c9703273d80cf01557170addc08db927f6e5f920952a0b580a3e5c1682ef7d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 12:26:43 GMT
server: cloudflare
x-amz-request-id: B6JG41TDH9TQDF02
age: 269
etag: W/"b1dca3567e19b1c478f4c0ef5e133abe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 83a5b070af8da87c-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5ML+ut7PLtPcfSAVRJ3IPDJHGiZUSKTrnuo6F6PN6knIWXiSfy7JZok71f/yaNmv/bF4rRsypSE=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/ 7 KB
2 KB 17ms
3ms Script
text/javascript 13.224.181.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-83.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: twZfULaLCuSu6sSf4IfyYxlioNp6VjIQ
content-encoding: gzip
via: 1.1 e91a1a5479163989c489fc34ab5e2c78.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 13:35:05 GMT
x-amz-cf-pop: SYD1-C2
age: 50050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 07 Aug 2023 19:00:29 GMT
server: AmazonS3
etag: W/"61173248aacab39adcbf53d6edf6a13d"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: BfrXtBtlGjYVAOCv-wKj8gWHPkIBGqYhb22z3KadYvWWVAcE9WOH-Q==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 191ms
2ms Script
application/javascript 13.35.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-151-131.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:02:43 GMT
content-encoding: gzip
via: 1.1 1c65a9672d4009a4b2d2b0463141bfa6.cloudfront.net (CloudFront), 1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:11 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1, SYD1-C1
age: 862
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: vTSiuCT7OQ37leqgODq1qsP7CZJhmTIqpP0K4J3zab_7QkO8MTuGrA==

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 126 KB
28 KB 17ms
2ms Script
application/x-javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: OYXhO0yAI32wYHLbaFkvb4YycLXHk8gH
content-encoding: gzip
via: 1.1 16481a07c9d54ca0e038ad1d2aec824a.cloudfront.net (CloudFront)
date: Sun, 24 Dec 2023 02:35:35 GMT
last-modified: Tue, 12 Dec 2023 13:01:22 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 2489
x-amz-server-side-encryption: AES256
etag: W/"6f5acc886b373331d622309f643f2f89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: gXEkmpd9LrwwUdxpPvziTNiVJZ8BdIb_J7Jif9TpAn_vPoEXLTQ8TQ==

GET
H2 200 / Show response
geo.privacymanager.io/ 31 B
609 B 150ms
148ms Fetch
application/json 99.84.238.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.238.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-238-198.sfo5.r.cloudfront.net
Software: /
Resource Hash: 9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

Accept: application/json
Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Dec 2023 13:36:45 GMT
via: 1.1 87c6648dc7c64379819f5f803f46a066.cloudfront.net (CloudFront), 1.1 86eb67c9cdffbb1cad0c7a18a9b0f5a4.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P6, SFO5-C3
age: 49220
x-amzn-requestid: 6943e5a9-9182-4399-a850-629a6d444e22
x-amzn-trace-id: Root=1-6586e26d-7beee7ac2f35cdef6fc688ac;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: QZhRIEdrjoEErWg=
content-length: 31
x-amz-cf-id: DvxyH2Qrd7eXZxffqb70L89aRlnuOg89YLBsm7KJvMHygC4B0kgwFQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 637ms
279ms Preflight
application/json 99.84.238.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.238.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-238-198.sfo5.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 03:17:04 GMT
via: 1.1 e5cc441b9fb43083908924e0365b1b14.cloudfront.net (CloudFront), 1.1 86eb67c9cdffbb1cad0c7a18a9b0f5a4.cloudfront.net (CloudFront)
x-amz-apigw-id: QbZbsHUhDoEEvwQ=
x-amz-cf-id: w61ehnavoeRBkVhOvcr1R_MoQ8dYyi29fYlw-ybm8_sGn6rBttL9pA==
x-amz-cf-pop: SFO53-P6 SFO5-C3
x-amzn-requestid: 8a62a4b9-62e0-4d11-85c1-9830d534002a
x-cache: Miss from cloudfront

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 821ms
814ms XHR
application/javascript 13.35.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-151-131.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
date: Sun, 24 Dec 2023 03:17:06 GMT
x-amz-cf-pop: SYD1-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: N_hoWKQ1q7UV2m-ekck0_xEWrM6s3fqHXe1tENVRIXRaFi7coYAOKA==

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 17ms
16ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: B91EFRDX6GA2ZVMV
age: 2098782
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83a5b070cfa7a87c-SYD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ss1EW3keMFbs9v1VaKck+kGbRtfwUNGYMge2zv9wAW65/jP8X+qTUIvjCdVPNX/rW+HIAz7CWyo=

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 4ms
3ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31909
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 22 Dec 2024 18:25:15 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 461ms
151ms Preflight
text/plain 74.118.186.106
TURN-US-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.heraldonline.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 24 Dec 2023 03:17:05 GMT

GET
H2 403 new-drummer-adds-chops-to-mack.html.js Show response
dyv1bugovvq1g.cloudfront.net/11/www.heraldonline.com/2011/07/08/3204275/ 243 B
657 B 1024ms
411ms Fetch
application/xml 13.227.21.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.21.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-21-165.sfo20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96465474d751b6bff0d53644b4e3549c67a2013220785d3ce648bfa50b0adeae

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 24 Dec 2023 03:17:05 GMT
via: 1.1 1343d20bdb50193b4d08099f66c57450.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: SFO20-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-max-age: 3000
access-control-allow-methods: GET
access-control-allow-origin: https://www.heraldonline.com
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-credentials: true
x-amz-cf-id: cM3E3Dj-y6xZgFD7Rj3l5EWul4oAOatueL40dPHZTkNVljBqt0q2tQ==

POST
H2 200 auction Show response
bidder.newspassid.com/openrtb2/ 145 B
776 B 790ms
364ms Fetch
application/json 52.45.163.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/openrtb2/auction
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.163.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-163-120.compute-1.amazonaws.com
Software: /
Resource Hash: f8b6c9c54b92e84d51baaa440ed1020d0143bc83765077cb1d12b0c5449a4ec6

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:05 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 145
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
199 B 1089ms
427ms Fetch 182.161.73.145
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.24.0&cb=74666696673&lsavail=1

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.heraldonline.com
date: Sun, 24 Dec 2023 03:17:05 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK mcclatchy Show response
direct.adsrvr.org/bid/bidder/ 0
404 B 296ms
98ms Fetch
application/json 15.197.196.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/mcclatchy
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae69789f15ba8a942.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 24 Dec 2023 03:17:04 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
210 B 715ms
238ms Fetch
application/json 74.118.186.106
TURN-US-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.heraldonline.com
pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
673 B 122ms
112ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=906097
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a7ff10b00da8bd3da44be3cb6d2a6068951790883ab5da4c59477183447e0d

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uyp0Mnh2pGD6u9tfWxogrlRJ8%2BNIgI83UBfJ%2FFrbDhoDWiT3Eclzf39vMTQHxFtXoqWIjHdbwSZaSWzvMaVPTKbHQ986FyElefCjvYf3YJW0VuiI6y%2BEyYXxWRwjAvshiqP2He%2FK"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83a5b0730d5d5551-SYD
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 10f892c4-b76d-4f37-b1fd-0ae5d74780b5 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
841 B 12ms
4ms Script
application/javascript 18.67.111.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-2.syd62.r.cloudfront.net
Software: CloudFront /
Resource Hash: c8001fdc5051b7bc0a65837b0c981810181fa2a79d6fe129bd06a60261a993b5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 02:45:17 GMT
via: 1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SYD62-P2
age: 1908
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 5Dk-tWZ_eTsjAU8rCqBZjxG22Y-KAkAMZa2FZ3eOarvbDq83QjlRHQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 334 B
687 B 206ms
205ms XHR
application/json 13.35.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldonline.com&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-151-131.syd1.r.cloudfront.net
Software: Server /
Resource Hash: 865cf4e6d16e7b9b50acc5825874547ca8154c6b973470dc78b55801ea49ac3a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:04 GMT
via: 1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SYD1-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 334
x-amz-cf-id: uBMKjvKsXDxtASGfUclNvmRGA-Bso03_kbkydPazTO71diPG5NSsEQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
359 B 355ms
340ms XHR
text/javascript 18.67.114.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&pid=NwfR5GkGGvlY5&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FRHL.site_heraldonline%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-114-43.syd62.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:04 GMT
via: 1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SYD62-P2
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 11pIL9qQgWiyRbQ-wnfxKtgEAOqavtnNgqhIm3s0eMAeyLUSUiWxjg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 18ms
5ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 04:02:38 GMT
content-encoding: gzip
age: 2157267
x-guploader-uploadid: ABPtcPpabVW4fC9SAqeRyi4UdAtt1Me-Lym_aa_kJwkYgNgrJpG5oL43bgAcE_Xov2WHGtJy4LyvQcURnwXAJwZQ65ADXw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 28 Nov 2024 04:02:38 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 1077ms
357ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:17:05 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 779ms
149ms Script
text/javascript 65.8.171.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.171.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-171-198.sfo53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 23 Dec 2023 17:22:59 GMT
Via: 1.1 bdb686e41bd85ffb1c6e5b48947e5566.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SFO53-C1
Age: 35647
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: WeS6nFpNHRbX5SbEYzOpRX5ETbvJTBCmzgX-FCPhot6NHz5WLoVR8A==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
897 B 596ms
14ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Dec 2023 03:17:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 24596
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-bne12525-BNE
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 204
No Content webtag.resolve
api.fullcontact.com/v3/ Frame F34E 0
0 213ms
213ms Fetch 52.4.236.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.236.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-236-210.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Date: Sun, 24 Dec 2023 03:17:05 GMT
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Vary: Origin, Origin
X-Frame-Options: sameorigin
Access-Control-Allow-Origin: https://www.heraldonline.com
Access-Control-Allow-Credentials: true
X-FullContact-RateDelay: 0
Connection: keep-alive
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1

