urlscan.io logo urlscan.io
SecurityTrails logo

www.register-herald.com Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://register-herald.com/highschoolsports/x519089349/West-Virginia-High-School-Soccer-Coaches-Association-names-all-state...
Effective URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-t...
Submission: On December 23 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 121 IPs in 13 countries across 126 domains to perform 574 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.register-herald.com.
TLS certificate: Issued by GTS CA 1P5 on December 10th 2023. Valid for: 3 months.
This is the only time www.register-herald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 12 192.104.182.209 10668 (LEE-ASN)
44 104.16.133.24 13335 (CLOUDFLAR...)
2 142.251.221.74 15169 (GOOGLE)
1 18.67.93.51 16509 (AMAZON-02)
1 18.238.192.23 16509 (AMAZON-02)
2 34.124.133.154 396982 (GOOGLE-CL...)
16 172.217.24.34 15169 (GOOGLE)
1 13.35.147.96 16509 (AMAZON-02)
4 216.17.34.108 10242 (USINTERNET)
1 152.199.39.108 15133 (EDGECAST)
2 54.82.174.208 14618 (AMAZON-AES)
2 18.67.111.63 16509 (AMAZON-02)
10 172.217.167.72 15169 (GOOGLE)
4 34.110.179.148 396982 (GOOGLE-CL...)
3 142.250.204.3 15169 (GOOGLE)
5 12 52.7.58.147 14618 (AMAZON-AES)
2 18.67.111.66 16509 (AMAZON-02)
1 13.227.74.68 16509 (AMAZON-02)
5 18.67.92.138 16509 (AMAZON-02)
11 44.229.89.216 16509 (AMAZON-02)
11 172.217.24.46 15169 (GOOGLE)
3 8 103.229.10.180 16509 (AMAZON-02)
5 9 35.244.154.8 396982 (GOOGLE-CL...)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
17 25 142.251.221.66 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 18.67.107.130 16509 (AMAZON-02)
24 188.240.13.2 39572 (ADVANCEDH...)
1 18.67.111.25 16509 (AMAZON-02)
4 18.67.89.160 16509 (AMAZON-02)
1 142.250.66.206 15169 (GOOGLE)
2 172.64.144.166 13335 (CLOUDFLAR...)
17 35 99.86.199.68 16509 (AMAZON-02)
1 44.240.52.117 16509 (AMAZON-02)
1 18.67.111.2 16509 (AMAZON-02)
1 142.250.67.14 15169 (GOOGLE)
5 172.253.118.155 15169 (GOOGLE)
2 172.217.167.67 15169 (GOOGLE)
2 18.67.114.43 16509 (AMAZON-02)
2 34.117.126.186 396982 (GOOGLE-CL...)
6 14 103.43.89.4 29990 (ASN-APPNEX)
2 27 34.98.64.218 396982 (GOOGLE-CL...)
3 24 172.64.151.101 13335 (CLOUDFLAR...)
8 54.254.123.235 16509 (AMAZON-02)
2 182.161.73.145 55569 (CRITEO-AS...)
1 36 18.67.100.98 16509 (AMAZON-02)
1 142.250.204.14 15169 (GOOGLE)
1 13.224.181.82 16509 (AMAZON-02)
1 151.101.129.229 54113 (FASTLY)
3 18.244.214.125 16509 (AMAZON-02)
2 19 52.46.128.147 16509 (AMAZON-02)
1 34.120.58.62 396982 (GOOGLE-CL...)
1 54.92.251.225 14618 (AMAZON-AES)
3 142.250.67.1 15169 (GOOGLE)
2 52.203.158.103 14618 (AMAZON-AES)
1 52.1.61.41 14618 (AMAZON-AES)
2 182.161.73.129 55569 (CRITEO-AS...)
14 142.250.204.1 15169 (GOOGLE)
6 142.250.204.2 15169 (GOOGLE)
1 182.161.73.148 55569 (CRITEO-AS...)
3 172.105.176.240 63949 (AKAMAI-LI...)
2 2 13.35.147.57 16509 (AMAZON-02)
4 9 35.213.12.39 15169 (GOOGLE)
2 2 54.255.29.160 16509 (AMAZON-02)
2 2 35.208.249.213 19527 (GOOGLE-2)
5 5 54.92.19.245 16509 (AMAZON-02)
1 7 18.139.210.126 16509 (AMAZON-02)
4 23.215.59.10 16625 (AKAMAI-AS)
2 23.204.65.234 16625 (AKAMAI-AS)
5 207.65.33.83 62713 (AS-PUBMATIC)
13 20 69.173.158.64 26667 (RUBICONPR...)
10 11 52.223.40.198 16509 (AMAZON-02)
1 1 124.146.153.168 2514 (INFOSPHER...)
2 2 13.224.181.67 16509 (AMAZON-02)
2 107.23.71.155 14618 (AMAZON-AES)
2 2 107.21.52.231 14618 (AMAZON-AES)
2 2 18.238.192.123 16509 (AMAZON-02)
3 3 198.8.71.130 54312 (ROCKETFUEL)
2 2 34.160.19.107 15169 (GOOGLE)
1 1 45.137.176.88 60350 (VP)
6 7 13.228.126.19 16509 (AMAZON-02)
1 7 52.76.144.130 16509 (AMAZON-02)
2 151.101.1.108 54113 (FASTLY)
4 104.18.38.76 13335 (CLOUDFLAR...)
1 13.224.181.50 16509 (AMAZON-02)
1 20 18.67.93.126 16509 (AMAZON-02)
1 1 34.111.147.92 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.176.234.133 16509 (AMAZON-02)
2 54.248.125.194 16509 (AMAZON-02)
4 4 54.224.142.7 14618 (AMAZON-AES)
1 2 35.186.253.211 15169 (GOOGLE)
2 220.150.223.50 4686 (BEKKOAME ...)
3 3 50.116.239.135 6336 (TURN-US-ASN)
4 4 98.98.134.241 21859 (ZEN-ECN)
6 6 185.184.8.90 204995 (RTB-HOUSE...)
1 182.161.74.19 55569 (CRITEO-AS...)
1 1 216.200.232.249 30419 (MEDIAMATH...)
21 207.65.33.82 62713 (AS-PUBMATIC)
2 5 34.111.113.62 396982 (GOOGLE-CL...)
1 3 52.74.215.70 16509 (AMAZON-02)
1 2 119.9.108.191 45187 (RACKSPACE...)
22 29 34.126.167.117 396982 (GOOGLE-CL...)
2 38.91.45.7 398989 (DEEPINTENT)
4 4 89.207.22.76 41041 (VCLK-EU-SE)
1 1 122.248.253.6 16509 (AMAZON-02)
2 2 52.74.26.171 16509 (AMAZON-02)
2 3 151.101.130.49 54113 (FASTLY)
1 3 142.250.76.100 15169 (GOOGLE)
2 2 35.214.194.156 15169 (GOOGLE)
2 3 52.223.2.229 16509 (AMAZON-02)
2 3 52.201.84.54 14618 (AMAZON-AES)
1 1 23.215.59.229 16625 (AKAMAI-AS)
2 3 209.191.163.209 32475 (SINGLEHOP...)
1 2 104.99.59.16 20940 (AKAMAI-ASN1)
1 1 80.77.87.162 46636 (NATCOWEB)
1 1 23.106.127.164 59253 (LEASEWEB-...)
1 37.157.5.133 198622 (ADFORM)
9 11 74.118.186.107 6336 (TURN-US-ASN)
9 18.155.202.81 16509 (AMAZON-02)
1 1 23.106.127.52 59253 (LEASEWEB-...)
2 2 50.31.142.223 23352 (SERVERCEN...)
1 1 8.43.72.98 26667 (RUBICONPR...)
2 52.63.198.172 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 54.239.33.158 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 131.153.206.103 59210 (PHOENIXNA...)
1 1 52.4.171.27 14618 (AMAZON-AES)
1 104.21.57.34 13335 (CLOUDFLAR...)
1 207.65.33.78 62713 (AS-PUBMATIC)
5 54.212.6.185 16509 (AMAZON-02)
4 207.65.33.76 62713 (AS-PUBMATIC)
2 182.161.73.136 55569 (CRITEO-AS...)
1 142.250.204.20 15169 (GOOGLE)
3 4 185.84.60.23 198622 (ADFORM)
1 1 192.96.203.13 30633 (LEASEWEB-...)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 54.95.230.145 16509 (AMAZON-02)
1 1 18.67.111.97 16509 (AMAZON-02)
2 3 107.178.240.89 15169 (GOOGLE)
1 2 52.0.156.250 14618 (AMAZON-AES)
1 52.21.185.227 14618 (AMAZON-AES)
1 23.202.168.221 16625 (AKAMAI-AS)
2 209.191.163.152 32475 (SINGLEHOP...)
1 1 172.217.167.66 15169 (GOOGLE)
1 1 142.250.67.2 15169 (GOOGLE)
1 72.34.250.78 27630 (AS-XFERNET)
2 141.95.33.120 16276 (OVH)
1 13.213.147.200 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 182.161.73.146 55569 (CRITEO-AS...)
1 1 172.104.64.149 63949 (AKAMAI-LI...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 52.74.118.249 16509 (AMAZON-02)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 162.19.138.119 16276 (OVH)
4 72.34.250.75 ()
2 2 74.214.196.131 19189 (PULSEPOINT)
1 2 23.106.127.170 ()
1 1 18.179.74.69 16509 (AMAZON-02)
1 35.213.64.108 ()
574 121
12    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
register-herald.com
www.register-herald.com
44    104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
2    142.251.221.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
fonts.googleapis.com
1    18.67.93.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-51.syd62.r.cloudfront.net
cmp.osano.com
1    18.238.192.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-192-23.sfo53.r.cloudfront.net
cdn-gateflipp.flippback.com
2    34.124.133.154 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 154.133.124.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
16    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.35.147.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-96.syd1.r.cloudfront.net
prod.adspsp.com
4    216.17.34.108 (United States)

ASN10242 (USINTERNET, US)
register-herald-cnhi-pw.newsmemory.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
2    54.82.174.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-208.compute-1.amazonaws.com
static.cnhionline.com
2    18.67.111.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-63.syd62.r.cloudfront.net
cdn.viafoura.net
10    172.217.167.72 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f8.1e100.net
www.googletagmanager.com
4    34.110.179.148 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 148.179.110.34.bc.googleusercontent.com
bandborder.com
3    142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net
fonts.gstatic.com
12    52.7.58.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-58-147.compute-1.amazonaws.com
photos.register-herald.com
2    18.67.111.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-66.syd62.r.cloudfront.net
consent.api.osano.com
1    13.227.74.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-74-68.sfo20.r.cloudfront.net
geo.adspsp.com
5    18.67.92.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-92-138.syd62.r.cloudfront.net
c.amazon-adsystem.com
11    44.229.89.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-89-216.us-west-2.compute.amazonaws.com
adspsp.com
11    172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f46.1e100.net
www.google-analytics.com
8    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
9    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
25    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    18.67.107.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-107-130.syd62.r.cloudfront.net
static.chartbeat.com
24    188.240.13.2 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn-p.cityspark.com
cdn59755463.blazingcdn.net
1    18.67.111.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-25.syd62.r.cloudfront.net
p.flipp.com
4    18.67.89.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-89-160.syd62.r.cloudfront.net
cdn.segment.com
1    142.250.66.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net
ampcid.google.com
2    172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
35    99.86.199.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-199-68.nrt51.r.cloudfront.net
live.primis.tech
rtb.primis.tech
1    44.240.52.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-117.us-west-2.compute.amazonaws.com
api.segment.io
1    18.67.111.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-2.syd62.r.cloudfront.net
config.aps.amazon-adsystem.com
1    142.250.67.14 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f14.1e100.net
analytics.google.com
5    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
stats.g.doubleclick.net
2    172.217.167.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f3.1e100.net
www.google.com.au
2    18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net
aax.amazon-adsystem.com
2    34.117.126.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.126.117.34.bc.googleusercontent.com
bids.concert.io
14    103.43.89.4 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
27    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
cnhi-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
justapinch-com-d.openx.net
24    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    54.254.123.235 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
2    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
36    18.67.100.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-100-98.syd62.r.cloudfront.net
cdn.smugmug.com
www.smugmug.com
photos.smugmug.com
1    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
ampcid.google.com.au
1    13.224.181.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-82.syd1.r.cloudfront.net
rules.quantcount.com
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    18.244.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-125.sfo53.r.cloudfront.net
static.adsafeprotected.com
19    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
1    54.92.251.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-251-225.compute-1.amazonaws.com
ping.chartbeat.net
3    142.250.67.1 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f1.1e100.net
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
2    52.203.158.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-158-103.compute-1.amazonaws.com
stats-new.smugmug.com
1    52.1.61.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-61-41.compute-1.amazonaws.com
api.viafoura.co
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
14    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
tpc.googlesyndication.com
6    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
www.googletagservices.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
3    172.105.176.240 (Sydney, Australia)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: d15.adspeed.us
g.adspeed.net
2    13.35.147.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-57.syd1.r.cloudfront.net
s.ad.smaato.net
9    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    54.255.29.160 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-29-160.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
5    54.92.19.245 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-19-245.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
7    18.139.210.126 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
4    23.215.59.10 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-59-10.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.204.65.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-65-234.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
20    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.153.168 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.224.181.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-67.syd1.r.cloudfront.net
cr-p3.ladsp.com
2    107.23.71.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-71-155.compute-1.amazonaws.com
notifications.viafoura.co
i.viafoura.co
2    107.21.52.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-52-231.compute-1.amazonaws.com
i.liadm.com
2    18.238.192.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-192-123.sfo53.r.cloudfront.net
live.rezync.com
3    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
7    13.228.126.19 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    52.76.144.130 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    13.224.181.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-50.syd1.r.cloudfront.net
api.intentiq.com
20    18.67.93.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-126.syd62.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    34.111.147.92 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.147.111.34.bc.googleusercontent.com
sync-axelmark-dsp.focas.jp
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
bk.r-ad.ne.jp
2    54.248.125.194 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-125-194.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
4    54.224.142.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-142-7.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
21    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
3    52.74.215.70 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-215-70.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
29    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
2    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
apsoutheast-match.deepintent.com
match.deepintent.com
4    89.207.22.76 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-nessy-float2.dotomi.com
openx2-match.dotomi.com
pubmatic-match.dotomi.com
1    122.248.253.6 (Bedok New Town, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-122-248-253-6.ap-southeast-1.compute.amazonaws.com
i.w55c.net
2    52.74.26.171 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-26-171.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    142.250.76.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f4.1e100.net
www.google.com
2    35.214.194.156 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 156.194.214.35.bc.googleusercontent.com
csync.loopme.me
3    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    52.201.84.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-84-54.compute-1.amazonaws.com
mb9eo.publishers.tremorhub.com
simplifi.partners.tremorhub.com
1    23.215.59.229 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-59-229.deploy.static.akamaitechnologies.com
cs.media.net
3    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    104.99.59.16 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-16.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    23.106.127.164 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
1    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
11    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
9    18.155.202.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-202-81.sfo53.r.cloudfront.net
video.primis.tech
1    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    50.31.142.223 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    52.63.198.172 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-198-172.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
1    52.4.171.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-171-27.compute-1.amazonaws.com
sync.ipredictive.com
1    104.21.57.34 (None, )

ASN13335 (CLOUDFLARENET, US)
adserver.paywallproject.com
1    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    54.212.6.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-6-185.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
4    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    142.250.204.20 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f20.1e100.net
japfg-trending-content.appspot.com
4    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    192.96.203.13 (Dunellen, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    54.95.230.145 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-230-145.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
1    18.67.111.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-97.syd62.r.cloudfront.net
d.agkn.com
3    107.178.240.89 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 89.240.178.107.bc.googleusercontent.com
fei.pro-market.net
pbid.pro-market.net
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
1    52.21.185.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-185-227.compute-1.amazonaws.com
sync.bfmio.com
1    23.202.168.221 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-221.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    209.191.163.152 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
www.googleadservices.com
1    142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
googleads.g.doubleclick.net
1    72.34.250.78 (Hemet, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
2    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    13.213.147.200 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-147-200.ap-southeast-1.compute.amazonaws.com
id.crwdcntrl.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1674-149.members.linode.com
gocm.c.appier.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.106.127.170 (None, )

ASN- ()
sync.smartadserver.com
1    18.179.74.69 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-74-69.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    35.213.64.108 (None, )

ASN- ()
e-jp.cmcd1.com
Apex Domain
Subdomains		 Transfer
44 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
video.primis.tech — Cisco Umbrella Rank: 6303
rtb.primis.tech — Cisco Umbrella Rank: 5882
4 MB
44 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 21370
339 KB
42 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
225 KB
38 smugmug.com
cdn.smugmug.com — Cisco Umbrella Rank: 70477
www.smugmug.com — Cisco Umbrella Rank: 107024
stats-new.smugmug.com — Cisco Umbrella Rank: 77016
photos.smugmug.com — Cisco Umbrella Rank: 51033
1 MB
35 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image4.pubmatic.com — Cisco Umbrella Rank: 1224
47 KB
31 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4333
um.simpli.fi — Cisco Umbrella Rank: 780
i.simpli.fi — Cisco Umbrella Rank: 3745
14 KB
29 openx.net
cnhi-d.openx.net — Cisco Umbrella Rank: 148414
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
rtb.openx.net — Cisco Umbrella Rank: 695
justapinch-com-d.openx.net — Cisco Umbrella Rank: 53968
6 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
162 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
18 KB
24 register-herald.com
register-herald.com
www.register-herald.com
photos.register-herald.com
146 KB
23 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
30 KB
22 googlesyndication.com
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
353 KB
21 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1419
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
18 KB
19 blazingcdn.net
cdn59755463.blazingcdn.net — Cisco Umbrella Rank: 26332
2 MB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
secure.adnxs.com — Cisco Umbrella Rank: 478
44 KB
15 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1054
match.sharethrough.com — Cisco Umbrella Rank: 495
4 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
6 KB
13 adspsp.com
prod.adspsp.com — Cisco Umbrella Rank: 18530
geo.adspsp.com — Cisco Umbrella Rank: 96408
adspsp.com — Cisco Umbrella Rank: 16749
90 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
5 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
10 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 602
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
173 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
749 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
3 KB
9 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
api.rlcdn.com Failed
1 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
cms.quantserve.com — Cisco Umbrella Rank: 749
12 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
3 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
ads.as.criteo.com — Cisco Umbrella Rank: 15127
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 21368
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com — Cisco Umbrella Rank: 550
8 KB
6 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
386 KB
6 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 31601
cdn-p.cityspark.com — Cisco Umbrella Rank: 22257
32 KB
5 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2225
sync.go.sonobi.com
5 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 1211
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
2 KB
5 google.com
ampcid.google.com — Cisco Umbrella Rank: 2783
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
2 KB
4 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
sync.smartadserver.com
1 KB
4 dotomi.com
openx2-match.dotomi.com — Cisco Umbrella Rank: 4429
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
1 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
3 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1681
35 KB
4 bandborder.com
bandborder.com — Cisco Umbrella Rank: 130019
30 KB
4 newsmemory.com
register-herald-cnhi-pw.newsmemory.com
205 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2174
pbid.pro-market.net — Cisco Umbrella Rank: 7195
1 KB
3 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6967
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6102
1006 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
884 B
3 w55c.net
i.w55c.net — Cisco Umbrella Rank: 1431
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
3 KB
3 adspeed.net
g.adspeed.net — Cisco Umbrella Rank: 72323
2 KB
3 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 13913
notifications.viafoura.co — Cisco Umbrella Rank: 16183
i.viafoura.co — Cisco Umbrella Rank: 13734
4 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 29909
ampcid.google.com.au
936 B
3 gstatic.com
fonts.gstatic.com
88 KB
3 osano.com
cmp.osano.com — Cisco Umbrella Rank: 4989
consent.api.osano.com — Cisco Umbrella Rank: 9305
89 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
663 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
2 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1661
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 499
d.agkn.com — Cisco Umbrella Rank: 686
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
535 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 586
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
490 B
2 deepintent.com
apsoutheast-match.deepintent.com — Cisco Umbrella Rank: 36248
match.deepintent.com — Cisco Umbrella Rank: 925
83 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12406
486 B
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 21062
75 B
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1510
566 B
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
482 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
652 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
990 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
61 KB
2 concert.io
bids.concert.io — Cisco Umbrella Rank: 9184
601 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
113 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
879 B
2 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 13686
30 KB
2 cnhionline.com
static.cnhionline.com — Cisco Umbrella Rank: 129297
60 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 cmcd1.com
e-jp.cmcd1.com
82 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 28404
399 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
294 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5215
276 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
553 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
436 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
546 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 848
446 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1556
421 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 28132
652 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 2837
473 B
1 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 61573
382 B
1 paywallproject.com
adserver.paywallproject.com
131 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
509 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
516 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
586 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1381
901 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
738 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 31561
549 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
174 B
1 focas.jp
sync-axelmark-dsp.focas.jp — Cisco Umbrella Rank: 979808
450 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
680 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
857 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1455
201 B
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 74086
103 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
83 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
642 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1340
180 B
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 12488
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1767
15 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434
404 B
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 13071
34 KB
0 mrpdata.net Failed
j.mrpdata.net Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 rundsp.com Failed
match.rundsp.com Failed
0 nex8.net Failed
cs.nex8.net Failed
0 inform.com Failed
launch.inform.com Failed
574 126
Domain Requested by
44 bloximages.chicago2.vip.townnews.com www.register-herald.com
bloximages.chicago2.vip.townnews.com
34 live.primis.tech 17 redirects cmp.osano.com
live.primis.tech
www.register-herald.com
29 um.simpli.fi 22 redirects s.amazon-adsystem.com
25 cdn.smugmug.com www.register-herald.com
photos.register-herald.com
cdn.smugmug.com
20 cm.g.doubleclick.net 17 redirects u.openx.net
s.amazon-adsystem.com
19 sync.intentiq.com 1 redirects cmp.osano.com
www.register-herald.com
s.amazon-adsystem.com
ads.pubmatic.com
19 cdn59755463.blazingcdn.net www.register-herald.com
19 s.amazon-adsystem.com 2 redirects cmp.osano.com
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
match.sharethrough.com
ads.pubmatic.com
jp-u.openx.net
16 securepubads.g.doubleclick.net www.register-herald.com
cmp.osano.com
securepubads.g.doubleclick.net
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
www.googletagservices.com
15 simage2.pubmatic.com ads.pubmatic.com
s.amazon-adsystem.com
15 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
14 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
14 us-u.openx.net 1 redirects u.openx.net
jp-u.openx.net
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
cmp.osano.com
12 ib.adnxs.com 4 redirects prod.adspsp.com
acdn.adnxs.com
s.amazon-adsystem.com
12 photos.register-herald.com 5 redirects cmp.osano.com
cdn.smugmug.com
11 match.adsrvr.org 10 redirects live.primis.tech
11 www.google-analytics.com cmp.osano.com
www.googletagmanager.com
www.google-analytics.com
www.register-herald.com
11 adspsp.com www.register-herald.com
10 www.googletagmanager.com www.register-herald.com
cmp.osano.com
10 www.register-herald.com 1 redirects www.register-herald.com
bloximages.chicago2.vip.townnews.com
9 video.primis.tech www.register-herald.com
live.primis.tech
9 x.bidswitch.net 4 redirects s.amazon-adsystem.com
jp-u.openx.net
www.register-herald.com
ads.pubmatic.com
9 photos.smugmug.com photos.register-herald.com
9 idsync.rlcdn.com 5 redirects www.register-herald.com
ssum-sec.casalemedia.com
8 btlr.sharethrough.com prod.adspsp.com
live.primis.tech
7 sync.1rx.io 7 redirects
7 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
jp-u.openx.net
s.amazon-adsystem.com
7 ups.analytics.yahoo.com 6 redirects jp-u.openx.net
7 jp-u.openx.net u.openx.net
cmp.osano.com
jp-u.openx.net
7 match.sharethrough.com 1 redirects s.amazon-adsystem.com
match.sharethrough.com
6 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
6 creativecdn.com 6 redirects
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
js-sec.indexww.com
ssum-sec.casalemedia.com
6 www.googletagservices.com securepubads.g.doubleclick.net
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
5 dt.adsafeprotected.com www.register-herald.com
5 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pixel.tapad.com 2 redirects s.amazon-adsystem.com
5 image6.pubmatic.com ads.pubmatic.com
5 match.prod.bidr.io 5 redirects
5 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
5 cdn-p.cityspark.com cmp.osano.com
cdn.cityspark.com
cdn-p.cityspark.com
5 c.amazon-adsystem.com cmp.osano.com
c.amazon-adsystem.com
live.primis.tech
4 sync.go.sonobi.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.targeting.unrulymedia.com 2 redirects jp-u.openx.net
4 pixel-sync.sitescout.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 ads.pubmatic.com s.amazon-adsystem.com
cmp.osano.com
live.primis.tech
4 pixel.quantserve.com www.register-herald.com
cdn.cityspark.com
cdn.jsdelivr.net
4 cdn.segment.com cmp.osano.com
cdn.segment.com
4 bandborder.com cmp.osano.com
bandborder.com
4 register-herald-cnhi-pw.newsmemory.com www.register-herald.com
cmp.osano.com
register-herald-cnhi-pw.newsmemory.com
3 simage4.pubmatic.com ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 ap.lijit.com 2 redirects www.americanhometownmedia.com
3 eb2.3lift.com 2 redirects
3 www.google.com 1 redirects securepubads.g.doubleclick.net
cmp.osano.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 ad.turn.com 3 redirects
3 p.rfihub.com 3 redirects
3 u.openx.net 1 redirects s.amazon-adsystem.com
jp-u.openx.net
3 g.adspeed.net 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
g.adspeed.net
3 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com cmp.osano.com
3 static.adsafeprotected.com www.register-herald.com
pixel.adsafeprotected.com
blank
3 fonts.gstatic.com fonts.googleapis.com
2 sync.smartadserver.com 1 redirects jp-u.openx.net
2 bh.contextweb.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 cm.adgrx.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 id5-sync.com live.primis.tech
2 ce.lijit.com jp-u.openx.net
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 gum.criteo.com cmp.osano.com
gum.criteo.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 pixel.adsafeprotected.com live.primis.tech
www.register-herald.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 b1sync.zemanta.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
2 mb9eo.publishers.tremorhub.com 2 redirects
2 csync.loopme.me 2 redirects
2 pm.w55c.net 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects s.amazon-adsystem.com
2 sync.crwdcntrl.net 1 redirects s.amazon-adsystem.com
2 sync-dsp.ad-m.asia jp-u.openx.net
ads.pubmatic.com
2 rtb.openx.net 1 redirects jp-u.openx.net
2 dps.jp.cinarra.com jp-u.openx.net
ads.pubmatic.com
2 js-sec.indexww.com cmp.osano.com
2 acdn.adnxs.com cmp.osano.com
2 dmp.brand-display.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 trace.mediago.io 2 redirects
2 ad.360yield.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 static.criteo.net cmp.osano.com
static.criteo.net
2 stats-new.smugmug.com cdn.smugmug.com
2 www.smugmug.com 1 redirects cdn.smugmug.com
2 bidder.criteo.com prod.adspsp.com
2 htlb.casalemedia.com prod.adspsp.com
2 cnhi-d.openx.net prod.adspsp.com
2 bids.concert.io prod.adspsp.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 www.google.com.au www.register-herald.com
2 cdn.confiant-integrations.net cmp.osano.com
2 pippio.com 2 redirects
2 consent.api.osano.com cmp.osano.com
2 cdn.viafoura.net www.register-herald.com
cmp.osano.com
2 static.cnhionline.com www.register-herald.com
2 fonts.googleapis.com www.register-herald.com
cmp.osano.com
2 register-herald.com 1 redirects cmp.osano.com
1 e-jp.cmcd1.com jp-u.openx.net
1 ds.uncn.jp 1 redirects
1 lb.eu-1-id5-sync.com live.primis.tech
1 core.iprom.net ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 t.adx.opera.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 id.crwdcntrl.net live.primis.tech
1 justapinch-com-d.openx.net www.americanhometownmedia.com
1 apex.go.sonobi.com www.americanhometownmedia.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 pbid.pro-market.net
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 image4.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 sync.aralego.com 1 redirects
1 i.simpli.fi cmp.osano.com
1 japfg-trending-content.appspot.com cmp.osano.com
1 rtb.primis.tech live.primis.tech
1 hbopenbid.pubmatic.com live.primis.tech
1 adserver.paywallproject.com 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
1 sync.ipredictive.com 1 redirects
1 prebid.a-mo.net s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 i.viafoura.co www.register-herald.com
1 s.company-target.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 cm.adform.net www.register-herald.com
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 cs.media.net 1 redirects
1 i.w55c.net 1 redirects
1 apsoutheast-match.deepintent.com jp-u.openx.net
1 sync.mathtag.com 1 redirects
1 rtb.jp2.as.criteo.com 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com jp-u.openx.net
1 sync-axelmark-dsp.focas.jp 1 redirects
1 sync1.intentiq.com www.register-herald.com
1 api.intentiq.com live.primis.tech
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 notifications.viafoura.co cdn.viafoura.net
1 tg.socdm.com 1 redirects
1 ads.as.criteo.com 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
1 api.viafoura.co cdn.viafoura.net
1 ping.chartbeat.net www.register-herald.com
1 www.americanhometownmedia.com cmp.osano.com
1 cdn.jsdelivr.net cdn.cityspark.com
1 rules.quantcount.com cmp.osano.com
1 ampcid.google.com.au www.google-analytics.com
1 analytics.google.com www.googletagmanager.com
1 config.aps.amazon-adsystem.com cmp.osano.com
1 api.segment.io cdn.segment.com
1 ampcid.google.com www.google-analytics.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 static.chartbeat.com cmp.osano.com
1 tags.rd.linksynergy.com 1 redirects
1 secure.quantserve.com cmp.osano.com
1 geo.adspsp.com prod.adspsp.com
1 cdn.cityspark.com www.register-herald.com
1 prod.adspsp.com www.register-herald.com
1 tag.simpli.fi www.register-herald.com
1 cdn-gateflipp.flippback.com www.register-herald.com
1 cmp.osano.com www.register-herald.com
0 j.mrpdata.net Failed jp-u.openx.net
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
jp-u.openx.net
0 api.rlcdn.com Failed live.primis.tech
0 match.rundsp.com Failed jp-u.openx.net
0 cs.nex8.net Failed jp-u.openx.net
0 launch.inform.com Failed www.register-herald.com
574 200
Subject Issuer Validity Valid
register-herald.com
GTS CA 1P5		 2023-12-10 -
2024-03-09		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
flippback.com
Amazon RSA 2048 M01		 2023-09-18 -
2024-10-16		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-27 -
2024-02-19		 3 months crt.sh
prod.adspsp.com
Amazon RSA 2048 M03		 2023-11-18 -
2024-12-16		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-02 -
2024-04-01		 a year crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-23		 a year crt.sh
static.cnhionline.com
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
viafoura.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bandborder.com
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ssl.smugmug.com
R3		 2023-10-27 -
2024-01-25		 3 months crt.sh
*.api.osano.com
Amazon RSA 2048 M03		 2023-09-27 -
2024-10-25		 a year crt.sh
geo.adspsp.com
Amazon RSA 2048 M03		 2023-11-21 -
2024-12-19		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
adspsp.com
Amazon RSA 2048 M03		 2023-11-17 -
2024-12-15		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
cdn-p.cityspark.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
flipp.com
Amazon RSA 2048 M01		 2023-07-31 -
2024-08-28		 a year crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2023-09-24 -
2024-10-22		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
bids.concert.io
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
smugmug.com
Amazon RSA 2048 M03		 2023-09-15 -
2024-10-13		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-05-14 -
2024-06-14		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
stats.smugmug.com
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.blazingcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-07-05 -
2024-08-04		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-22 -
2024-02-21		 3 months crt.sh
*.adspeed.net
Sectigo RSA Domain Validation Secure Server CA		 2023-07-16 -
2024-08-01		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-27 -
2024-02-21		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
paywallproject.com
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2023-10-08 -
2024-11-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
e-jp.cmcd1.com
GTS CA 1D4		 2023-11-06 -
2024-02-04		 3 months crt.sh