OPTIONS
H/1.1 200
OK webtag.resolve
api.fullcontact.com/v3/ Frame 0
0 212ms
211ms Preflight
text/plain 52.4.236.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.4.236.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-236-210.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, PUT, PATCH, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: https://www.heraldonline.com
Access-Control-Max-Age: 3600
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Content-Type: text/plain
Date: Sun, 24 Dec 2023 03:17:05 GMT
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-FullContact-RateDelay: 1
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1

85 B
194 B

181ms
180ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ca82ef793e7402a2b77727d99d656bab2ce488bec947cda7a92a99d865d08aa1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:05 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-K+8aazUdCozr6Stna+eQlwZoS5A"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 24 Dec 2023 03:17:05 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.heraldonline.com
location: /esp?url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 119 KB
25 KB 778ms
168ms Script
text/javascript 18.155.204.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.204.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-204-188.sfo53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2f2770331da97454b49f5da15de4b42f8d7f3e08f8cb69552ab7900b6a786a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: fE9wnnCNh5kwxr0cmWeHKRcxuMhW3U42
content-encoding: gzip
via: 1.1 bfad77da64cd65a36fcbbe44acb655e8.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 15:48:07 GMT
last-modified: Fri, 22 Dec 2023 16:18:01 GMT
server: AmazonS3
x-amz-cf-pop: SFO53-P2
age: 41340
x-amz-server-side-encryption: AES256
etag: W/"66c3ad13a9422db4ec3a470300c6732f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
x-amz-cf-id: SBuIxIthTpDhxnG8cpyaPuwPbmmxL-c0IXO8yKTOY5oSiknhvbWoQw==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 651ms
224ms Image
image/png 54.231.195.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1d88a2178bf1
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.195.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 03:17:06 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: NSN6160N4KQMADGS
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: TfvqH17fZzZ8dis2brsZYzQzZ2nWDEd3uu3+Ws4wo6nJDIVYEpAPyRhsqwr3d9+jutTEi2UPQoA=

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7725 615 B
796 B 307ms
100ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9fa7225f10499e52877e170c364671b49cc828353e84af3a97076543ab485cc3

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 379
content-type: text/html
date: Sun, 24 Dec 2023 03:17:05 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7725
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5de54060-5460-4784-a23b-a23f542f42d4&ttd_puid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0&gdpr_consent=

43 B
314 B

99ms
98ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5de54060-5460-4784-a23b-a23f542f42d4&ttd_puid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:05 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=5de54060-5460-4784-a23b-a23f542f42d4&ttd_puid=1badd23e-2f03-7239-d56a-0b75b0666e1c&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 03:17:05 GMT
server: Kestrel
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 7725
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeissCo8X4AAJdrUwwAAAAA

43 B
61 B

99ms
98ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeissCo8X4AAJdrUwwAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sun, 24 Dec 2023 03:17:06 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.162","key":"ZYeissCo8X4AAJdrUwwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40004"}
X-SO-Key: ZYeissCo8X4AAJdrUwwAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40004
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYeissCo8X4AAJdrUwwAAAAA
Cache-Control: private
X-SO-HostName: a-ad40004.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: m-tgng26.dc4p.scaleout.jp
X-SO-IP: 66.203.112.162

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 7725
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARZLseD8N0I-ks8AED41vgYipM8AAAGMmdOHZQ

43 B
97 B

101ms
99ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARZLseD8N0I-ks8AED41vgYipM8AAAGMmdOHZQ
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
via: 1.1 7deef1b127ef20298bc2b899e7c84e4a.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SYD1-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARZLseD8N0I-ks8AED41vgYipM8AAAGMmdOHZQ
cache-control: no-cache
content-length: 0
x-amz-cf-id: _ZLUvee_0-7Vd87c5Gtomhj_T7uIE4RFnYxGU5fc5mpsFnIYfqSjjQ==
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7725
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzdjMjAxZjQtZTY3NC0yYzlkLWMwOGEtNTFjYzdhODRhMDdj
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzdjMjAxZjQtZTY3NC0yYzlkLWMwOGEtNTFjYzdhODRhMDdj&google_tc=

170 B
243 B

102ms
102ms

Image
image/png

172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzdjMjAxZjQtZTY3NC0yYzlkLWMwOGEtNTFjYzdhODRhMDdj&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzdjMjAxZjQtZTY3NC0yYzlkLWMwOGEtNTFjYzdhODRhMDdj&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7725
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDzcMFNdccrbhNW5FB8chUI&google_cver=1

43 B
97 B

100ms
99ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDzcMFNdccrbhNW5FB8chUI&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDzcMFNdccrbhNW5FB8chUI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 98A9 14 KB
6 KB 846ms
182ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.heraldonline.com&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 03:17:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 666722
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 102 KB
26 KB 475ms
475ms Fetch
text/plain 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=987889522045701&correlator=4143219018508928&eid=31080057&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=7675%2CRHL.site_heraldonline&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=1x1%2C970x250%7C970x90%7C728x90&ifi=1&sfv=1-0-40&ists=2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703387826298&lmt=1703387821&adxs=-12245933%2C315&adys=-12245933%2C145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&vis=1&psz=0x0%7C970x0&msz=0x0%7C970x0&fws=128%2C0&ohw=0%2C0&ga_vid=1102867746.1703387826&ga_sid=1703387826&ga_hid=740661052&ga_fc=false&a3p=EjsKCnB1YmNpZC5vcmcSJDNhMjljZjQyLTQzMDItNDRmMi05NTllLWM3OWY2ODdiYWRiNxjEjM7OyTFIABIdCg5lc3AuY3JpdGVvLmNvbRjrh87OyTFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZVVGSWRGbzBZVVZVWXpaUWRrMVBaREZGUm1RMFVUMDlJbjA9GP6Kzs7JMUgAEhkKCnVpZGFwaS5jb20Y64fOzskxSABSAghk&dlt=1703387821831&idt=3237&ppid=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&prev_scp=htl_refresh%3D1%26htl_slot_gpid%3Dweb-overlay%26slot%3Doverlay%7Catf%3Dy%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-top-banner%26pkg%3Da%26slot%3Dtop-banner&cust_params=htlbidid%3D27104%26is_testing%3Dno%26cob%3Dy%26sub%3Dn%26vl%3D0%26pl%3Derror%26segs%3D%26mkt%3Doom%26mspl%3Doom_n_error&adks=2074820470%2C830249016&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

7ef1c98469dfec32c2a5cf92ef95c869f86e06f19e633bb70a65ff3a23b8c5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26057
x-xss-protection: 0
google-lineitem-id: -2,6410121981
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138454390633
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e6aa54ac7bcb7f59e67f7c54e3df3cf5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF33 6 KB
3 KB 502ms
97ms Document
text/html 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6aa54ac7bcb7f59e67f7c54e3df3cf5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 03:17:06 GMT
expires: Mon, 23 Dec 2024 03:17:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 696ms
195ms XHR
text/xml 3.239.232.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.239.232.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-4.compute-1.amazonaws.com
Software: /
Resource Hash: 0a56351d58a5d6cd081830c9e6456e03c8a7202fa6ee78c96b033a4c85863a6d

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Sun, 24 Dec 2023 03:17:06 GMT
connection: keep-alive
x-amzn-RequestId: 65c701a3-ecf9-5c09-a5c7-5fa2480bb7d3
Content-Length: 378
Content-Type: text/xml

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6431 0
0 141ms
141ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9rwdmTShrVnU5u_tvopKfn05RlI4yR_djW1Ns8TGHTnbGBUMbOM-QRSM3kqNqAEQWD96B2m92lze0wuFot1npr7R0rvu18M1ay91VJFwRljFJUexQVrHwhDwGr1L9sa3BvEtPEA2BM4Jjc_TrgVsh_J-MQbRBmDMcUTV6OAzRZ-exLrIwiP56aVPJr45MdtH4ohK5m6kz57p0yWV_6D4XNOfzu-I0lv_4XzzKoHrIOfFwnhDEbwHrYEsqHTwGOCHynN2BVW8Uax82FtKnmNG3Rbn7QA80bUOQjC8ALKsQ2YCc9KY6tJJt8gwJGOAxyS8dJ3ZpPzoNrcj4sxlHaFDexCMaWS2WuzTgVjIPEOEWZ-R03xgyXMTWzXDF5D-j-KXUrVKOcyjBcv1iCmK-XPA&sai=AMfl-YSk9x2em54Q9LQhqpchMQQVhz7Q-ugSS9Y6c2aK4AH5r-I94gU1d9kCS0JYNSOG3CiduvsBymgyrjsF_JJE3IJRUoAj0m0MbXC1BLjPpsyyIv8GOBgq-UYuuXIWPxQ1XpgcIRfxYv3BjHBa1T8R5Gw&sig=Cg0ArKJSzFMR2lHLWqFOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6431 23 KB
9 KB 5ms
2ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 02:26:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 02:26:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6431 3 KB
1 KB 5ms
3ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 01:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 01:53:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6431 203 KB
65 KB 366ms
266ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 03:17:07 GMT

GET
H2 200 15096416949188868864
tpc.googlesyndication.com/simgad/ Frame 6431 57 KB
58 KB 3ms
3ms Image
image/jpeg 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15096416949188868864

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

549a5e7cdd65556ef5e532b4456a6f0b0c065cca145053e2bac33320468cb0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 20:46:32 GMT
date: Sat, 23 Dec 2023 20:46:32 GMT
x-content-type-options: nosniff
age: 23434
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58806
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 05:40:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6431 0
0 535ms
133ms Image
text/html 142.250.76.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSC9fBtyT8KCF-NHyPvmd9jkSVYtliiJAzV1slvcOczryPIZo0xvZSbMw8GwIss4RQFIBQXbGw38Upvi2NYX3kl6DQvUA
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.76.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s24-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
BLOB 200
OK 5410d0c0-be14-4acb-a452-0a58ce1f1c81 Show response
https://www.heraldonline.com/ 392 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/5410d0c0-be14-4acb-a452-0a58ce1f1c81
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 874cfdcfaf38444c9f3f3f29f491d63d843166c3319b22b1a1599e9d6872176d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 392
Content-Type: [object object]