This page contains 66 frames:

Primary Page: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Frame ID: 5DF95BEC927006C5FB208D84F949138C
Requests: 247 HTTP requests in this frame

Frame: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Frame ID: EC5F3F84B6C74FE4C65C1155114A261E
Requests: 42 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 634ADE147040C3FE78C2D82734CDA444
Requests: 42 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Frame ID: F80A626C9A3D18E9DF6E3A1A09453882
Requests: 30 HTTP requests in this frame

Frame: https://www.smugmug.com/include/js/cookiemonster.mg?smsess=468a9e43c5c9c906b43467626e8943bf&skey=092ef9b3d2db14132b302803b6b4f747
Frame ID: 891EAF2BA3A278198CD016261A977661
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&dcc=t
Frame ID: B24CEDAEBE94CAC373AC3681BFDF35B9
Requests: 1 HTTP requests in this frame

Frame: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2B367A9232A6DE218E0225A059724072
Requests: 1 HTTP requests in this frame

Frame: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 93A3CE37AB3D7C877DAF76A55A72BEE8
Requests: 8 HTTP requests in this frame

Frame: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 62F09ED267ED714E43FA2EF91669C065
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux6kSDYtgAKLBtBZVec0TZ01dZH5JZmK5RLbqhKsbzMZxgpYG5NGxLAfI1JkGOhE4_JbiACk7aN6uyRiodUOZ6RqcV42EEWU21a6ZnM6TgpdbuNcR4VzzBHytV-WVEZIKtDWfEMdS4G-6kKHH5JkFT6tv8mIFzCVtaav6AxeZKAuanzpqN3gvH7pTuKr6POzyIIm6PZSj7kZNep8DVN6W1U32vvuhy6xMcRdhVei-I9kGA76i6rA-zN3a2ZonOhsEfdhBz7QXwv7KP7AFSbluZ_tH8LwOqLGM0hSQqp6RuZjgADl2joAgm6mr7BjG1ksw7mppQj0H1I3OtKzB4e5fUdN_PG3ldjTlLOJp94T6DsRga-LjRedRuOcL6bnm878nFbOUSBfjBU8sg4B3lvog0aiJy&sai=AMfl-YTyrLYMls-rTvHdvs1a_L4vbV036BG56RUFtaMUsJED4yZ1z6Tg_m-KRbL_6HSi96tvXFhqHwf7BOHe5aSvlytr4NVIHrRW76o9PM0hb9E1-KDTRlrnfJ-k5PrlHHq7QoMF8vDIow1t3MDiBnxT4dMZ&sig=Cg0ArKJSzEJjStMqhHRYEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F53F4005BCA672C0A5E8C8BDFDA69528
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZJT2ViC8onGStyVrc8M1N9TRe6o75cR4UE5xGjy5cuWsqkk-gGOG0mov_NXr2Yu4-VgTQUwq0Qt474zrntRhfH1iVPrzd3Cmr2D3Yfs6venEZ1r6hUszaGU1TFkS9IyGuyhfGcpVk_sb68RNnGW43EReTWnvRCCwVHm8EsxyAvXUdCMAsIgMTftteTwuYDBlGIaQKjS1Yw8uIX6YNAgi9GkcKNlH5aRp4TgsrrsB-AaNFBMNtaLd1C5hLGxiQOhZw6SdKPyK6spJqgZmCeBadnTIkmO7ca3nnTWRb7HrjUNFIFJLUVZSIfREsNyBIk7osOcYpYuAV997KeVZQj1CPasXpMX27PIuvSh-kMKaGpsk3_DJGZWVL1Mo&sai=AMfl-YRMQkJaSjVcWujZD4Rke2-L7aIRiv4JbfRMgfPulQAPcMPpteUHrrC6eqhKAExiKsHV-MaoX_yjoOv8qCuQs9eo6LjMfNMmIvq19mR3qpqQR39kQQJhDLuaiA_x4rVnPGqGkmS5eHNxYawAmOp21gUd&sig=Cg0ArKJSzAF-gLFIIVpiEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9DCA7A8FF62983070E64EF6F56C03E37
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: E94ACBAEC7C6D0B4CCC61D352509B635
Requests: 6 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZYaIxQAAhHQDgxo4AA3_F1TOsLZFW4pLKPpGlw&u=%7C29yuZtz%2B9B84vdqztoCws2yL4VbbSb3L8a6W3wiCff4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uyW-RKtW37aQ28h4FHW0qHkRNX8Tp4yBrvqqQh5fet8XixysOMtZI9ldmtb2zmu0m2xjxAIf4RlhbouvpSp7iwW1gaGLkJfDcv4l_M6_5iGTp0f4A3ZWGuCVDYH2gWTZ-Md3O-_6VFkeA3Ruk0w-hKmE6AIzur1AYxnccWgpqpqyBXgsTm5QhMfJJw_Xuz1qRAAfCsqHZJNcxbUC8aJeb05Mo5gm-BSmPIJc0l6KTXU6cf8GbN08kb7WBH_alac_9AI_OlFU4OSrYSNjdamZj-BzkXDM92x0ZWE9_G00ykcAM7yAAGCoRADPY6RZ27wU11b1puFA6JZnk8658EAncyBy143KWHwRurQy3RDGcdhw78Ux6ZeRYWgd0JlP2PeKNsuFp0eA9HP1SniZpxL4Os_iKy2xuFZXN9KNCMgTkdgThnErNwmHpK3N40aOyGsF39YbDMaivuL8eirAd5Kdm3lmDZgAp2F9L0T4DoPj0vfPlyirNdsjE3a3L57cepUZIVaq3c7jpgDg94JfY1-7ba0eNVSsKL_l30T6tsmxgVunMPdy0Rla0iYUQ1HdOwjPr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6g5DxYiGZfSIAri0jMwPl_63mAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2yAEJqQJCmkgtttCmPuACAKgDAcgDAqoE1wNP0FFkAqSY1O0x3vMl6gVOwigug3s62z1mr_7uQxV57TUXyh-SbT6HCCopU6ecmCn3rJoWpqIY7JFKxI5HfjKyDLsFVxto26KAbd9kRS4QMVwB8xC618XL_fur4-7sHIBdAKtRZpYOBkMZJr11duQOVWI172Di9lrB47-64ydlV2MQFuNvlW-cEtBI5bwONETxAmqpMjNrA94S3lrKcIDuLGfb5NRHCuM0On6x-qmJq6F6dLY5cJztR4Wj7ktD_GpMyhVM81U_kGKdE2VZz4E1-JehmCToWKnAf1BgnW0FkIhU3Fh_YKSHbgMCA_EWNGiP_wuOwbTJYlhWUX17rHn1n4feR9gZDDOAw3wGl-C4QDbOJ8VWYgxtg6vOczpPx6lk8u-DJiqddlOC8LCoAbJlTLMbHD3qc7oubizgy_mn1Oi2Tsu-PuQIBtr4Qop-2U9_xHqUTS6VyyIonRs_8QW1J34XhWfdPQpQJkrwAxSU5uiNvo--IhQFRpD-bPHaQii5jJJK8S1PtMOBOkzGNh3l3EPQ8GtyzNPA82ZZkHSMt4ey4nZWNS6B7yhb9L0ghzFBHNn2p7QepxqjIo5XppiU5YfKOSsrcijWoMHKTvXVNnkkqZOUQxHgBAGABrOkie_huO39nAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYgbm-o4GlgwP6CwIIAYAMAeINEwj3pr-jgaWDAxU4GoMDHRf_DVPQFQGAFwE%26num%3D1%26sig%3DAOD64_0Yc1z4O1MUbduOR7lZS_h3569GOw%26client%3Dca-pub-7327662408303156%26adurl%3D
Frame ID: 9EDEA6FA94AD258A24349F470E991A81
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 9E41EE0D35B937C118C70443AD596EB0
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: D84CF8730B1583272041B9F4B0B8449E
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 03FC716A52B1A619D18B87EFEE64C06B
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: E9D0D3D0A40A53DCE3C4FD62C2E9B5EA
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 9DC1A4FF64CE67A8214C892291118897
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CE7C3E8C0D4EEEC1296F914C41AB2319
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AC74DA0D9F348A93604F69DEE7C857A0
Requests: 3 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Frame ID: 51D0440F1902ADB2CE5A21074D670312
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 579942894F947122C1EECAC4FB58403C
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Frame ID: A9F662F49AD5DC9C3E2336D357FD6024
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FC7F55DB0CF79A2D08D365C623BA20D4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0A9657371FF137EADE5A3B86CED0A9D4
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f0c66586-88c7-4400-8f7a-1d57c011903f&gdpr=0&gdpr_consent=
Frame ID: 3E736A6519065069DC2B6B5237457B16
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID235B4D78-F1FB-4418-B2CA-57F5903AA12B
Frame ID: 709447B86F29FB6A77079121F1BF20B3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpg-M_IO0CVn-KrYcrMCMxpvP4qJLmjjVGuF3qnvm4eE8gfALH67TkpsCZUaFcPFqeFUnyuV-t1Gpt7G9pzpw6e9mm8YH625e68RC7HL9yJWMjEKuYJi9AvOC2mNhT4DJd8FUBcUaZDDPdBH-Q1FDZ9O0IiipGAyp-f2AQ1M0NzaJKQJxjAZnUcDb2ildmyD2wv2ND9sPuJLdLsBCVo8EZF_Xb9R0byy0su1QUEUT-vRVk7_XNsBaoVwtanzZeQTbx_WuAyWQ8DA1pzmWRd5mI4_8zfupDB-WPLa1BoeShxOlp0VXJJ9okJy70koWvv8mfkpuMdC0smaGeBKEddHdVm3H0A4Xe9W4zLD-TgHl3cSatKfN-mCpTHzyx1bl7JUiQQhH21kHhOpQaXq3iPJ0s&sai=AMfl-YR8CHu9O-5XHosg2b_J1hPyQJVCYOXtJWwgdfwm2Z9B0jr1c9VklggSYHK7MoXZMCCHwlFUxGMHhAt0H5C_mTtYlHh_DK8LMUl93RoydRtRub572Lug8DPjBiyJtOU&sig=Cg0ArKJSzFCWO_O0KfaCEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 46A16BB751B0648BAA8D54689C1E7FBD
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C15BBE6B3A2F03BE6056E2043F9E8690
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Frame ID: F76C24AA1DC529FB87B43BC8998D3F65
Requests: 6 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=6adf55d5-ab11-0b87-2bcb-9ae740bf1357
Frame ID: A8173305C935AA05756AA270107B1B25
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931599&pubId=22235&chanId=www.register-herald.com&placementId=105129&pubOrder=AU&custom=desktop&custom2=windows&custom3=chrome
Frame ID: B24AD9EA0C2F0897D1EF027FFB8BD1FB
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F77C4A34F4F3FEC5CCE89EE6C30F7957
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.register-herald.com
Frame ID: 164DE79815BD8F798B72C101BF5DD5A5
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
Frame ID: A756FB3A50AE3F98A1A977C615471DB5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2814042338364285155&gdpr=0&gdpr_consent=
Frame ID: 5953916899955C968D1D0D3FC326E4B3
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=445&user_id=5212190e-59e5-3047-a7a7-4e620206c88a&ssp=pubmatic&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
Frame ID: A72778408F4EE250B6EFEF239A8C1B3C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey
Frame ID: 99B42E0E193DAD1564312C9CE9DD6829
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tcq35qfnlf
Frame ID: 77B6DA2CBB251790AEF083795AE19EEC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID235B4D78-F1FB-4418-B2CA-57F5903AA12B
Frame ID: 2C980D439767B50F598BA994B183EBC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D98497BA170E47395EF464320B60F7B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EC79F0FA9626B75E5897B4B8AA58A9C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Frame ID: E1667C6DE25FB7C92DA23EE702BDC7A2
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 1FEE5F84D611C23F8FFE9FA15E0660BE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0QJjteEPWOVyOHxktb2SCULLcKU&gdpr=0&gdpr_consent=
Frame ID: 5A80CDEC740D0FD96502056C059DEC06
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8cb031b0954848aaaaf47f16c883878a
Frame ID: 94A5112474B7BEDA1F625B0B2E31FE6A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 725E19D1C2C59B6A5B63A64A6F169AD1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F8FF5030370015980EAF741FE95F416B
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 07AC1FE7B66BE168C98C3A8A196AD707
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6ryyaeTHAASF3Oa3yoiGZQ
Frame ID: EF9577FC127608109EEBB333BABA9BC3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3ff20361085447bc8d97a6ba5406ecb5
Frame ID: A5D889D7851A9AB3A7AE81727394BC1F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e358ef80-a162-11ee-83f2-8b28e3594203
Frame ID: C4D280F3ABF17BCE9A190530F8B5FE5B
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: D6992E50A1821B3DCA8D9F02F6A06B40
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Frame ID: A248B04C10EFB90AE3982E8C29B4C2B7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EE596860AC5DC1DD83F580B3067D409B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 57A7540C6AEA73583EB7BCED14CE52DE
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: F179C80516D97E5EAACAF85CC91274FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 988F2964C8586C90F181AEAB74EB5D71
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hx6ZzeAB1RgWd95&gdpr=0&gdpr_consent=
Frame ID: 4B94457FFCF9965942E9788DCF1A7A68
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245968139501534
Frame ID: 00505E1C462425440E3578598EE2C569
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Frame ID: 163602C1C50DCB003C608AFF4D921140
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:30DE9C28ED4445DCA5305FC1768B4A1C&gdpr=0&gdpr_consent=
Frame ID: 68C23B1F792EB7AC516D5F6B480A65DC
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Frame ID: E8F52A93330CD327CADF20FCB5E1BE86
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6vVzhSiNbY98AzaWIhQAxLyyDlh3RLqXr3rOHbIcE7QpVPH7S1_F8Bx-8PUoBDl0sytD4X7srf2RUt06QH8IgHaA3gxn4xkABw1PjMLeZ8ye4YXfOWGcGm0lIu2-eu744UX_6NnIPJSq-82XuWcDqRcHl7mNdyORuhPmoielFE0LMF8hOqx8FxgUErIPkKGj_nbh-v87jGN7cG0Gwi4nSGlePBLq7VBy7N6q8wy-ANppB5qmd8iCGHqpoob4GhbIw-wguKlDISXtPbTMgCu4PRcDdtyrWF8i-MBpjm-6Tz0w0_SBfvY4iTiRDC2RAgtNVvr15FHXNuhSmdT5EvXEXWWkQEyvSfZf1GdA9xmGXGik3wLU7VNLPg1SHvVNH_xEqMAZiiTONmdwaiKuLgqgH&sai=AMfl-YR-xAUtq42V9XeTEewImS3be4S6I8QCfyUlNr_UV6wXERUoe2qO7gUgIafe0h1mi0jUS5_kSTvmtnoh6jpV2NZX2ei3MrZLrQZcqAE7V3-zUBWYQLp62bvIoadFYHA&sig=Cg0ArKJSzM_ObkqHyeahEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C907C7477F0BF15CE8196AA11E1A8436
Requests: 5 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Frame ID: 93D913DF7443B76C774D69452BBC8072
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Frame ID: 0798C461B974D82DEFF0287215855B39
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

West Virginia High School Soccer Coaches Association names all-state team | Prep Zone | register-herald.comLinkLinkLinkLinkLinkLinkLinkArticlesimagesVideosCommented

Page URL History Show full URLs

  1. http://register-herald.com/highschoolsports/x519089349/West-Virginia-High-School-Soccer-Coaches-Associa... HTTP 301
    https://www.register-herald.com/highschoolsports/x519089349/west-virginia-high-school-soccer-coaches-associa... HTTP 301
    https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-associati... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

574
Requests

74 %
HTTPS

0 %
IPv6

126
Domains

200
Subdomains

121
IPs

13
Countries

11164 kB
Transfer

21301 kB
Size

242
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://register-herald.com/highschoolsports/x519089349/West-Virginia-High-School-Soccer-Coaches-Association-names-all-state-team HTTP 301
    https://www.register-herald.com/highschoolsports/x519089349/west-virginia-high-school-soccer-coaches-association-names-all-state-team/ HTTP 301
    https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://idsync.rlcdn.com/712559.gif?partner_uid=ddeaf6d0-76f8-40d3-866e-b08af67e5dab HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJGRkZWFmNmQwLTc2ZjgtNDBkMy04NjZlLWIwOGFmNjdlNWRhYhAAGg0Iw5GarAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b131d73ec2f8cec3fac155a7b1a43f22a968d8cdbb96a48731d818d5785f3e9c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiMTMxZDczZWMyZjhjZWMzZmFjMTU1YTdiMWE0M2YyMmE5NjhkOGNkYmI5NmE0ODczMWQ4MThkNTc4NWYzZTljNzkxNDI2YjU0MTdkY2UyMRAAGgwIw5GarAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiMTMxZDczZWMyZjhjZWMzZmFjMTU1YTdiMWE0M2YyMmE5NjhkOGNkYmI5NmE0ODczMWQ4MThkNTc4NWYzZTljNzkxNDI2YjU0MTdkY2UyMRAAGgwIw5GarAYSBAgCEABCAEoA&google_error=3 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c6ce206e-8869-49ae-8e5d-54ece5f5db49
Request Chain 168
  • https://www.smugmug.com/include/js/cookiemonster.mg?returnTo=https://photos.register-herald.com HTTP 302
  • https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com HTTP 302
  • https://www.smugmug.com/include/js/cookiemonster.mg?smsess=468a9e43c5c9c906b43467626e8943bf&skey=092ef9b3d2db14132b302803b6b4f747
Request Chain 172
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&dcc=t
Request Chain 228
  • https://photos.register-herald.com/img/spacer.gif HTTP 301
  • https://cdn.smugmug.com/img/spacer.gif
Request Chain 264
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22a65bdba9
Request Chain 266
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=53df9add-94ad-429c-928a-569fae49ff0d
Request Chain 267
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61ca4d6d64612kqekh00lqhq5ud8
Request Chain 268
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAOHFk7LDRIAABQDGJ5Vlw&ex=beeswax.com
Request Chain 269
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 280
  • https://match.adsrvr.org/track/cmf/openx?oxid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0&gdpr_consent=
Request Chain 281
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYaIxsCo8X4AAJdKQWkAAAAA
Request Chain 282
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXpkGaD48TyQks8AED1M6Mvk_c8AAAGMlYZGOA
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFxfFJqA8pi6GNbgE6OzKR4&google_cver=1
Request Chain 288
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&expiration=1705907654&gdpr=0&gdpr_consent=
Request Chain 289
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYaIxbSizXj-SopHFCEksgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPCAfOHo5bqqueS_mXLlNvU&google_cver=1
Request Chain 291
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYaIxbSizXj-SopHFCEksgAA%264778&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYaIxbSizXj-SopHFCEksgAA%264778&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1bbc552bec454c76b37c231cd654e7ff HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1bbc552b-ec45-4c76-b37c-231cd654e7ff HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ca86ab71-1ff7-4760-8875-a4aba5bb3c67%3A1703315655.5649836&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dca86ab71-1ff7-4760-8875-a4aba5bb3c67%253A1703315655.5649836%26_%3D1703315655.5667074&cb=1703315655.5667422 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2018245968139501534&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dca86ab71-1ff7-4760-8875-a4aba5bb3c67%253A1703315655.5649836%26_%3D1703315655.5667074 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ca86ab71-1ff7-4760-8875-a4aba5bb3c67%3A1703315655.5649836&_=1703315655.5667074 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMk8H8zrCwYruKBMsoOB9bs&google_cver=1
Request Chain 292
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFumE7LDRIAABRW-aEkOg&expiration=1704525254
Request Chain 293
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9d1f2264-dbff-25cf-1bdf0f53
Request Chain 294
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 295
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
Request Chain 307
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=649153&iiqidtype=2&iiqpcid=55f091f7-583a-4818-9de4-7f6567075ae3&iiqpciddate=1703315654398&tsrnd=869_1703315654400&fbp=1120628901&vrref=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=649153&iiqidtype=2&iiqpcid=55f091f7-583a-4818-9de4-7f6567075ae3&iiqpciddate=1703315654398&tsrnd=869_1703315654400&fbp=1120628901&vrref=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&jsver=5.09&ckls=true&ci=eoHK786CH6&nc=false&trid=-1936762309
Request Chain 309
  • https://sync-axelmark-dsp.focas.jp/sync/opx HTTP 302
  • https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=tYtQeVKNboHZJMuR7CCOrzbV2wht35zEhkKlSXO98bn9FRUY
Request Chain 311
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57y7EE01WBDCM006SvaB
Request Chain 313
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=0QJjteEPWOVyOHxktb2SCULLcKU
Request Chain 316
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Qiw5WU7RilqJ2kBzf-5q-A==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 318
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NDkzYzE4ZGEtYzVjNS00MWQzLTlmYmItZmI3Y2UzNWMzZWJh HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 322
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
Request Chain 323
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
Request Chain 324
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
Request Chain 331
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f0c66586-88c7-4400-8f7a-1d57c011903f&gdpr=0&gdpr_consent=
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I1tNePH7RBiyylf1kDqhKw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 334
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=235B4D78-F1FB-4418-B2CA-57F5903AA12B HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=235B4D78-F1FB-4418-B2CA-57F5903AA12B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef5b9e8a-4a93-4966-b307-a876b6db9aec%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=ef5b9e8a-4a93-4966-b307-a876b6db9aec%2C%2C
Request Chain 335
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=&ct=y
Request Chain 336
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=235B4D78-F1FB-4418-B2CA-57F5903AA12B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=235B4D78-F1FB-4418-B2CA-57F5903AA12B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjM1QjRENzgtRjFGQi00NDE4LUIyQ0EtNTdGNTkwM0FBMTJC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoYPhG1KP2aiWD5vCI0bl8&google_cver=1
Request Chain 341
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
Request Chain 343
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
Request Chain 346
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6f89329ee4d11f25&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMWCo8OeH7FwM1RhdLAAAAAAA&expiration=1703402055&nuid={OX_USER_ID}&is_secure=true
Request Chain 347
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=b3be30ec-3f3d-093d-3c89-cdce3b54a42b HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=b3be30ec-3f3d-093d-3c89-cdce3b54a42b&verify=true
Request Chain 348
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 351
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=Hx6ZzeAB1RgWd95
Request Chain 352
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZYaIxwAJAt7ZKwBU HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYaIxwAJAt7ZKwBU&_test=ZYaIxwAJAt7ZKwBU
Request Chain 362
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=6adf55d5-ab11-0b87-2bcb-9ae740bf1357 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=6adf55d5-ab11-0b87-2bcb-9ae740bf1357
Request Chain 366
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7&google_hm=MWNiYjNmMzEtOTQ5Ni00YzhhLWIyY2ItNDY4ZTcxMTZhYmU3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAsPYZzI15yr-q3lAL6wq5k&google_cver=1&ssp=sekindo&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
Request Chain 367
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=3eb5d6d9-0fbf-42aa-b548-96201153baec&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=3eb5d6d9-0fbf-42aa-b548-96201153baec
Request Chain 368
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZYaIxbSizXj-SopHFCEksgAA%264778 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYaIxbSizXj-SopHFCEksgAA%264778
Request Chain 369
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4250019921879004143228 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4250019921879004143228
Request Chain 370
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQHQ5UJ7-P-DGP6&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
Request Chain 371
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-i700Q3BE2uKl.aH7W8luFOW2IFAXlMkF~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-i700Q3BE2uKl.aH7W8luFOW2IFAXlMkF~A
Request Chain 372
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=6973a68ce8454db9aa5e3733793c2879 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=6973a68ce8454db9aa5e3733793c2879
Request Chain 373
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=658688c408959&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3463172542890107000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3463172542890107000V10
Request Chain 374
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H3iyDLZHYN4Hns6tTJSsiFZZ HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H3iyDLZHYN4Hns6tTJSsiFZZ
Request Chain 375
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=a24564821d8f9a1534f22ed12c8a5fc&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=a24564821d8f9a1534f22ed12c8a5fc
Request Chain 376
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=f8547d09-4918-4aac-9462-5b28974d48b1 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=f8547d09-4918-4aac-9462-5b28974d48b1
Request Chain 377
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5770507232381317882 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5770507232381317882
Request Chain 379
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=493c18da-c5c5-41d3-9fbb-fb7ce35c3eba&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=493c18da-c5c5-41d3-9fbb-fb7ce35c3eba
Request Chain 380
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1703315655947 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3015143342 HTTP 302
  • https://sync.1rx.io/usersync/turn/2766854501026029548?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-2787b8f0-2615-4a39-af16-3f6c452051a9-004 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Request Chain 386
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELU2KldTzn6S7SRkvX_y9vw&google_cver=1
Request Chain 389
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID%26us_privacy%3D1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2814042338364285155&us_privacy=1---
Request Chain 390
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=bmakYWBr_2N1Zqw0OmGxMWA2rG51a_oyOWXDyCtj
Request Chain 391
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
Request Chain 392
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
Request Chain 393
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8664524426276581944&gdpr=0&gdpr_consent=
Request Chain 394
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=XpnL6tOMGcjER13OMMAn&us_privacy=1---
Request Chain 396
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LQHQ5UJ7-P-DGP6 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 399
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719126855&external_user_id=bbb12f36-e420-4e2a-aa43-36e5523f3dd9
Request Chain 400
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0QJjteEPWOVyOHxktb2SCULLcKU
Request Chain 401
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=30DE9C28ED4445DCA5305FC1768B4A1C&us_privacy=1---
Request Chain 402
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
Request Chain 403
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca4d6d64612kqekh00lqhq5ud8
Request Chain 407
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 413
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/V9A-KjL5Fg628T5zTNTpeA?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-57tivelE2oL7M9Widne7.meNQVKWQw02d.TKoA--~A
Request Chain 414
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=&expires=30
Request Chain 415
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRiYjIxNDFjNmU0MDZhNDkxODEyZTNmZmI3MzNmYjA0ZDRkMWE2ZQ&us_privacy=1---
Request Chain 416
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 418
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3Gp2aNfhSFShT0EoDhD7vw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Gp2aNfhSFShT0EoDhD7vw
Request Chain 419
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHQ5UJ7-P-DGP6&us_privacy=1---
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0gmWFSreDyWe_yQmKgRGY&google_cver=1
Request Chain 421
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFIUTVVSjctUC1ER1A2&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDRwW8FO9EvGhlbkrUA8g3c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIUTVVSjctUC1ER1A2&google_push=
Request Chain 422
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1--- HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFumE7LDRIAABRW-aEkOg&expires=30
Request Chain 423
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQHQ5UJ7-P-DGP6&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQHQ5UJ7-P-DGP6&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Request Chain 424
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
Request Chain 425
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
Request Chain 426
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=58eb11ef-6549-470c-9285-c7ace176824f&expires=30&us_privacy=1---
Request Chain 427
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQHQ5UJ7-P-DGP6&us_privacy=1---
Request Chain 428
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQHQ5UJ7-P-DGP6&us_privacy=1--- HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
Request Chain 462
  • https://c1.adform.net/serving/cookie/match?party=14&cid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
Request Chain 463
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2814042338364285155&gdpr=0&gdpr_consent=
Request Chain 464
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1cbb3f31-9496-4c8a-b2cb-468e7116abe7&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=5212190e-59e5-3047-a7a7-4e620206c88a&ssp=pubmatic&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
Request Chain 465
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey
Request Chain 466
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tcq35qfnlf
Request Chain 468
  • https://idsync.rlcdn.com/420486.gif?partner_uid=235B4D78-F1FB-4418-B2CA-57F5903AA12B HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c8bccc03-2a10-0514-30d7-8c37956c319a
Request Chain 469
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9dPepd5E2uXFc2fAzpkjNLnyefiEuOg-~A&gdpr=0
Request Chain 472
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=30DE9C28ED4445DCA5305FC1768B4A1C HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=22a65bdba9&gdpr=0&gdpr_consent=
Request Chain 473
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/30DE9C28ED4445DCA5305FC1768B4A1C HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Request Chain 474
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=30DE9C28ED4445DCA5305FC1768B4A1C&dongle=yf3
Request Chain 475
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 476
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 477
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=30DE9C28ED4445DCA5305FC1768B4A1C HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1703315657732&ip=66.203.112.165&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D232713304739002841116 HTTP 302
  • https://um.simpli.fi/aa_px?sk=232713304739002841116 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 478
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 481
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=30DE9C28ED4445DCA5305FC1768B4A1C;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=30DE9C28ED4445DCA5305FC1768B4A1C;mimetype=img;sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODczMDUxNzI5NjEwMTYyNTk4 HTTP 302
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJ1S_uYN5p-uv1jA3-s316Q&google_cver=1
Request Chain 482
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=30DE9C28ED4445DCA5305FC1768B4A1C&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=30DE9C28ED4445DCA5305FC1768B4A1C&j=0&xl8blockcheck=1
Request Chain 484
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 485
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 486
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 487
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 488
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=30DE9C28ED4445DCA5305FC1768B4A1C HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=8c822726-6357-40ad-8c01-822eca9a1a3b
Request Chain 489
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703315657299&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=yYiGZY6PH8qImsMPtPuK4Aw&sscte=1&crd=&pscrd=IhMIzpfTpYGlgwMVSoRmAh20vQLM HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzpfTpYGlgwMVSoRmAh20vQLM&is_vtc=1&ocp_id=yYiGZY6PH8qImsMPtPuK4Aw&cid=CAQSKQAvHhf_LIa4G7aZ2pw7cjz-xKIkyg-rKllt0syQlx_iBiwfSN1crFHw&random=3401278311 HTTP 302
  • https://www.google.com.au/pagead/1p-conversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzpfTpYGlgwMVSoRmAh20vQLM&is_vtc=1&ocp_id=yYiGZY6PH8qImsMPtPuK4Aw&cid=CAQSKQAvHhf_LIa4G7aZ2pw7cjz-xKIkyg-rKllt0syQlx_iBiwfSN1crFHw&random=3401278311&ipr=y
Request Chain 491
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 492
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=30DE9C28ED4445DCA5305FC1768B4A1C&expires=365
Request Chain 493
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
Request Chain 494
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPhOqasvZXerWxJmQO9uNJ0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30DE9C28ED4445DCA5305FC1768B4A1C HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 497
  • https://photos.register-herald.com/img/spacer.gif HTTP 301
  • https://cdn.smugmug.com/img/spacer.gif
Request Chain 516
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0QJjteEPWOVyOHxktb2SCULLcKU&gdpr=0&gdpr_consent=
Request Chain 517
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8cb031b0954848aaaaf47f16c883878a
Request Chain 519
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 521
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6ryyaeTHAASF3Oa3yoiGZQ
Request Chain 522
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3ff20361085447bc8d97a6ba5406ecb5
Request Chain 523
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e358ef80-a162-11ee-83f2-8b28e3594203
Request Chain 526
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 529
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 530
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hx6ZzeAB1RgWd95&gdpr=0&gdpr_consent=
Request Chain 531
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245968139501534
Request Chain 532
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=52528806 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8c822726-6357-40ad-8c01-822eca9a1a3b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-2787b8f0-2615-4a39-af16-3f6c452051a9-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Request Chain 533
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:30DE9C28ED4445DCA5305FC1768B4A1C&gdpr=0&gdpr_consent=
Request Chain 534
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Request Chain 535
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7327025687900932889
Request Chain 536
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=656e707d4e8f22c2&is_secure=true&networkId=17100&version=1&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWTsVZmXQNgM6dcsPAAAAAAA&expiration=1703402058&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 551
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Request Chain 554
  • https://photos.register-herald.com/img/spacer.gif HTTP 301
  • https://cdn.smugmug.com/img/spacer.gif
Request Chain 556
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018245968139501534
Request Chain 557
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=0QJjteEPWOVyOHxktb2SCULLcKU
Request Chain 558
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7327025687900932889&ssp=sonobi
Request Chain 559
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4bd1642a73&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=8c822726-6357-40ad-8c01-822eca9a1a3b&pubid=4bd1642a73
Request Chain 560
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=2fc7f361-968a-4b22-b6b8-f4e230c04636&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SWJFSWhqV28taTNZMjZoNFRpWnU2Zw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAMKk0PmgtMFG4gwc1nTzyc&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=lKZ8FDkv20Td
Request Chain 561
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
Request Chain 564
  • https://ds.uncn.jp/ox/0/sync HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_1300640c-15c2-40bc-a2cd-6782d9423208
Request Chain 565
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=9d1f2264-dbff-25cf-1bdf0f53
Request Chain 566
  • https://sync.1rx.io/usersync/openx/0e4ca307-9ce2-011f-3f43-552c0a4f1c3e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Request Chain 567
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2814042338364285155
Request Chain 569
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SALaE0YPgRFTAtJGHAXPQ0ZS0hxTD4RAHwG5NjEc
Request Chain 583
  • https://photos.register-herald.com/img/spacer.gif HTTP 301
  • https://cdn.smugmug.com/img/spacer.gif