GET
DATA 200
OK truncated
/ Frame 6431 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b698748f2e584d99efa8a524c419746d6881c45b1ceae8f2f4723376ac9824a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pdp.gif
www.heraldonline.com/yzoo-binsl/ 42 B
455 B 829ms
829ms Image
image/gif 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/yzoo-binsl/pdp.gif?a=eyJpZCI6Im1pX3RpX3JoaF9iOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjNfMTcwMzM4NzgyMzczNV8xNzAzMzg3ODIyODM1IiwiaSI6eyI2NDEwMTIxOTgxIjoxfSwibm93IjoxNzAzMzg3ODI2ODQ4LCJucyI6ZmFsc2V9
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:07 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 391821
x-cachebust
server-timing: ak_p; desc="1703387826885_1749567078_579435280_81770_9094_1_0_146";dur=1
content-length: 42
last-modified: Tue, 19 Dec 2023 12:37:13 GMT
server: MI
etag: "2a-60cdc2035d040"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1000440922 1008337224
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 98A9 451 B
572 B 181ms
181ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=heraldonline.com&sn=ChromeSyncframe&so=0&topUrl=www.heraldonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.heraldonline.com&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

95c490fe449684e07b792ead7aac0da81c8a89b2bc8e220ff42e129ed5e65223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.heraldonline.com&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1236257
expires: 0

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 250ms
250ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:17:07 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
349 B 537ms
138ms Image
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=987889522045701&vrg=202312070101&nw_id=7675&nslots=2&eid=31080057%2C676982961&pub_url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&qid=CNn_uJKOp4MDFRYvgwMdVkUBVA&iu=%2F7675%2FRHL.site_heraldonline&e=0&ret=728x90&req=970x250%7C970x90%7C728x90&bm=0&efh=1&stk=0&ifi=2

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6431 0
0 842ms
141ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvluxoOWDxg35PMWR8wSdduvcPc-i2byrimjlw_TP29rMtGFGXhJZwXe067Tq36BLkdRsY3gh8aIWyY7Wql6rGLIhqoiMkvNlGnoru-Vg3yFnyu71c1fU0_3jRgU9L5zL_JAr5C_1Qujpn4m3HStiid9hEGKVMdb-SBldZgq8fHt4rwIT8rr5Mh_R2ZIn2l7-7LTa_2052C8T4mD0mb-PRQyTF9nBSzP_s61f4F3yGDAEFi9fADh60XOkW6M25Y3uN4FLYU0yWJlpJHPwpQaQ14knYajtcy3LKcT7yuBIDwNBwD0aJS9opkMKOztd1I1VlX3MGLgfbHweXrtDLoz6HpZo9--6K6ld6cA1K7K3ssv-OheXVyM96ntlMhRjAwtUbj4Q&sai=AMfl-YTiFAWWnbIdSIIB3PkVEwfpgVx10zV10Z94iV-g50WdZax85fnCYKak95zuFOdq9rp-fVu1zgvWsB_PmADPC11Osi6ROwaaCJbbUBkuN41mWwkE9WFNemRVAK6RT4CMPJp5bfmx_e1wHkMhZ_lGsGk&sig=Cg0ArKJSzJShHqq5PBm_EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Dec 2023 03:17:08 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame E3E3 43 B
245 B 209ms
209ms Image
image/gif 54.198.156.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjQxMDEyMTk4MSIsImVidXkiOiIzMjY5OTk1OTA1IiwiZWFkdiI6IjUxNzM5NTk3MzQiLCJlY2lkIjoiMTM4NDU0MzkwNjMzIiwiZWVudiI6ImoiLCJlcGlkIjoiMTQ5NDI5MzQiLCJlc2lkIjoiMTQ5NDI5MzQifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Australia%2FPerth&tzoff=-480&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=all&tid=fb3ba12e-ea7c-472d-9e8b-f6e093583c7b&pid=58f0c217-23aa-4464-b9ae-633784d5b999&dtm=1703387827382&qnm=_matherq&visible=1&tabid=35612db8-83c9-436e-9add-080e30640ac8&refr=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&vrefr=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&vp=0x0&ds=0x0&tofa=1703387823&vid=1&lvidt=1703387823&duid=76617d33-626a-4853-8938-6a94df471225&fp=757557249&cid=ma12095&mrk=74930704
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-156-105.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Sun, 24 Dec 2023 03:17:07 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 1025ms
365ms XHR
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:17:08 GMT

GET
BLOB 200
OK d82a8162-ca2c-4d34-ae2e-8439d88b0c70 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/d82a8162-ca2c-4d34-ae2e-8439d88b0c70
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a9335c278c8acec02d8b10604dacee8a251102b05bf74c0d94a573840699f1

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 0194abf1-75ae-4356-bd08-b7f744462687 Show response
https://www.heraldonline.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/0194abf1-75ae-4356-bd08-b7f744462687
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 415d71b9c38b4a02ca305ccad1b718883551e63dd4dcff2bf56c495f8e1274ba

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 cookie-consent.css
cdn-prod.securiti.ai/consent/ 45 KB
8 KB 770ms
157ms Stylesheet
text/css 18.244.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent.css

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/danelei.beb7b7c4776c1e534900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.214.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-214-70.sfo53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6eebacb4467fcf863339daac6eb21e851dabb9ee73cd7c038e5cd7f5e9e375dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: T4z6gWjblltM2TfKm7Hm2_OjYQzdbTxP
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Sun, 24 Dec 2023 03:09:20 GMT
via: 1.1 e2e90f6479178a2ff1076d8a877a1070.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P4
x-amz-server-side-encryption: AES256
age: 469
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Dec 2023 02:18:32 GMT
server: AmazonS3
etag: W/"36b0f5e23b1b5d81ff8822d2c317bc2d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-amz-cf-id: iIY-MLNkz7-WkiBgxd0hXgS-Z3wWEedBxO68MXf_8fjG0jEkFFLL6Q==

GET
H2 200 cookie-consent-sdk.js Show response
cdn-prod.securiti.ai/consent/ 342 KB
74 KB 795ms
183ms Script
text/javascript 18.244.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/danelei.beb7b7c4776c1e534900.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.214.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-214-70.sfo53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: HQQA.HkiJbhMDPsQvlhM6jxNRcQ95BNi
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Sun, 24 Dec 2023 02:18:48 GMT
via: 1.1 e2e90f6479178a2ff1076d8a877a1070.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P4
x-amz-server-side-encryption: AES256
age: 3501
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Dec 2023 02:18:26 GMT
server: AmazonS3
etag: W/"07df42af6f2cbc0b53ad415ce030e2bf"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: PcHnd_tba6Mek_CjhL6My0trIwtsAXSa3g4qwwOKD5cv-Bx0DD8sWA==

GET
BLOB 200
OK 0b78ddf6-36a6-4fa2-8855-df771076ced1 Show response
https://www.heraldonline.com/ 380 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/0b78ddf6-36a6-4fa2-8855-df771076ced1
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcd855880965e4ff11fa63391d73254249a191b7eebd26e492c223fc0316b7cf

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 380
Content-Type: [object object]

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 826ms
129ms XHR
application/json 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

22c1d3568f6833497b6563dbae4a25e098153cc18c5971a535707e9879f3c007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12292
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BEA7 14 KB
6 KB 185ms
185ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldonline.com&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 03:17:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 3666951
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
BLOB 200
OK 053c9c1f-994b-4077-8614-4b077ca5fa79 Show response
https://www.heraldonline.com/ Frame 898A 596 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/053c9c1f-994b-4077-8614-4b077ca5fa79
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c891dc1120f82159a36c2cda20ac28ada68c688e3a9d4a4e3dbced19ec8ea4e4

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 596
Content-Type: text/javascript

GET
BLOB 200
OK 70fb9ea1-f4fc-4a78-b8da-cee5a8cacc09 Show response
https://www.heraldonline.com/ Frame C1AD 385 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/70fb9ea1-f4fc-4a78-b8da-cee5a8cacc09
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9984c8c2db6be88394af7aaea6a3e815012cc4b6a3579bdb76919a3bd0ec0f3

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 385
Content-Type: text/javascript

GET
BLOB 200
OK 6fd85beb-988a-4f14-b020-77c5aa85d98b Show response
https://www.heraldonline.com/ Frame 7338 724 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/6fd85beb-988a-4f14-b020-77c5aa85d98b
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 724
Content-Type: text/javascript

GET
BLOB 200
OK fd3259fe-e9a9-4347-86f4-835949eee8b0 Show response
https://www.heraldonline.com/ Frame 04D6 510 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/fd3259fe-e9a9-4347-86f4-835949eee8b0
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 510
Content-Type: text/javascript

GET
BLOB 200
OK ce941c61-b309-4f47-ad5e-c0c55b789662 Show response
https://www.heraldonline.com/ Frame 4F15 464 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/ce941c61-b309-4f47-ad5e-c0c55b789662
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 147a18f3a2fbe9c12fc39f4306937fd3ffb54e152a59bd1060ec4cfa2febad31

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 464
Content-Type: text/javascript

GET
BLOB 200
OK 532c54c5-cda0-42b9-ad98-35372b0fe573 Show response
https://www.heraldonline.com/ Frame 7454 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldonline.com/532c54c5-cda0-42b9-ad98-35372b0fe573
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 844f0527fa5c78c6091b48678c3bbe639ff46b2bdbc37c3d2928e8b23997d7db

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 2004
Content-Type: text/javascript