574 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/
Redirect Chain
  • http://register-herald.com/highschoolsports/x519089349/West-Virginia-High-School-Soccer-Coaches-Association-names-all-state-team
  • https://www.register-herald.com/highschoolsports/x519089349/west-virginia-high-school-soccer-coaches-association-names-all-state-team/
  • https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
244 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
5acd8e88826c4f0e51b83fa3ccb5f35fa81c737c3bd01ac68131de2687bbf111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
55087
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 07:14:09 GMT
etag
W/cccdf1da59fdca2be6a3036f917a4e82
last-modified
Tue, 29 Jul 2014 23:05:56 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.72.3; app6; 0.4s; 3.9M
x-ua-compatible
IE=edge
x-vcache
MISS
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
23885
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 07:14:08 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
location
/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.72.3; app18; 0.21s; 1.9M
x-ua-compatible
IE=edge
x-vcache
MISS
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baaa155b1-SYD
expires
Sun, 10 Nov 2024 10:29:55 GMT
user.js
www.register-herald.com/shared-content/art/tncms/user/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:12:20 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 20:34:37 GMT
x-vcache
HIT
age
109
etag
W/"65834fdd-c46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1437
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9e55b1-SYD
expires
Thu, 28 Nov 2024 12:55:16 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:14 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a922-841f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9c55b1-SYD
expires
Thu, 28 Nov 2024 11:30:09 GMT
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-2d77"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baaa455b1-SYD
expires
Wed, 27 Nov 2024 09:19:20 GMT
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-1102"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9f55b1-SYD
expires
Fri, 29 Nov 2024 14:10:27 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-9b8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baaa555b1-SYD
expires
Fri, 29 Nov 2024 10:56:34 GMT
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:37 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da1-1ac2e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9855b1-SYD
expires
Thu, 31 Oct 2024 12:48:53 GMT
font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284c-7257"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9755b1-SYD
expires
Sat, 30 Nov 2024 12:29:36 GMT
layout.9509b461cedc7767649ee83a5b35c177.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Mon, 27 Nov 2023 14:35:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6564a924-26683"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9655b1-SYD
expires
Thu, 28 Nov 2024 12:55:16 GMT
theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662851-a317"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9955b1-SYD
expires
Fri, 29 Nov 2024 13:52:33 GMT
site.css
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/styles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/styles/site.css?_dc=1653486271
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d7c9d22bc64bec9e1ab42f298cb72b96daf3e6f0fb3ca309437b3ca962645c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Wed, 25 May 2022 13:44:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"628e32bf-1728"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9455b1-SYD
expires
Fri, 29 Nov 2024 10:56:33 GMT
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:41 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da5-2021"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9555b1-SYD
expires
Thu, 31 Oct 2024 10:25:53 GMT
access.d7adebba498598b0ec2c.js
www.register-herald.com/shared-content/art/tncms/api/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Origin
https://www.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:11:23 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 17:55:11 GMT
x-vcache
HIT
age
166
etag
W/"6570b57f-1164b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
29242
service-worker-allowed
/
tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf1-2503"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9b55b1-SYD
expires
Wed, 27 Nov 2024 08:35:42 GMT
tnt.ads.load.00f4c685fd5644c4d74a74b62e77e36b.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		893 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.00f4c685fd5644c4d74a74b62e77e36b.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a4526cb39025408f18863bb357ed08947e1f952c5e5c17506d25cb1435f3e10
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Mon, 11 Dec 2023 16:13:19 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6577351f-37d"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bd455b1-SYD
expires
Thu, 19 Dec 2024 23:08:59 GMT
tracking.js
www.register-herald.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:11:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 20:34:37 GMT
x-vcache
HIT
age
166
etag
W/"65834fdd-a3a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1157
service-worker-allowed
/
admanager.js
www.register-herald.com/shared-content/art/tncms-ad-manager/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:11:23 GMT
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 14:16:03 GMT
x-vcache
HIT
age
166
etag
W/"65538123-9d42"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
12840
service-worker-allowed
/
impressions.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		83 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/impressions.js?_dc=1703315127
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e71b9750bed04d835845acb8610e99fdc726b81ee570b0f48e7bb843011fc4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
last-modified
Sat, 23 Dec 2023 07:05:27 GMT
x-vcache
HIT
server
cloudflare
etag
W/"658686b7-53"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baaa655b1-SYD
expires
Sun, 22 Dec 2024 07:14:10 GMT
traffic.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		1 KB
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/traffic.js?_dc=1703309719
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7babc65bec979df4829ba70ac57755fdaea3134f93524cb5de016b5f591f37
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Sat, 23 Dec 2023 05:35:19 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65867197-5e0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baaa255b1-SYD
expires
Sun, 22 Dec 2024 05:48:14 GMT
settings.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		3 KB
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/settings.js?_dc=1519930389
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c07323b9f8816039655bc454c1a75563a252381a906f01d97c169659b27e63
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 01 Mar 2018 18:53:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5a984c15-d4c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baaa755b1-SYD
expires
Sat, 09 Nov 2024 17:30:00 GMT
tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:05 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284d-6d1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bd555b1-SYD
expires
Fri, 29 Nov 2024 09:26:56 GMT
tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3895ebeedf32ed25a1fb2328a2a9d936e2ab4721a487f26598d9b627bd81071c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662850-1140"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bd755b1-SYD
expires
Fri, 06 Dec 2024 17:42:18 GMT
embed.js
launch.inform.com/2/js/ 		0
0
biz.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/scripts/biz.js?_dc=1468340463
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4198d9ae65e215bbfba8a14b4e9ed754198d186ba88aed0ca37ea54ecb7701b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 12 Jul 2016 16:21:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"578518ef-1985"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baaa355b1-SYD
expires
Thu, 28 Nov 2024 12:55:16 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65662850-cf"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5baa9a55b1-SYD
expires
Fri, 29 Nov 2024 12:00:07 GMT
css
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
13a3d63f766a04d1b7bc24c1a3a3696225912b028db642a4473da2537c8c1fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Dec 2023 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 07:14:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Dec 2023 07:14:09 GMT
fontawesome.568f3d1ab17b33ce05854081baadadac.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		268 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:39 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da3-43130"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bd855b1-SYD
expires
Thu, 31 Oct 2024 10:25:54 GMT
osano.js
cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/ 		331 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-51.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
04a7667084971cb60ab659dd3892db7c9dfd47bf56bf3d159912d2c4153ddfbf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 23:49:57 GMT
content-encoding
br
via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
SYD62-P1
age
26652
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89464
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 20 Oct 2023 14:46:56 GMT
server
CloudFront
etag
"66ec303d7a0a11613a83c4f0af0ea180"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
WOEWi845MaU4quz6voTJTAgGQuPVpvK2cpnoBNqy2JxhSMKVSM4YSw==
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		92 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.192.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-192-23.sfo53.r.cloudfront.net
Software
envoy /
Resource Hash
73c92a4f447c5ff051221b14fe5d7a66375d592d6d55096b763f0ea7e68b580d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
gzip
via
1.1 d2610666ad934f0664cd719e5472324a.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
SFO53-P5
vary
Origin,Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
5
x-amz-cf-id
_aYk2MUxwsrdr6DQGMKOiPK5L99pBYYWHadh0btI1PFzA3qX9I1-wQ==
eafa8850-4d78-0136-d0af-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/eafa8850-4d78-0136-d0af-06a9ed4ca31b
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.133.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
154.133.124.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
95ee6fc8810dfcbf054b898101151cb555278f15ff86e64a846cf1209c7184d0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F6Nkj0TqqB0bNqNt45HB
expires
Thu, 01 Jan 1970 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
65466b754c0015575ba02d9e010ef0beb512688f09f5aaa7ab4736db67cc9c1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29144
x-xss-protection
0
server
cafe
etag
844 / 19714 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 07:14:09 GMT
adb.1710310.min.js
prod.adspsp.com/ 		275 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.1710310.min.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-96.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e0f3dfb7e41d5c5f8344b98d5278bfe1d083527c978230838a5530c252cbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 00:02:58 GMT
Content-Encoding
gzip
Via
1.1 e8e5556eec12cd8fd3590100b82fb80a.cloudfront.net (CloudFront)
Last-Modified
Wed, 07 Jun 2023 18:25:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C1
Age
25873
x-amz-server-side-encryption
AES256
ETag
W/"cf47b7b0a20824d432d7fc3e9305e31b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
k6i9pnNHYCU8Nhfpwh0FmZLNLDXF9hBhFXQzLDGkXXg2o6nG3MgFrw==
/
register-herald-cnhi-pw.newsmemory.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&v=3&service=onstop
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
689c90e3d54cd33dc799dcb8f743d21832ffb124eaacbb96ee5846f88dc533ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
6113
Expires
Sat, 23 Dec 2023 09:14:13 UTC
tracker.js
www.register-herald.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:11:23 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 14:44:35 GMT
x-vcache
HIT
age
166
etag
W/"64b94853-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95b2add8ced883d3eefbfc4e70b58fbed8de0bc9e5b3772c3c262212cb67564
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=17102
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="627134b320195.webp"
content-length
8476
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 May 2022 13:57:07 GMT
server
cloudflare
x-vcache
MISS