GET
H2 200 pageLoad.9264b34c3990daa1c68b.js Show response
www.heraldonline.com/yzoo-binsl/ 132 KB
42 KB 46ms
46ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/pageLoad.9264b34c3990daa1c68b.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/d82a8162-ca2c-4d34-ae2e-8439d88b0c70
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 383dbb723333ea738ec990b8842da537b2b06f80316f4c250f051456a7f288a5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:07 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38884
x-cachebust
server-timing: ak_p; desc="1703387827949_1749567078_579435825_3628_8094_1_0_146";dur=1
content-length: 42710
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"21191-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 318079365, 183305281 53675369
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421364
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 hanealneh.99f3b2c1ebb2d78d05d5.js Show response
www.heraldonline.com/yzoo-binsl/ 162 KB
45 KB 28ms
28ms Script
application/javascript 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/hanealneh.99f3b2c1ebb2d78d05d5.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/0194abf1-75ae-4356-bd08-b7f744462687
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a2b289e6bc8cf121df130fcbddf992171948679a2011d78ee4072bf5fbc6a8b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:07 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38884
x-cachebust
server-timing: ak_p; desc="1703387827959_1749567078_579435832_712_9556_1_0_146";dur=1
content-length: 45657
last-modified: Thu, 21 Dec 2023 13:23:27 GMT
server: MI
etag: W/"287e0-60d05013c71c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 160339550 49349711
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=421310
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.heraldonline.com/yzoo-binsl/ 42 B
463 B 772ms
771ms Image
image/gif 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/yzoo-binsl/pdp.gif?k=eyJpZCI6Im1pX3RpX3JoaF9iOWRjM2I5ZC1iZWYzLTQyNWItYTIxZS02ZDBlODg3ODI0ZjNfMTcwMzM4NzgyMzczNV8xNzAzMzg3ODIyODM1IiwiZ3B0UmVxdWVzdGVkIjo1MzI3LCJsb2FkRXZlbnRTdGFydCI6ODgyMn0=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 391821
x-cachebust
server-timing: ak_p; desc="1703387827960_1749567078_579435833_75133_9545_1_0_146";dur=1
content-length: 42
last-modified: Tue, 19 Dec 2023 12:37:13 GMT
server: MI
etag: "2a-60cdc2035d040"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 572654858, 320438656 791577844
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86346
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 898A 31 KB
10 KB 122ms
3ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2411
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/053c9c1f-994b-4077-8614-4b077ca5fa79
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 02:28:07 GMT
via: 1.1 google
content-encoding: br
age: 2941
x-guploader-uploadid: ABPtcPrAqcATLBMuON1lj_iL0xFYt7NsFnjmEOsixP7lHYc1c_-nUyJ3ntANOdUfUYohynD5YGkQ0u0bYtkSEE5vPO2dqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10218
last-modified: Mon, 18 Dec 2023 20:13:43 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-hash: crc32c=P2fgBQ==, md5=IwpC9BBrIFbFRmT73giztw==
x-goog-generation: 1702930423872068
content-language: en
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32241
accept-ranges: bytes
cache-id: SYD-85eb07e

GET
H2 200 a-01ef Show response
b-code.liadm.com/ Frame C1AD 47 KB
15 KB 723ms
402ms Script
application/javascript 18.67.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01ef
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/70fb9ea1-f4fc-4a78-b8da-cee5a8cacc09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.111.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-115.syd62.r.cloudfront.net
Software: /
Resource Hash: 7422a85a653f74d6aca8bdbdfd81886dba02cc32a08587d3be883d8e67ee6923

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: gzip
via: 1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: 8WD_BPLomIMiy534PIesYlP88SLiFuqyZe32axSpXJbNKubOauQj6g==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ Frame 7338 18 KB
7 KB 630ms
210ms Script
text/javascript 44.219.13.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/6fd85beb-988a-4f14-b020-77c5aa85d98b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.219.13.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-13-108.compute-1.amazonaws.com
Software: /
Resource Hash: 4ae779d5b3b4fa5d413457a49ac9bd5c7d00fd18e4eed456fa5a057719b54b11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 03:17:08 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/ Frame 04D6
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1703387827956
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1703387827956&ja=1

44 B
424 B

4ms
3ms

Image
image/gif

54.79.170.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1703387827956&ja=1
Protocol: H2
Server: 54.79.170.153 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-79-170-153.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:07 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:07 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html&rp=&ts=compact&rnd=1703387827956&ja=1
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame 4F15 23 KB
9 KB 855ms
201ms Script
application/javascript 103.229.10.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/ce941c61-b309-4f47-ad5e-c0c55b789662
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 31 Dec 2023 03:17:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 7454 186 KB
68 KB 511ms
112ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48284889-1

Requested by

Host: www.heraldonline.com
URL: blob:https://www.heraldonline.com/532c54c5-cda0-42b9-ad98-35372b0fe573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ac9df448aa1f32253067e83629b426f929a773caba9debd553cd8b04df563382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68983
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Dec 2023 03:17:08 GMT

GET
H2 404 webpush_desktop_.svg Show response
www.heraldonline.com/yzoo-binsl/messaging/ 25 KB
26 KB 801ms
801ms XHR
text/html 23.196.44.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/yzoo-binsl/messaging/webpush_desktop_.svg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/heraldonlinecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.44.26 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-44-26.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 24876072d5f5f5e683e1154a1f5e069c9fec6ccd11a877b4df721ea96ea199c2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1703387828007_1749567078_579435853_77237_8003_1_0_219";dur=1
content-length: 25837
mi-api: WPS
last-modified: Sun, 24 Dec 2023 03:17:08 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "64ed-RAukEpTCP8qDb9LfBo5rP2el2mA"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html;charset=utf-8
x-varnish: 951035615, 1007911159
access-control-allow-origin: *
access-control-allow-credentials: false
x-robots-tag: noindex, nofollow
access-control-allow-headers: *

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 374 B
470 B 281ms
281ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/yzoo-binsl/hanealneh.99f3b2c1ebb2d78d05d5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5029367a541d22bc127aa3136a18e48e856dda21833488f9de35808d301b376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 30b0c496-3d79-4a2d-9171-8ac43e5917bc
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json
Referer: https://www.heraldonline.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: e9a0daa6-3b7e-4a8a-8055-4ee56f42499b
x-served-by: cache-bne12529-BNE
x-runtime: 0.036307
etag: W/"a5029367a541d22bc127aa3136a18e48"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 280ms
242ms Preflight 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Sun, 24 Dec 2023 03:17:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-bne12529-BNE

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 898A 535 B
1 KB 32ms
31ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&pv=1703387828081_5tnzr8ecn&bl=en-us&cb=7031785&return=&ht=&d=&dc=&si=1703387828081_5tnzr8ecn&cid=mi_ti_rhh_b9dc3b9d-bef3-425b-a21e-6d0e887824f3_1703387823735_1703387822835&s=1600x1200&rp=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&v=2.5.5.72
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: ef20dcb84e60fc1466862df5688eb581840bede74f1e95cb98a82d7ba79af943

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 898A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640849529058099205&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640849529058099205&redir=

42 B
716 B

211ms
211ms

Image
image/gif

52.7.152.132
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640849529058099205&redir=

Protocol

Server

52.7.152.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-7-152-132.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0c0d8dc9b.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: k+8s/39US2U=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-0d1ba4552.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: X5REIVmhQbE=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3640849529058099205&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

utsync.ashx
ml314.com/ Frame 898A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=

43 B
330 B

29ms
29ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Mon, 25 Dec 2023 03:17:08 GMT

Redirect headers

location: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 03:17:08 GMT
server: Kestrel
content-length: 241

GET
H3

200

csync.ashx
ml314.com/ Frame 898A
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3640849529058099205
https://ml314.com/csync.ashx?fp=53ef9d946ddf1c3059b291866e067815&eid=50146&person_id=3640849529058099205

43 B
56 B

22ms
22ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=53ef9d946ddf1c3059b291866e067815&eid=50146&person_id=3640849529058099205
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 03:17:08 GMT
date: Sun, 24 Dec 2023 03:17:08 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=53ef9d946ddf1c3059b291866e067815&eid=50146&person_id=3640849529058099205
cache-control: no-cache
x-server: 10.42.3.51
content-length: 0
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 898A
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2VHiusLppXDNML4XtQQND2oVGvjsO-VixtJkZnwU5sic&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

6ms
5ms

Image
image/gif

54.153.211.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Protocol: HTTP/1.1
Server: 54.153.211.209 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 24 Dec 2023 03:17:08 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
x-cloud-trace-context: f7273b15a77d57ec171e31bc70941031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Mon, 25 Dec 2023 03:17:08 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame BEA7 462 B
577 B 181ms
181ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldonline.com&sn=ChromeSyncframe&so=3&topUrl=www.heraldonline.com&bundle=1CsQC19aaWJ0dDlvZjclMkJnUUZ0NlVrdklBUGQzZElYazQ2c3VhcHJIV2swNXpQa3ltSDJsTzgwMktadFhQdGRKa0MwMk96S0Q1dHRJVmNDWm5iRG1obWp0TmRDSnBJWGtIb2c4ZVFsY1NCb2l2Rmh5cjNFWFRqQU15WkEzNWlRUiUyQiUyRnYxMG1xS01XZDVJaiUyRkJpUEFQZkxwcG5iQjJsdko1cWh0R2clMkJzeXRxeUF2N1hnJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldonline.com&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