etag
"627134b3-42ce"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5c2ad355b1-SYD
expires
Sat, 07 Dec 2024 20:35:53 GMT
/
register-herald-cnhi-pw.newsmemory.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&v=3
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
80a90dca41c8088d0956725d2b2feb6db4464c81d43ea068d0025413934a456e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
Last-Modified
Thu, 17 Aug 2023 14:18:11 UTC
Server
Apache
ETag
3b1f52a7c56ec8e9ce7cfde1b29b68e7
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
4416
Keep-Alive
timeout=2, max=300
Expires
Sat, 23 Dec 2023 09:14:13 UTC
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png?resize=400%2C44
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=10751
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="627134b320195.webp"
content-length
5364
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 May 2022 13:57:07 GMT
server
cloudflare
x-vcache
MISS
etag
"bdf93259bcd79bd4c05d76c1031b2fce"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5c2ad455b1-SYD
expires
Sat, 30 Nov 2024 13:17:24 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7D0) /
Resource Hash
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
gzip
content-md5
8ouzdXeMpGxUBMAUF/mhkg==
age
43907
x-cache
HIT
content-length
1002
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Fri, 10 Mar 2023 18:25:29 GMT
server
ECAcc (nwa/E7D0)
etag
"0x8DB2194D3ACD75C+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a1db617b-301e-00d6-1b09-35f6e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
63d974bdca729.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/a/4c/a4c1e2c4-a1a2-11ed-8a11-e30cd8b6a389/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/a/4c/a4c1e2c4-a1a2-11ed-8a11-e30cd8b6a389/63d974bdca729.image.jpg?resize=400%2C320
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80799ebf2ac1a977b8926bb1b45767c640045522b15676c5a66b34faaa1ac31
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=27407, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
27199
cf-bgj
imgq:85,h2pri
last-modified
Tue, 31 Jan 2023 20:06:21 GMT
server
cloudflare
x-vcache
MISS
etag
"ca0a06b8afb8ef142e5ca6e5788cd32c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5e8bca55b1-SYD
expires
Fri, 29 Nov 2024 12:00:07 GMT
registerherald.js
static.cnhionline.com/cnhi/data/bizmarquee/ 		441 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/bizmarquee/registerherald.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
be40e3da703faed33bd3e9c8977a3d814f53c17df10838fd4b257c7e9f6d074f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:12 GMT
Last-Modified
Fri, 22 Dec 2023 14:15:00 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"f00672ae-1b9-60d19d76f4100"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
441
5879-RTJ-Summer-Packages-300x250.gif
static.cnhionline.com/ksherman/images/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/ksherman/images/5879-RTJ-Summer-Packages-300x250.gif
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:12 GMT
Last-Modified
Tue, 06 Jun 2023 16:18:39 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"805b540-edcd-5fd785f418f52"
Content-Type
image/gif
Access-Control-Allow-Origin
http://template1.cnhionline.com
Connection
close
Accept-Ranges
bytes
Content-Length
60877
index.js
cdn.viafoura.net/entry/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/entry/index.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-63.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06dab1aec38a24a4278e4107e18b2500f118e6a7897d41135c111aa9e6680ab4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
aG3seF3kXMLh6jy6qFgZJudJrKm5RwC.
content-encoding
br
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 07:11:45 GMT
x-amz-cf-pop
SYD62-P2
age
146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Dec 2023 20:16:34 GMT
server
AmazonS3
etag
W/"45e0fb924328dd1beea8be74d8c7d376"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=600,s-max-age=60
x-amz-cf-id
TceQlFVW7LmioMYvBSTZqagTBEr6GJPUqvQGgFD-3lN5EA8e2VpPRQ==
tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.70d412172f30735865838caa3d6f42a0.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 27 Oct 2023 21:37:40 GMT
x-vcache
MISS
server
cloudflare
etag
W/"653c2da4-35a7"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bcc55b1-SYD
expires
Fri, 08 Nov 2024 13:08:27 GMT
asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		942 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
007dbd112f2196eb29626c03f5073581e659fd241bc768de5a3fe694e9bdda88
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Mon, 11 Dec 2023 16:13:18 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6577351e-3ae"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bcd55b1-SYD
expires
Thu, 19 Dec 2024 23:08:59 GMT
tnt.reactions.67f0e34a3cd1b0da1920164021a05805.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.reactions.67f0e34a3cd1b0da1920164021a05805.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e2bfa919aaa6d30bf418143db83b041bc03f6b0030448126042a3cc59d0de
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf3-d18"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bce55b1-SYD
expires
Fri, 22 Nov 2024 13:19:28 GMT
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Tue, 28 Nov 2023 17:50:06 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6566284e-1010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bcf55b1-SYD
expires
Fri, 29 Nov 2024 12:00:07 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-1021"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bd055b1-SYD
expires
Sun, 10 Nov 2024 10:58:55 GMT
dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Oct 2023 13:11:32 GMT
x-vcache
MISS
server
cloudflare
etag
W/"65294204-5a6"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bd155b1-SYD
expires
Wed, 30 Oct 2024 09:51:47 GMT
promo_popup.251d9baed77bb7d7e50212b336162059.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/promo_popup.251d9baed77bb7d7e50212b336162059.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
cross-origin-resource-policy
cross-origin
last-modified
Thu, 09 Nov 2023 15:29:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"654cfaf0-5e8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
839ece5e8bd355b1-SYD
expires
Wed, 27 Nov 2024 12:38:16 GMT
gtm.js
www.googletagmanager.com/ 		232 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f79866b2509ceca8b2010ffc589856f39dde3f7b2bebf8ff9fd331df2d44e67a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79488
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Dec 2023 07:14:10 GMT
/
www.register-herald.com/_services/v1/client_ip_info/ 		72 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/_services/v1/client_ip_info/
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
153da7872f5f5ca8018a5c63d080c0e7585a6cc1d18b854a0409894d4840fac6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
cache-control
private, max-age=3600
content-length
72
content-type
application/json
hwggUy-8zXVKjZI2E0wUar3MPBzZdax8V8xbh44lQOv3IKJxHBD4W_wdvLc56wLDDaDvNtpmA
bandborder.com/v2/0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/hwggUy-8zXVKjZI2E0wUar3MPBzZdax8V8xbh44lQOv3IKJxHBD4W_wdvLc56wLDDaDvNtpmA
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.179.148 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
148.179.110.34.bc.googleusercontent.com
Software
/
Resource Hash
11d472c1418326b359eae17020c7b20c89d38e9fa428e905cb5673a6a1e8cd62
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Sat, 23 Dec 2023 07:14:11 GMT
x-datacenter
gce-asia-east1
etag
"518e2fed00cdb8625b5069599bad423f40af0b0128d02cb95be43cab7b7c4ad6"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-test-vdsz
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
2f9ba7ae-e9b7-41e5-bcc2-1a38889f6f37
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/2f9ba7ae-e9b7-41e5-bcc2-1a38889f6f37
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
tracker.gif
www.register-herald.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.register-herald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=170331565033616001200356976558528&tnms_dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&tnms_upage=1&tnms_do=www.register-herald.com&tnms_uri=/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html&tnms_ref=&rt=1703315650338
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 15:21:39 GMT
x-content-type-options
nosniff
age
316351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 15:21:39 GMT
mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
bandborder.com/v2/0/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.179.148 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
148.179.110.34.bc.googleusercontent.com
Software
/
Resource Hash
fb6d5fb8691f75ab78b4a30ccfd0a625b3d7c00b2488ae86ab92ac9057119eda
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 23 Dec 2023 07:14:11 GMT
x-datacenter
gce-asia-east1
etag
"96f70e388e82da2e4dca5ab0e57dc56f2049ff6634a63e8c9af4de03de689cdc"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-test-vdsz
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:17:00 GMT
x-content-type-options
nosniff
age
115030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 23:17:00 GMT
love-face.b40bac7939cc4435948af192bcfb843f.png
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/love-face.b40bac7939cc4435948af192bcfb843f.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f28210eefe5bbf7dc28db544d12cf2c8800df04e9cac92a563a2f96b91d8277
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=3600
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="love-face.webp"
content-length
2132
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Mar 2017 15:46:36 GMT
server
cloudflare
x-vcache
MISS
etag
"58c2ca5c-e10"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f0c0a55b1-SYD
expires
Wed, 27 Nov 2024 11:12:19 GMT
haha.e8ea173c2dec30a8a10047ab33a1a984.png
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/haha.e8ea173c2dec30a8a10047ab33a1a984.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d1971a0126f302295df4788b3c43020cbcd3f27e38fb37dbe9cfd3241b04ae
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=4525
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="haha.webp"
content-length
2384
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Mar 2017 15:46:36 GMT
server
cloudflare
x-vcache
MISS
etag
"58c2ca5c-11ad"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f0c0c55b1-SYD
expires
Thu, 12 Dec 2024 19:10:16 GMT
wow.5085918dbcfaa3efb3a2f95eb5767774.png
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/wow.5085918dbcfaa3efb3a2f95eb5767774.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
822a389486116e997177a1d5fbe5a61c8bb6007d8fa3a19398083e5a774e8425
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2390
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="wow.webp"
content-length
1390
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Mar 2017 15:46:36 GMT
server
cloudflare
x-vcache
MISS
etag
"58c2ca5c-956"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f0c0d55b1-SYD
expires
Sat, 30 Nov 2024 11:18:24 GMT
sad.c8a3ceede8a7d2fafe5574387a28eb2e.png
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/sad.c8a3ceede8a7d2fafe5574387a28eb2e.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
054b26da2819c3f1d77e6559a3fea2268aac8907aaa3ea3db1ce10831cba8ead
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=3894
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="sad.webp"
content-length
2108
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Mar 2017 15:46:36 GMT
server
cloudflare
x-vcache
MISS
etag
"58c2ca5c-f36"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f0c0e55b1-SYD
expires
Thu, 28 Nov 2024 11:52:59 GMT
angry.00f8b278199f6f72ce39eaffb33230e0.png
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/images/angry.00f8b278199f6f72ce39eaffb33230e0.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e28a763d0ad37579ec0d3f68769ef32ac83525ef57a75a46103a6759561dd33
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=2511
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="angry.webp"
content-length
1358
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Mar 2017 15:46:36 GMT
server
cloudflare
x-vcache
MISS
etag
"58c2ca5c-9cf"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f0c0f55b1-SYD
expires
Wed, 27 Nov 2024 12:51:42 GMT
slideshow
photos.register-herald.com/frame/ Frame EC5F 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.7.58.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-58-147.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
b53f9d82baff6b435bf332c2436778a3164b85c1c9a41efe9c533dcf2a25ec75