09d2f41b51b021295d974fe9a031a76455080715854ab8d53472c16813efc99c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldonline.com&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1678799
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6431 42 B
174 B 440ms
139ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxHdaLrApwocHjLADe151Ni-DX1jvAy66sGobb5cso-VJdYGoWYsTKsRnBkGpGCQRZKByqwrCZJfGlT05EB6phU9e9ir2LFQXWGGYCOW9FzeU_q4pQHx3Ob9OYzqrkS7oUL-539hSf1XCTt-IoRXTfzJdg&sig=Cg0ArKJSzHYoEPrhMASUEAE&id=lidar2&mcvt=1000&p=100,436,190,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=830249016&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703387826806&rpt=571&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ Frame 7338 65 B
203 B 212ms
211ms Stylesheet
text/css 44.219.13.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.219.13.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-13-108.compute-1.amazonaws.com
Software: /
Resource Hash: 358e679f1a2d97a7f13f69ae8464d7f47005caa8b1767f448a90d3a54f617c1f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 03:17:08 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ Frame 7338 0
2 KB 589ms
193ms Fetch
image/jpeg 44.219.13.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.219.13.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-13-108.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 03:17:09 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 7454 236 KB
82 KB 114ms
112ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D839QB0JXN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48284889-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d5493cdce45af3a1aad505d6c770d5402055006a27f1cfe5e91dbbd25228ef5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 03:17:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 7454 52 KB
21 KB 403ms
3ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48284889-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Dec 2023 03:16:38 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 31
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Dec 2023 05:16:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 127ms
126ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 03:17:08 GMT

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame 4F15 1 KB
1 KB 325ms
3ms Script
application/javascript 13.224.181.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-82.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 02:56:07 GMT
content-encoding: gzip
via: 1.1 52fa887ba82513d16e3f586c3db681fe.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C2
age: 1263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:15:13 GMT
server: AmazonS3
etag: W/"52f4ba3839d01c1dbb310f6ef96bde89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: qBFNONvDp1GgERc2fkurjxqvgSqnBn4lj8LUnlAsrEMrCv8TdiCaHw==

POST
H2 204 collect
analytics.google.com/g/ Frame 7454 0
258 B 500ms
97ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D839QB0JXN&_ono=1&gtm=45je3bt0v9134466859&_p=1703387827957&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=737356277.1703387829&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&dp=%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&dl=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&dr=&dt=Error%3A404%20%7C%20Rock%20Hill%20Herald&sid=1703387828&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.content_group1=Herald%20Online&ep.content_group2=404&ep.dimension1=RHH&ep.dimension2=Herald%20Online&ep.dimension3=Other&ep.dimension4=Online%7CSystemResponse%7CError%7C%7C&ep.dimension6=404&ep.dimension7=Product%3A%20Escenic&ep.dimension14=&ep.dimension15=&ep.page_hostname=www.heraldonline.com&tfd=963
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D839QB0JXN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 7454 0
47 B 588ms
96ms Ping
text/plain 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-D839QB0JXN&cid=737356277.1703387829&gtm=45je3bt0v9134466859&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D839QB0JXN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ Frame 7454 42 B
408 B 504ms
103ms Image
image/gif 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-D839QB0JXN&cid=737356277.1703387829&gtm=45je3bt0v9134466859&aip=1&dma=0&gcd=11l1l1l1l1&z=699796897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/58f030b0-87c4-4179-90a5-ddff721a27f2/ 182 KB
50 KB 768ms
168ms XHR
application/json 18.244.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/58f030b0-87c4-4179-90a5-ddff721a27f2/en.json

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.214.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-214-70.sfo53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

809a37bd42adff1c5c0e4f42d93c88fd205c1a341c90de56276797b47c7ffaa6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: bqhJWLj.Xo4RoVaJr.nV1zfWl6IqIGHx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Sat, 23 Dec 2023 11:18:37 GMT
via: 1.1 2fb361d51da8eb93e27836ee244084b2.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO53-P4
x-amz-server-side-encryption: AES256
age: 60392
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 21 Jul 2023 18:46:23 GMT
server: AmazonS3
etag: W/"ecf2842bd381e66ad85cc1f105e4566c"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY
cache-control: public,max-age=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: qU_BqygXVh-jp-ayy0YUCxUzJRMVkQhtYrk_Nc2bJcUpeyp3_lqhTw==

GET
H2 200 location Show response
app.securiti.ai/core/v1/utils/geo/ 861 B
1 KB 431ms
142ms XHR
application/json 3.33.255.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/core/v1/utils/geo/location

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.255.181 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aedf1f689f9b4287e.awsglobalaccelerator.com

Software

Resource Hash

61147ade1da9b49ebbc02138d3e14ec13762c12aa9f3a837e55e7ebe01bdd5fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:09 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
content-length: 861
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A7D 13 KB
5 KB 3ms
2ms Document
text/html 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 424007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 05:30:21 GMT
expires: Wed, 18 Dec 2024 05:30:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E18A 829 B
1 KB 106ms
104ms Document
text/html 142.250.76.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f4.1e100.net

Software

GSE /

Resource Hash

7b4bcd31677b0477759eb8a28b3fd5db7280baefcee5bb45c7ab9e89fbd8f2a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8zrntGaRdQfJToGIAPJ0Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8zrntGaRdQfJToGIAPJ0Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 03:17:08 GMT
expires: Sun, 24 Dec 2023 03:17:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A7D 39 KB
15 KB 3ms
2ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 00:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 270586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 00:07:22 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 3A7D 0
40 B 2ms
2ms Image
text/plain 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kN6vJQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 7454 2 B
211 B 98ms
95ms XHR
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1196281134&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&dr=&dp=%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&dh=www.heraldonline.com&ul=en-us&de=UTF-8&dt=Error%3A404%20%7C%20Rock%20Hill%20Herald&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YADAAUABAAAAACgDIC~&jid=934682130&gjid=1409900361&cid=737356277.1703387829&tid=UA-48284889-1&_gid=2032101629.1703387829&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&cg1=Herald%20Online&cg2=404&cd1=RHH&cd2=Herald%20Online&cd3=Other&cd4=Online%7CSystemResponse%7CError%7C%7C&cd6=404&cd7=Product%3A%20Escenic&cd14=&cd15=&z=1433124702

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E18A 0
0 138ms
137ms Image
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=987889522045701&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ Frame 7338 141 B
339 B 215ms
214ms XHR
text/plain 44.219.13.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ,%20GHZN9LleKWz0uNsDtvQTcQ&is_js=true&landing_url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&t=sapx&tip=d_Bx2MX7AAsz27glQgTiYRzYLtBIjxicFTme3C5x_tY&host=https%3A%2F%2Fwww.heraldonline.com&sa-user-id-v3=s%253AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCC0xZ6sBjABOgQ8w7t9QgSqjImP.r8CnjikEtnBszNmeqIYdndGbpkAYRiq7GaprXJv73kQ&sa-user-id-v2=s%253AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%252BIs%252BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0&sa-user-id=s%253A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%252B4dslblU%252F10yFviDDAq561eImM9zXc%252BMfbuDNTzNAE
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.219.13.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-13-108.compute-1.amazonaws.com
Software: /
Resource Hash: 9767a15f0fe9626f2b1c6a03d34c87768bc3866488f231624cdecf8f2d9323b2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://www.heraldonline.com
date: Sun, 24 Dec 2023 03:17:09 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 141
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 7454 8 B
357 B 336ms
95ms XHR
text/plain 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48284889-1&cid=737356277.1703387829&jid=934682130&gjid=1409900361&_gid=2032101629.1703387829&_u=YADAAUAAAAAAACgDIC~&z=911089323

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 24 Dec 2023 03:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1050469878;labels=RHH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html;ref=https%3A%2F%2Fwww.heraldonline.com%2...
pixel.quantserve.com/ Frame 4F15 35 B
371 B 183ms
176ms Image
image/gif 103.229.10.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1050469878;labels=RHH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html;ref=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html;uht=2;fpan=1;fpa=P0-746157123-1703387828818;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us_privacy=1---;d=heraldonline.com;dst=0;et=1703387829147;tzo=-480;ogl=;ses=f8b2e220-4d30-4f4a-98a3-ec23449ac9cd;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 j Show response
rp.liadm.com/ Frame C1AD 49 B
372 B 1037ms
194ms XHR
application/json 44.193.106.93

General

Check archive.org

Show headers Download Go to

Full URL: https://rp.liadm.com/j?dtstmp=1703387829199&aid=a-01ef&se=e30&duid=5fb552a76ef3--01hjcx6yype58ae5f2y1xgxc3s&tna=v2.11.2&pu=https%3A%2F%2Fwww.heraldonline.com%2F2011%2F07%2F08%2F3204275%2Fnew-drummer-adds-chops-to-mack.html&us_privacy=1---&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3RpdGxlPg
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.106.93 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dcc62412f680047c746e6a01da8df55975d718dc3b1e892404ea8703960442a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 03:17:10 GMT
x-pixel-event-id: 3fc935f3-7166-4d2e-9fa0-d2c5ab3eebd1
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.heraldonline.com
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 49

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
257 B 19ms
5ms Fetch 34.149.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1405
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.26.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.26.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 24 Dec 2023 03:17:09 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 24CF 3 KB
2 KB 21ms
10ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 375
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 83a5b08d2e126a51-SYD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 03:17:09 GMT
expires: Sun, 24 Dec 2023 07:17:09 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 load-cookie.html Show response
bidder.newspassid.com/static/ Frame 696D 12 KB
13 KB 195ms
192ms Document
text/html 52.45.163.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=3a29cf42-4302-44f2-959e-c79f687badb7&publisherId=NPID10000002&siteId=3500000243&cb=1703387825894&bidder=newspassid
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/heraldonline.com/htlbid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.163.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-163-120.compute-1.amazonaws.com
Software: /
Resource Hash: 202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2

Request headers

Referer: https://www.heraldonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 12255
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 03:17:09 GMT
expires: 0
last-modified: Tue, 19 Dec 2023 10:33:53 GMT
pragma: no-cache
vary: Origin

GET

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NWRlNTQwNjAtNTQ2MC00Nzg0LWEyM2ItYTIzZjU0MmY0MmQ0&gdpr=0&gdpr_consent=&ttd_tdid=5de54060-5460-4784-a23b-a23f5...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=5de54060-5460-4784-a23b-a23f542f42d4&google_gid=CAESEFn4zPPLPoJWe1XzWi0EJBI&google_cver=1
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://tags.bluekai.com/site/5386?id=5de54060-5460-4784-a23b-a23f542f42d4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://ups.analytics.yahoo.com/ups/55953/sync?uid=5de54060-5460-4784-a23b-a23f542f42d4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true

0
0

GET
H2 200 ga-audiences
www.google.com/ads/ Frame 7454 42 B
293 B 103ms
101ms Image
image/gif 142.250.76.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48284889-1&cid=737356277.1703387829&jid=934682130&_u=YADAAUAAAAAAACgDIC~&z=1961736748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.100 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ Frame 7454 42 B
107 B 107ms
106ms Image
image/gif 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48284889-1&cid=737356277.1703387829&jid=934682130&_u=YADAAUAAAAAAACgDIC~&z=1961736748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cookie_sync Show response
bidder.newspassid.com/ Frame 696D 3 KB
4 KB 192ms
192ms XHR
text/plain 52.45.163.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/cookie_sync
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=3a29cf42-4302-44f2-959e-c79f687badb7&publisherId=NPID10000002&siteId=3500000243&cb=1703387825894&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.163.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-163-120.compute-1.amazonaws.com
Software: /
Resource Hash: 99e61282ac75ed21f01175ec1a2d05a06e62ca8b69672a02978d84887c18becb

Request headers

Referer: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=3a29cf42-4302-44f2-959e-c79f687badb7&publisherId=NPID10000002&siteId=3500000243&cb=1703387825894&bidder=newspassid
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 03:17:09 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bidder.newspassid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 142ms
140ms Image
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=987889522045701&bg=!ExClEF_NAAY3kmNgF5I7ADQBe5WfONuwUIT6czy6UbK_IXdA7NzVKEm27i3HfsqC4OhEnTdoLbKiqMike98IucJA5nVBAgAAAFRSAAAAA2gBB5kC_uJNO1ru2QjR1DzqEy1qUHa5DuHhNs9Yl62p52Arj311I594prWy5lwgv3GpeQJ94NWszy5cqZioanvwye-7ESJbUw68GzrGP3JyLIQidzpjeAOc6AwwYs1--HePsm8-__8I9EUc9A2We-dNSZGjvqdTu5b2PP6i46QZTQgEve-3sLibpl3SKrD8-nPFjMmfNoBczr6IS9nRVxIHvmFYlxe6msRlCGsSSJSg0uNMHkxOA1leav6b1x0xCFKv0kP-Qxu5ud6qiECRGE6haYmlbWnnMTlM85cDi2YrJ43RscuHcE1EuKgNQDm-GJTcCyvFH9Ds0XqdZ_BzZhm9Qf1unjRMRJTio-nK1pZsNtFv8FUb8Z0iSeWhM79QVpeiL0JlFVEYdL0KB9CBXeok8K_2PpwSeej4BysMnletTLHwnJdQ55roJBvaLHON8z0gExL_4MG3v_WDsBKITDCMS3-DonYkAgulJeP6ZqvFbcsUfiMk4PQ53gl7YLA3v4ZJ71vnRdLeQRBb0ZVw4o1Zg7NiB6_8wAGWzDZcE6T2Gp-rkDY3Rl0R3clshSdeZypy7PEW0fLx-1TnVDpSotexT4QzGXvBY-t3nfiqCO22sKMCq8ryplqB6DtSjcr2AtrOCXhm94zfhVm_q3NgQl2HWWTvJkJg93WYaDPLSwzCaqcPFCXpq8i8Y_CzUdBSoeEiRWMTK9pp9SM0xLQ3lNA_t5OcqgZwxJ4d9VPnHoT34Hv-L8xr_vjRqrSruoZ6vNpiGGbSN7w2rfuxs5JyyKjtF5MgS1Cs-iUCniJ7mFFzF1vQkhWxm9rE-_Xc-lNpKd3dVpoojPtn6H5t40XI4IfQ3mZ2-wmWnj0t8xiaHcPPwkeC8hpK3TjAy1VcP42hy3Hy_ULRsD9CYqcqbeavwgxPyY2hxA4wn2IBgnZsEWVHuXt4B9hV2JbX8Av-SO1EANtIbAneIAnEPfLGFZzdU2xSKHVl6QtgCtEEkWZ6cqbXLcuPYI6X_XcnZptYjBEZlvSJzZ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2

200

setuid Show response
bidder.newspassid.com/ Frame 36F3
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
https://bidder.newspassid.com/setuid?bidder=33across&uid=212391591249730

0
758 B

196ms
196ms

Document
text/plain

52.45.163.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/setuid?bidder=33across&uid=212391591249730
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=3a29cf42-4302-44f2-959e-c79f687badb7&publisherId=NPID10000002&siteId=3500000243&cb=1703387825894&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.163.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-163-120.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bidder.newspassid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 24 Dec 2023 03:17:10 GMT
expires: 0
pragma: no-cache
vary: Origin

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sun, 24 Dec 2023 03:17:09 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://bidder.newspassid.com/setuid?bidder=33across&uid=212391591249730
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP012
x-33x-status: 100000000008200000C

OPTIONS
H2 200 singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame 0
0 142ms
141ms Preflight 3.33.255.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.255.181 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aedf1f689f9b4287e.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-auth-token
Access-Control-Request-Method: POST
Origin: https://www.heraldonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID,x-api-secret,x-tident,x-api-key
access-control-allow-origin: https://www.heraldonline.com
access-control-request-method: POST
content-length: 0
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date: Sun, 24 Dec 2023 03:17:09 GMT
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 singleupload Show response
app.securiti.ai/privaci/v1/consent/cookie/ 67 B
405 B 172ms
172ms XHR
application/json 3.33.255.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.255.181 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aedf1f689f9b4287e.awsglobalaccelerator.com

Software

Resource Hash

f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
X-Auth-Token: 1f80a5d5-be36-4f81-82b0-03e0ae01b509
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 24 Dec 2023 03:17:10 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-credentials: true
content-length: 67
x-xss-protection: 1; mode=block

GET a-01ef
i.liadm.com/s/c/ Frame 7FD3 0
0

GET baker
sli.heraldonline.com/ Frame C1AD 0
0

GET rmphb
sync.1rx.io/usersync2/ Frame 696D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/55953/sync?uid=5de54060-5460-4784-a23b-a23f542f42d4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true

Domain: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ef?duid=5fb552a76ef3--01hjcx6yype58ae5f2y1xgxc3s&euns=0&s=&us_privacy=1---&version=v2.11.2&

Domain: sli.heraldonline.com
URL: https://sli.heraldonline.com/baker?dtstmp=1703387830240

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D[RX_UUID]