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Dec 2023 07:14:11 GMT
Server
nginx
Transfer-Encoding
chunked
cache-control
private, no-store, no-cache, max-age=0
content-encoding
gzip
expires
Sat, 23 Dec 2023 07:14:10 GMT
link
<https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-top-6686fd85aa87d8638119b9a1c4afcb1c.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-config-1b71f11c41a1cc03a77fa8fb2082462e.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://api.smugmug.com>; rel="preconnect", <https://photos.smugmug.com>; rel="preconnect", <//videos.smugmug.com>; rel="dns-prefetch", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-b0fab27e417371f8ca2c98bdec5fa440.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/widget_bundle-f19f21f392c38da23d0c757e9f2e1c74.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/gallery_bundle-2e1659080f931bddc7fbfb7c12b9b6cd.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/bundles/smugpage-ZCZJV2U3.js>; rel="preload"; as="script"; crossorigin
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-env
a=live, b=www, c=ec58e149, d=i-0f4f5521a40cb9428
x-powered-by
SmugMug/1.0
x-request-id
05a63fe1
x-s
100.11.6:2749418
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
3/5 - Deliver Awesome
x-ttfb
0.1306
x-ttfb-l
15483
x-ua-compatible
IE=edge
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ 		198 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJDQXD
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
12dd3943fd0a91908040616b08b029d2865f2d0a6843874f6fef92e6bbf2136b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72364
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Dec 2023 07:14:10 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:08:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
54315
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 21 Dec 2024 16:08:55 GMT
5ddb142e-32d6-11e8-924a-17d36ace6eee.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/5ddb142e-32d6-11e8-924a-17d36ace6eee.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302abe4269895e6318fa84b97d3f2ab3664bf26efdb824039ebc530a87ec9560
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=9630
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="5ddb142e-32d6-11e8-924a-17d36ace6eee.webp"
content-length
4892
cf-bgj
imgq:85,h2pri
last-modified
Wed, 28 Mar 2018 22:21:31 GMT
server
cloudflare
x-vcache
MISS
etag
"5abc156b-259e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f4c2655b1-SYD
expires
Thu, 28 Nov 2024 12:22:12 GMT
6586040f51535.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/8/a3/8a3a5941-9c81-55b5-949e-221bd0abba1f/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/8/a3/8a3a5941-9c81-55b5-949e-221bd0abba1f/6586040f51535.preview.jpg?resize=171%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07441d4f0dc44133a5255c564c00ca2ae552dcf5d5f08208bfe9c740548befab
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=6682, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
6484
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 21:47:59 GMT
server
cloudflare
x-vcache
MISS
etag
"09a8d9798ba5dc68e49fc9a03b465d86"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f5c2955b1-SYD
expires
Sat, 21 Dec 2024 22:07:05 GMT
6586040f657a7.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/4/81/481fb913-7751-53db-890d-4eec74478252/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/4/81/481fb913-7751-53db-890d-4eec74478252/6586040f657a7.preview.jpg?resize=174%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46fe7b96e6e317b73b25850f93d5558903e29160e3d4daee4a7cbc2549d4f74c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
origSize=8469, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
8282
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 21:47:59 GMT
server
cloudflare
x-vcache
MISS
etag
"29959ca33824f07395910bf15c42d587"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f5c2b55b1-SYD
expires
Sat, 21 Dec 2024 22:07:05 GMT
6586040fa646e.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/c/a8/ca86c65d-2ecf-5fe5-b13c-9fac29bd1287/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/c/a8/ca86c65d-2ecf-5fe5-b13c-9fac29bd1287/6586040fa646e.preview.jpg?resize=195%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d459671dad1bdec30c17c8f532bcf4482b7d1f3813aeedbe635230d5f3003cf5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=5625
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6586040fa646e.webp"
content-length
4700
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 21:47:59 GMT
server
cloudflare
x-vcache
MISS
etag
"2ea63f2c87e71307349d43323c772fc7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece5f5c2c55b1-SYD
expires
Sat, 21 Dec 2024 22:07:05 GMT
record
consent.api.osano.com/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-66.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
x-amzn-trace-id
Root=1-658688c3-4da5fd7d4e3e0f8c2063b88e
x-amzn-requestid
a9a44f58-d186-42b6-8f4d-c250dec5ac0f
x-cache
Miss from cloudfront
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id
QYpOiF3LoAMEQVg=
x-amz-cf-id
4P-8Lk0BqIJtn9sQ_qRgfs_eU8r2spqSQ7BJNFujk6aEtCGrIRxwVQ==
gtm.js
www.googletagmanager.com/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
707e10ec7e658aaec9328c3fc145ca4555966e3ae1eb555bad8a2ce737c3c9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54577
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Dec 2023 07:14:10 GMT
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-66.syd62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 23 Dec 2023 07:14:10 GMT
via
1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
x-amz-apigw-id
QYpOcEnGoAMElDw=
x-amz-cf-id
7LJysURmTJt9tTMvMtXfH07glx7wYn9BesduCIsGIqc2Df24WfTGRg==
x-amz-cf-pop
SYD62-P2
x-amzn-requestid
772b914b-4723-48d3-b51c-a05d4d074451
x-cache
Miss from cloudfront
/
geo.adspsp.com/ 		5 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.adspsp.com/
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-68.sfo20.r.cloudfront.net
Software
/
Resource Hash
066d7393fb942f95062d13f9884b864256bbdd7340f8a49f472e01a465e51a61