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heraldonline.com/2011/07/08/3204275	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: HMEDAKHMJFJJFKCBEKMOKIGCIEPOAABJABHJMFIFCJIALGNHPLAEIHLGENOKCLEEDPGDGPNPCCPMIJMEDALAJKMBGKIJALAKLCLIHDNKMFKIMHEEMJAFAMLEJKOMFDME
www.heraldonline.com/yzoo-binsl	1969-12-31 23:59:59	Name: f5avraaaaaaaaaaaaaaaa_session_ Value: HJBDKFMLEKADJKFMPBHJJAFKAGEPDLKDKPICKGLLONEBGKJLDAOLBJLEEPOLJLLDKLIDDJMIDCMJNDPEHBEACAJCGKJMEGGLPADKGOFEMKFCEOLEMNIOGDDLDBGNNBPK
.heraldonline.com/	1970-01-20 17:09:55	Name: ak_bmsc Value: 1B4D436ACDBEE88C849A410BFB805E27~000000000000000000000000000000~YAAQZkZIaBg/FGiMAQAA83bTmRZj570lEULq/muTiPul2jNQujdqgFaECbtSx8hArE3krxrapFJp6Ed24Lsq2sPFExBSO5YMjsT5Lb2Z+r+l8PwabCVF8weN5NnWdN7jxzq9Cv8S0CdWg15E651cOAoOf2VFmNPAU1+ZgX+BLYrFV6ixwCauHD6FpXJSnUdBxKto9+nQg3oIjbidLKpDimHvCt/+VhQOI1S9v8bPfnprlk0p5KCpxlU9wHBr17VyRr1r2D0agbWEozbbb4mD/u3sXLlprrshVsIaPVG3XWcn2h/AaQ5KXtTP8DVtpPIR7KgiMehSqCsqiedRzGxnnFyiTJ+Ft1BH7dKTXmUE6/vsxJQMWVr1w0YLBx59irYJYBlDGYIJL8dPRZQmf4i/vQ==
.scorecardresearch.com/	1970-01-21 02:45:47	Name: UID Value: 1E6507a70c139913353f6bf1703387823
.postrelease.com/	1970-01-21 01:55:23	Name: visitor Value: c118fe27-91c5-4b4b-af69-a7a972a553c8
.postrelease.com/	1970-01-21 01:55:23	Name: status Value: 0
.liadm.com/	1970-01-21 02:45:47	Name: lidid Value: 59e010b2-f4a4-453c-9814-d4cfe5adcc09
.crwdcntrl.net/	1970-01-20 23:38:35	Name: _cc_id Value: 53ef9d946ddf1c3059b291866e067815
.casalemedia.com/	1970-01-21 01:55:23	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 01:55:23	Name: i Value: c801ed67-8684-4dce-8fbc-c39dd4415de1\|1703387825
.openx.net/	1970-01-20 17:31:23	Name: pd Value: v2\|1703387825\|jElYiuvOhI
.adsrvr.org/	1970-01-21 01:56:50	Name: TDID Value: 5de54060-5460-4784-a23b-a23f542f42d4
.openx.net/	1970-01-20 17:31:23	Name: univ_id Value: 537072971\|5de54060-5460-4784-a23b-a23f542f42d4\|1703387825914899
.ladsp.com/	1970-01-20 17:09:51	Name: cr Value: 1
.ladsp.com/	1970-01-21 02:45:47	Name: smn_uid Value: M8PZ-CJGIMQPlQvh2qV7GBA-Nb4GIqQ
.ladsp.com/	1970-01-21 02:45:47	Name: lum Value: COWOzs7JMRIFCAMQ0AU
.doubleclick.net/	1970-01-21 02:45:47	Name: IDE Value: AHWqTUlDHuAV5Nvyqmc7Bj5A-U4ElLAgAbl2xOUTHD8SZD9uQSjmH0_KqLBtWFvJpVg
.socdm.com/	1970-01-21 02:45:47	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzAzMzg3ODI2fQ
.criteo.com/	1970-01-21 02:31:23	Name: uid Value: 6400a96e-76a3-461e-889e-d0ce5d77ebe5
.criteo.com/	1970-01-21 02:31:23	Name: receive-cookie-deprecation Value: 1
.imrworldwide.com/	1970-01-21 02:31:23	Name: IMRID Value: eb84ddb0-a20a-11ee-8fe9-c77d30ec330f
.ml314.com/	1970-01-21 01:56:50	Name: pi Value: 3640849529058099205
.ml314.com/	1970-01-20 17:29:57	Name: tp Value: 3%253b12%252f24%252f2023%2B03%253a17%253a08%253b0
.eyeota.net/	1970-01-21 01:56:50	Name: mako_uid Value: 18c99d38fa6-18140000010d57f3
.eyeota.net/	1970-01-20 17:09:48	Name: SERVERID Value: 22515~DM
.ml314.com/	1970-01-20 17:09:47	Name: u Value: aHR0cHM6Ly93d3cuaGVyYWxkb25saW5lLmNvbS8%3D
tags.srv.stackadapt.com/	1970-01-21 01:55:23	Name: sa-user-id Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
.srv.stackadapt.com/	1970-01-21 01:55:23	Name: sa-user-id Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
tags.srv.stackadapt.com/	1970-01-21 01:55:23	Name: sa-user-id-v2 Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
.srv.stackadapt.com/	1970-01-21 01:55:23	Name: sa-user-id-v2 Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
tags.srv.stackadapt.com/	1970-01-21 01:55:23	Name: sa-user-id-v3 Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCC0xZ6sBjABOgQ8w7t9QgSqjImP.r8CnjikEtnBszNmeqIYdndGbpkAYRiq7GaprXJv73kQ
.srv.stackadapt.com/	1970-01-21 01:55:23	Name: sa-user-id-v3 Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCC0xZ6sBjABOgQ8w7t9QgSqjImP.r8CnjikEtnBszNmeqIYdndGbpkAYRiq7GaprXJv73kQ
.demdex.net/	1970-01-20 21:28:59	Name: demdex Value: 69523843010224648601120739033774806663
.heraldonline.com/	1970-01-20 17:09:55	Name: bm_sv Value: A0A0BE312A830030365C11E89E5BDFD9~YAAQZkZIaCs/FGiMAQAANJLTmRadVEQ1WRFynFKSioWaKSJ9nVHxraCIFmSlrm9QAuViOyE3pWtUu3IPwfNYgoTgtBVJVAZK0UlfvOGbYYUO+C2udr9+AON2Pfd47vY9w0WEDqSlILCjTkiB4Tv+8PVZne/SCcz/i82vW2r8RINYX2XE4/58L9oxoUxo6sFDgySbpOqmTc/sas9LID8E1nbDA9b05OkECDU19OgRvKAvdzauvXhkPKBK+SZcdn0xGKhB8S3E~1
.dpm.demdex.net/	1970-01-20 21:28:59	Name: dpm Value: 69523843010224648601120739033774806663
.quantserve.com/	1970-01-21 02:40:02	Name: mc Value: 6587a2b5-3ae2b-fa982-ec23f
.adsrvr.org/	1970-01-21 01:56:50	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCOK_yYGbjsI8EAUSEgoDYWFtEgsIpuORreHbtjwQBRIVCgZnb29nbGUSCwj-_e2Pm47CPBAFEhYKB3J1Ymljb24SCwi-nO6Pm47CPBAFGAUgAigBMgsIwL_qubGOwjwQBTgBWgZwcmViaWRgAXIHcnViaWNvbg..
bidder.newspassid.com/	1970-01-20 17:19:52	Name: AWSALBTGCORS Value: ppp2aMLHAEfx7BJRwFfL1CaDfjddDp1we5nxu2RiaQkdYB/4ptM8Em28jrZpMHxhAj0l4Fra108UVd9Mk3RlW2cq+50EsjlKNkpZnEhdmQTehEtSq5Tu5czsUSgxfmNcUVxxnV+MruWbpdCHaYUx+sMCa1leFQHVivWVgUz61xRqVW86pjQ=
.bidder.newspassid.com/	1970-01-20 19:19:23	Name: newspassid_uid Value: 2ZyIKhXGff46lVKf11166TAq5Ou

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://profile-api.amplitude.com/v1/userprofile?device_id=b9dc3b9d-bef3-425b-a21e-6d0e887824f3&user_id=&comp_id=apflrqef Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dyv1bugovvq1g.cloudfront.net/11/www.heraldonline.com/2011/07/08/3204275/new-drummer-adds-chops-to-mack.html.js Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.heraldonline.com/yzoo-binsl/quarantine.570c160bcc45b4c89c3c.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://www.heraldonline.com/yzoo-binsl/messaging/webpush_desktop_.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1405 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://htlbid.com/v3/heraldonline.com/htlbid.js(Line 1) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.heraldonline.com') does not match the recipient window's origin ('https://js-sec.indexww.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ams-pageview-public.s3.amazonaws.com
analytics.google.com
api.fullcontact.com
api.lab.amplitude.com
api.rlcdn.com
api2.amplitude.com
app.securiti.ai
b-code.liadm.com
bcp.crwdcntrl.net
bidder.criteo.com
bidder.newspassid.com
c.amazon-adsystem.com
cdn-prod.securiti.ai
cdn.confiant-integrations.net
cdn.jsdelivr.net
cdn.parsely.com
cdn.prod.uidapi.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
cr-p3.ladsp.com
d15kdpgjg3unno.cloudfront.net
direct.adsrvr.org
dpm.demdex.net
dyv1bugovvq1g.cloudfront.net
e6aa54ac7bcb7f59e67f7c54e3df3cf5.safeframe.googlesyndication.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
gum.criteo.com
heraldonline.com
htlb.casalemedia.com
htlbid.com
i.liadm.com
idx.liadm.com
jadserve.postrelease.com
jp-u.openx.net
js-sec.indexww.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
match.adsrvr.org
mcclatchy-next-apps-prod.s3.amazonaws.com
ml314.com
oa.openxcdn.net
oajs.openx.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.quantserve.com
profile-api.amplitude.com
ps.eyeota.net
rp.liadm.com
rules.quantcount.com
s.ntv.io
sb.scorecardresearch.com
sdk.iad-05.braze.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sli.heraldonline.com
sqs.us-east-1.amazonaws.com
ssc-cms.33across.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.crwdcntrl.net
tags.crwdcntrl.net
tags.fullcontact.com
tags.srv.stackadapt.com
targeting.unrulymedia.com
tg.socdm.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
vi.ml314.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.heraldonline.com
www.i.matheranalytics.com
i.liadm.com
sli.heraldonline.com
sync.1rx.io
ups.analytics.yahoo.com
103.229.10.211
104.18.36.155
104.18.38.76
104.74.36.170
107.178.250.234
124.146.153.160
13.215.109.145
13.215.71.16
13.224.181.56
13.224.181.82
13.224.181.83
13.227.21.165
13.35.147.107
13.35.151.131
142.250.204.14
142.250.204.2
142.250.204.8
142.250.66.194
142.250.67.3
142.250.76.100
142.251.221.65
142.251.221.67
15.197.196.10
151.101.129.229
151.101.194.132
151.101.66.133
166.108.36.245
172.217.167.66
172.217.167.98
172.217.24.42
172.64.144.166
18.155.204.188
18.244.214.70
18.67.111.115
18.67.111.2
18.67.114.43
18.67.93.103
18.67.93.106
18.67.93.116
18.67.97.57
182.161.73.129
182.161.73.136
182.161.73.145
216.239.32.181
23.196.44.26
3.239.232.4
3.33.255.181
34.102.146.192
34.117.77.79
34.120.107.143
34.149.26.226
34.232.181.85
34.98.64.218
35.162.220.137
35.201.104.135
35.244.159.8
35.71.131.137
44.193.106.93
44.219.13.108
44.226.76.220
50.112.107.235
52.11.87.56
52.4.236.210
52.45.163.120
52.7.152.132
54.153.211.209
54.198.156.105
54.231.195.25
54.79.170.153
64.233.170.156
65.8.171.198
67.202.105.24
74.118.186.106
99.84.238.198
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09d2f41b51b021295d974fe9a031a76455080715854ab8d53472c16813efc99c
0a56351d58a5d6cd081830c9e6456e03c8a7202fa6ee78c96b033a4c85863a6d
0ad62f88cfbe521881823b3b018a1f97bf2ea0e273ab5f89aab78e586b2ce9d6
0aea5f120a20b1ea5420d77bbafc9b25243efbe5ccc44d8402d3f1c83afd5d97
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9c4fcd4a16a172175f91be6fce89f5c52272fc7791fd58d00ccf25e9e783df
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10ca218fc957f3b1b7f8f0a0f6bab1c8b384ed7d6edda052614bf8cc9c14eac2
11d41cd35185d4299f45f94f85cb57dd29d7c58fe9d5526198aef09640f8c388
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
147a18f3a2fbe9c12fc39f4306937fd3ffb54e152a59bd1060ec4cfa2febad31
14ce3b81ccfc257a12dd365d766d97bb5197395a1717e74d5d09425638804dd3
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
195de4dc686f2d98b3f4aa06ac93bf54dd5cf0bf07113a0557a6cc7f8ff276ee
1a047930359bd58062b618ac4a6e9475fcc576f28adeb829707312f93514d952
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2
20a7ff10b00da8bd3da44be3cb6d2a6068951790883ab5da4c59477183447e0d
21d09a99930de7d54dcbfa583200d7e5728928f9837edc6149b4875680f214ca
22c1d3568f6833497b6563dbae4a25e098153cc18c5971a535707e9879f3c007
24876072d5f5f5e683e1154a1f5e069c9fec6ccd11a877b4df721ea96ea199c2
2a857e7bddc26e899d8b330da1a76f7425f84e40e5bacdad8bdf88ec0112d513
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
31597b45fe9848afbf9851daf52c1c20a384a3e5be3378809f2e528af34c097b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33403b13541ca66c01e02356fff3df90bf9a21d6fb975e865fff3e13dfadcdb6
35783c8648168a6a67fca5fef8346883565f6f7152a13c72a4b1fa2dca23f05c
358e679f1a2d97a7f13f69ae8464d7f47005caa8b1767f448a90d3a54f617c1f
383dbb723333ea738ec990b8842da537b2b06f80316f4c250f051456a7f288a5
39648f385aed2f5f7fe2ebfd7992ea87ffc6c6356b181650d75d53e9088f1dc3
39a0e4462e2946c80e91477d2d694bc0269e35ac69c14f75449bef1adc8aec87
3a046696801ec80078bf5692bf72014e1858ea0e827e1b19eae17af3ffa3ed32
3b698748f2e584d99efa8a524c419746d6881c45b1ceae8f2f4723376ac9824a
3c18c992ea79a042f98e789b18251804e99c1a732bfd567d44f2b17724629257
415d71b9c38b4a02ca305ccad1b718883551e63dd4dcff2bf56c495f8e1274ba
4572cde5e751ea85882221c45d869121a65ef2e2fd2b95c26dd4355190ea844f
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ae779d5b3b4fa5d413457a49ac9bd5c7d00fd18e4eed456fa5a057719b54b11
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4d17e9fe9a43c70a5f0f9116f55f5bcef2c9131d08a5a22bf35542ff193605b4
4dcc62412f680047c746e6a01da8df55975d718dc3b1e892404ea8703960442a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
549a5e7cdd65556ef5e532b4456a6f0b0c065cca145053e2bac33320468cb0d7
54e65529c34a13adf1ba88aa5d10514dc5a67cc72ca5a9328eaf3465b788fe91
551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61147ade1da9b49ebbc02138d3e14ec13762c12aa9f3a837e55e7ebe01bdd5fc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
69523c3379f776b523746a8a788ff7942fdfe366e76d5dddd7f66e6fb95b80c1
6bce3fd2a74fe4ef36079a29cde8fee398f3f9ce90d6dd8d0ce6d19ecfe92c4a
6d7cfb3a719e09c6543262424b56156f4164853ca9bb7e63e51f956a66cd04d3
6eebacb4467fcf863339daac6eb21e851dabb9ee73cd7c038e5cd7f5e9e375dc
729845d1754207c3f0db940608e937a64c15dec620f6d0af01704e7dd526b29b
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7422a85a653f74d6aca8bdbdfd81886dba02cc32a08587d3be883d8e67ee6923
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d
75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6
77176019b46d1fe5e5b8dfe70d741c98fa01ea452be01438aaa110c0b783938b
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f
7b4bcd31677b0477759eb8a28b3fd5db7280baefcee5bb45c7ab9e89fbd8f2a4
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
7e6f46b7bac7345de8666b80d10084702f163727054cec5707958b21c03eecb2
7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767
7ef1c98469dfec32c2a5cf92ef95c869f86e06f19e633bb70a65ff3a23b8c5a6
8093a8ec5761d9771e303f518f88d48e2e84a811278f2a9fda1b920a33e6189c
809a37bd42adff1c5c0e4f42d93c88fd205c1a341c90de56276797b47c7ffaa6
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
844f0527fa5c78c6091b48678c3bbe639ff46b2bdbc37c3d2928e8b23997d7db
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
865cf4e6d16e7b9b50acc5825874547ca8154c6b973470dc78b55801ea49ac3a
874cfdcfaf38444c9f3f3f29f491d63d843166c3319b22b1a1599e9d6872176d
8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e
8f3aab042e219aedb99bfd80766f2c9797109f38fc9c1b6d11b366369ca7debd
93726210bcee02b1b63b7a9ba59f901d106fed6729ae1aafc4e85108b2d945be
95c490fe449684e07b792ead7aac0da81c8a89b2bc8e220ff42e129ed5e65223
96465474d751b6bff0d53644b4e3549c67a2013220785d3ce648bfa50b0adeae
9767a15f0fe9626f2b1c6a03d34c87768bc3866488f231624cdecf8f2d9323b2
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
99e61282ac75ed21f01175ec1a2d05a06e62ca8b69672a02978d84887c18becb
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9dd8a2039143a2215832e291e5540757056cecfa77e283ab1cb35c8aca9c7e8a
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9fa7225f10499e52877e170c364671b49cc828353e84af3a97076543ab485cc3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b289e6bc8cf121df130fcbddf992171948679a2011d78ee4072bf5fbc6a8b1
a2f2770331da97454b49f5da15de4b42f8d7f3e08f8cb69552ab7900b6a786a8
a4a9335c278c8acec02d8b10604dacee8a251102b05bf74c0d94a573840699f1
a5029367a541d22bc127aa3136a18e48e856dda21833488f9de35808d301b376
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6203f0a6c20fc5de7ca650e0014c34e8fcaa4a7ba5529653389c007d09ca0d4
a646295bfa322621814bc2b5a9ed4b9eeba371e6ff11bfdb4d9e8f8c5db20466
ac9df448aa1f32253067e83629b426f929a773caba9debd553cd8b04df563382
adf9e0e437a7242ccb145fd7c33dcde53ce757650fd680acdd6164f604e62b1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1da2a1da550a435946da6e49a9ade3363922bd6ba10bfbd7f733e62d64dde6c
b2ad9300a8067a880aca995f7cb7ea3fea3c4a6758452fe6f309d2e1ea66f5f6
b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051
b37450191a725333bfc7bbbccc90c46f16100c799741a849f650fa7a0e55c4b1
b9984c8c2db6be88394af7aaea6a3e815012cc4b6a3579bdb76919a3bd0ec0f3
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
c0c9703273d80cf01557170addc08db927f6e5f920952a0b580a3e5c1682ef7d
c5d0343dcc66a7e49d2d672b4c4a9e751f91c8be8260f112b2707a2f9c1c18ef
c8001fdc5051b7bc0a65837b0c981810181fa2a79d6fe129bd06a60261a993b5
c891dc1120f82159a36c2cda20ac28ada68c688e3a9d4a4e3dbced19ec8ea4e4
ca82ef793e7402a2b77727d99d656bab2ce488bec947cda7a92a99d865d08aa1
ca8497d21828b87d2b8815b8c5709d14ccac5911f6f654b539660fdcf5c059d0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a
d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee
d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83
d36b97832b3c94a65881f0b9f2bbcb4d2c8750f406c5094158d714e0f85d55b9
d5493cdce45af3a1aad505d6c770d5402055006a27f1cfe5e91dbbd25228ef5e
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb
dc3a54a67fff2aad738e7e631913dcb2ee55751fdd8324520b4ed9be6814ef1e
dcd855880965e4ff11fa63391d73254249a191b7eebd26e492c223fc0316b7cf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df748aef521863946d1997ab2f67089074635102ae6f9d92d2014b36716fd886
e098380aefb62bbbe428c62b843c4fda4575131ff1c90c6d70df1ab53b974e25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43eb99e2ef32c0661e394f3d124f5576c2fd67005361d96ac6cdeabca27d157
e4e753842160e0b1dcf80256e53777ef4f2345f364cbf8e6de312c765c017286
e611107959bfdf5fe58802b27ee170c76f80a6d88ab2295e07682254f8e1709b
e73c544e2b2e9d3c4b8b1abd373b9a6b80e0c13f0cd4afe3deb9b75eac0aa54b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef20dcb84e60fc1466862df5688eb581840bede74f1e95cb98a82d7ba79af943
f02d8d4d6de83d5e35211735eac43aa8aab30c9ca7f7337e77cc7e5adfccdb98
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
f1e3a281e91589c55263083ed41b09ba75dceab7f7691e25df55e146b4dcb127
f23a7571bc801ca854bc9f3adf6e654f07a2fca29e25c501e845b986784d9137
f33c96fdfb2c7ed90d4842e5c816f96c660a007b6223fc503423cf0a196bb80c
f7c607018d111292dcbcd123b2038a61b3d33b1130338ab2a74fa54ed5d174c1
f8b6c9c54b92e84d51baaa440ed1020d0143bc83765077cb1d12b0c5449a4ec6
f9a5f24c4d1eb64942b68f1e4fbadf78a8a1a3d15c49d32f3507fd321b8f53c0
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27
fde58cbf65cbe6761e9b1dc4fd7a8045c3a28aa374f918ac5f084c46a3e6fa43
fe2745aa3cce40295e39a32a3fc84fe2ffe0e5748a3db9184be1fdf369949759
fef2d5cff8e7ce28179612bc1f137a6f323d0dff45c95ff630fee21734846347

www.heraldonline.com Open in urlscan Pro 23.196.44.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

214 Requests

78 %HTTPS

0 %IPv6

51 Domains

83 Subdomains

69 IPs

5 Countries

2041 kBTransfer

6363 kBSize

39 Cookies

28 Outgoing links

Page URL History

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.heraldonline.com Open in urlscan Pro
23.196.44.26 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

78 %
HTTPS

0 %
IPv6

51
Domains

83
Subdomains

69
IPs

5
Countries

2041 kB
Transfer

6363 kB
Size

39
Cookies

214 HTTP transactions
1 data transactions