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
via
1.1 924f274426b01d503d2c81865df2443c.cloudfront.net (CloudFront)
x-adb-procip
66.203.112.165, 64.252.173.146
x-adb-rmadr
::ffff:10.0.0.206
x-amz-cf-pop
SFO20-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
x-adb-fwdip
66.203.112.165, 64.252.173.146
content-length
5
x-amz-cf-id
4VpWm4XdfMvwEJ6DuuLIHzXsQU2XoF3hRGxPESriY1z0HW8DCq7Mvw==
2b633c37-29bb-49a9-86eb-5d8fbbb9d09e
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/2b633c37-29bb-49a9-86eb-5d8fbbb9d09e
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:02:13 GMT
content-encoding
gzip
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront), 1.1 82008a7e089b84e7f0a6d8d139a4e3de.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD62-P1
age
718
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Amebat7Quj2CCoqkwspEVYOeiDeOlPSBUugqyLLoD4USxQvXQ1WpCA==
/
adspsp.com/pt/1710310/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/19/1/?a=2,aX0,hU7TgKf1dG&aa=&b=&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj&g=1T42x&u=f0278789:lim1hwav:3i2&v=18g.xc.0.4ha.1.0&m=z&rnd=1703315650638
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 07:09:46 GMT
x-amz-cf-pop
SYD62-P1
age
26651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
QXYkMq6SDFIFbQ0mFMhMK5A4_vbnzR2inlXhqyacEOBDno1sbySXUQ==
8e5a27ee-39dc-4095-a8b8-2d9303ae3ee9
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/8e5a27ee-39dc-4095-a8b8-2d9303ae3ee9
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
5be08efa-96a7-43fa-854a-8590b2b0f496
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/5be08efa-96a7-43fa-854a-8590b2b0f496
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
356eb794-f237-4495-8814-3c0b1c91f9f4
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/356eb794-f237-4495-8814-3c0b1c91f9f4
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Dec 2023 05:52:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4890
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 23 Dec 2023 07:52:41 GMT
gtm.js
www.googletagmanager.com/ 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b8741418c84bcd0f2e5b02e90e81cf5457ef331cbcf3a4eae5b2b5ec54d88733
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71029
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Dec 2023 07:14:10 GMT
gtm.js
www.googletagmanager.com/ 		180 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a7c0c166506a7d3dbb3d6eebd1f7fef83ff748b80265f923d8777263acd4803a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65174
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 23 Dec 2023 07:14:10 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 30 Dec 2023 07:14:11 GMT
fcc48389-4d26-4917-94c0-2517b2517880
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/fcc48389-4d26-4917-94c0-2517b2517880
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
9a67f836-6e4c-483a-a1ba-8d0132beee36
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/9a67f836-6e4c-483a-a1ba-8d0132beee36
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
0199ee0d-57b0-48d6-8700-14fc0bd18fa6
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/0199ee0d-57b0-48d6-8700-14fc0bd18fa6
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/712559.gif?partner_uid=ddeaf6d0-76f8-40d3-866e-b08af67e5dab
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJGRkZWFmNmQwLTc2ZjgtNDBkMy04NjZlLWIwOGFmNjdlNWRhYhAAGg0Iw5GarAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b131d73ec2f8cec3fac155a7b1a43f22a968d8cdbb96a48731d818d5785f3e9c791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiMTMxZDczZWMyZjhjZWMzZmFjMTU1YTdiMWE0M2YyMmE5NjhkOGNkYmI5NmE0ODczMWQ4MThkNTc4NWYzZTljNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiMTMxZDczZWMyZjhjZWMzZmFjMTU1YTdiMWE0M2YyMmE5NjhkOGNkYmI5NmE0ODczMWQ4MThkNTc4NWYzZTljNzkxNDI2YjU0MTdkY2UyMRAAGgwIw5GarAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c6ce206e-8869-49ae-8e5d-54ece5f5db49
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=c6ce206e-8869-49ae-8e5d-54ece5f5db49
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 23 Dec 2023 07:14:12 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=c6ce206e-8869-49ae-8e5d-54ece5f5db49
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.107.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-107-130.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 17:35:23 GMT
content-encoding
gzip
via
1.1 f993a09ee51fef62e3d92f6802c130d4.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
SYD62-P2
age
49128
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
32wIK0DdF7_GinQx0ImHX858EaFh7JFUKkaLMyzjXIPyMbdReZpnAA==
expires
Sat, 23 Dec 2023 17:35:23 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D4QVJDNBRB&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
95d8ea2c9c955069d092eaa001a14cb4dccb86d25a1f16d8abf89346836634ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91624
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Dec 2023 07:14:11 GMT
1490.jsx
cdn-p.cityspark.com/wid/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/wid/1490.jsx?b=1703315650973&on=aHR0cHM6Ly93d3cucmVnaXN0ZXItaGVyYWxkLmNvbS9zcG9ydHMvaGlnaF9zY2hvb2xfc3BvcnRzL3dlc3QtdmlyZ2luaWEtaGlnaC1zY2hvb2wtc29jY2VyLWNvYWNoZXMtYXNzb2NpYXRpb24tbmFtZXMtYWxsLXN0YXRlLXRlYW0vYXJ0aWNsZV82NDNiYzdlMS02ODU0LTVhMDktYmFlZi1hNDE0ODYzNGE3ZjcuaHRtbA==&callback=jsonp1490
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4d829f9168e9642c503e765fbb11219baab92278bf89f3bf2a097bdb79d4e4f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 23 Dec 2023 09:14:12 GMT
date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
strict-transport-security
max-age=0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-25.syd62.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
via
1.1 f3405208f368b682f8c8a96590ab1596.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.register-herald.com
access-control-allow-credentials
true
x-amz-cf-id
ROI0GqfNf_sBC2evNywFO9VTO_qgARZmC5YHj4c2TsMqIWBqochvgA==
e3a98651-ce96-4794-966a-4f8cf54a2a21
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/e3a98651-ce96-4794-966a-4f8cf54a2a21
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		108 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
v4gxLFp6LN_bb5C9d7c7Yd6l6kCPxU1z
content-encoding
br
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 07:13:37 GMT
x-amz-cf-pop
SYD62-P1
age
40
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 05 Dec 2023 14:57:24 GMT
server
AmazonS3
etag
W/"b2b7a401bd4f0de0145925b43c4e7c21"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
71c_u62yTPYa2apiXRGTHcd_TXJ0282ctBPbOkGhJ79CZj0sOHB1Aw==
collect
www.google-analytics.com/g/ 		0
177 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D4QVJDNBRB&gtm=45je3bt0v9101195585z871530764&_p=1703315650340&gcd=11l1l1l1l1&dma=0&cid=478712700.1703315651&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1703315651&sct=1&seg=0&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5914
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4QVJDNBRB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
794ab83d-5397-4538-a48a-b0df99b2dbc0
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/794ab83d-5397-4538-a48a-b0df99b2dbc0
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
publisher:getClientId
ampcid.google.com/v1/ 		78 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
8wBdC1fvjthSTrFspxDO4VzVvdAFdrfL
content-encoding
gzip
via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 05:59:25 GMT
x-amz-cf-pop
SYD62-P1
age
4644
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 09 Oct 2023 16:01:47 GMT
server
AmazonS3
etag
W/"b1f2fbddf3135863ad45acc993d27497"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
aUcPnb3nfjbErh938hdec7WFvG96ugdS4PY4hSPm_COmrrKGNUklJA==
destination
www.googletagmanager.com/gtag/ 		256 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9520a7f431e43309b389650953584d8233c55efaea0531982002acd393df3c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89115
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Dec 2023 07:14:11 GMT
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 15:25:54 GMT
x-amz-version-id
1zRCYnTqT7b5Sp5inLUGARXloL6P112m
content-encoding
br
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
748098
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 11 Dec 2023 23:39:44 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
eNjsAudBRQBrPEswqD2cg_jh06UNpONxvQPxre5NFGKk_IZwc5qQFg==
config.js
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 		134 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0355fcf8d980ee5ebc0c7b23851ab5399b48cf235cfa6094b27247e16d99104b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 13:06:33 GMT
server
cloudflare
x-amz-request-id
Y02C9NRHES2MXMZK
age
507
etag
W/"1f129d6340f591475ea604a5836577d8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
839ece66ded35747-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/o4KAWyNeNYF+5Qnl4h3CtU2XnGAQNkFwJ5BiuKO8dBRXeG0Ftkh+CXnksglp4hWLnwiTnaNeXk=
76d34023-1046-4014-81e0-98f6070447c7
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/76d34023-1046-4014-81e0-98f6070447c7
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
7985e080-3c38-43d0-b608-b86302ebef34
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/7985e080-3c38-43d0-b608-b86302ebef34
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.89.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-89-160.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 14:41:26 GMT
x-amz-version-id
Cj5RE9x0WySTbVJtnwQumAziMT2di.4o
content-encoding
br
via
1.1 494cf20e0ce70f4820c6273552d3e1f6.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
750766
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 11 Dec 2023 23:39:43 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
ypGcINQrkmcVTugaOqmTr3AN7P3Cx8H9oZ_ZjXoDIRz600cRlKqKEQ==
liveView.php
live.primis.tech/live/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
e1fe0a3e5557f09902b036d83d09e45c5a8fba7a7c5556561a67b4ac329de9d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
8FK9HTEWPZQa2BuhquAqU-Cyd7ny-K1R8KE0vxhK4fkGPFgduYafTg==
p
api.segment.io/v1/ 		21 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-52-117.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:11 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
50a6bf9e-2e04-48d8-9da3-bf7857460c69
config.aps.amazon-adsystem.com/configs/ 		564 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/50a6bf9e-2e04-48d8-9da3-bf7857460c69
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-2.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
31b557bf3bd8a6a3b2c92478023a5a67f1a1a2b1da9f9c4dcff620c3e30385b6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 06:32:42 GMT
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P2
age
2489
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
O4cktrsgo1On3zW4fUtgjwqPFCpF9tYpz3wTh_P7lVWEBoK5i5Oxlg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.register-herald.com&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:09:46 GMT
via
1.1 82008a7e089b84e7f0a6d8d139a4e3de.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P1
age
264
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.register-herald.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Sk1GgKVbS2g_-W48B89_O86ODR_GIU5A0i-haIXVJ62WtUOqfGIQTw==
collect
analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je3bt0v887101457z8861227858&_p=1703315650340&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=478712700.1703315651&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&sid=1703315651&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.content_id=643bc7e1-6854-5a09-baef-a4148634a7f7&ep.canonical_url=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ep.content_type=article&ep.canonical_content_id=643bc7e1-6854-5a09-baef-a4148634a7f7&ep.content_publish_date=2007-11-19T23%3A51%3A00-05%3A00&ep.content_group=%2Fsports%2Fhigh_school_sports&epn.townnews_crm_group_id=13&ep.generator=BLOX&ep.generator_version=1.72.3&tfd=6221
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=478712700.1703315651&gtm=45je3bt0v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=478712700.1703315651&gtm=45je3bt0v887101457z8861227858&aip=1&dma=0&gcd=11l1l1l1l1&z=1209557998
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		184 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&pid=1JYmS1CvoF8qx&cb=0&ws=1600x1200&v=23.1211.1645&t=1200&slots=%5B%7B%22sd%22%3A%22adb_mediumRectangle_btf2_flex%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22registerherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_btf1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22registerherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_mid%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22registerherald%2Ftotalaudience%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
5725b411f283e0e88cbc5b829cad2caf7b78da6771a47b0aee9a55bae0e87639

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
184
x-amz-cf-id
bs2RVs9JVNU76m7d3smOplvdhR1-X3tW-CkR86WGia3GMkRDEHwGVw==
/
adspsp.com/pt/1710310/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/1/2/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=1//3-6^8c`6y.8c`go:4@540161677^8c`6y,5@11747857^8c`6y,10@206474^8c`6y,33@RdDNDHspumwjeZ0rUNnd0pI3^8c`6y_5^8c`6y.8c`go:4@540161676^8c`6y,5@11747850^8c`6y,10@206473^8c`6y,33@QelwClNwBTEkTmmySB7CPYkI^8c`6y_14^k8`2i.qy`6y:4@540161674^k8`2i.qy`6y,5@12812950^k8`2i.qy`6y,6@6708^k8`2i,6@6708^qy`6y,10@213819^k8`2i,10@213819^qy`6y,33@ccVECva4DSFcmufUCsC4hRze^qy`6y,33@RhAhHL3X0jLoZaEznwQUyb71^k8`2i,172@CNHI^k8`2i.qy`6y&bu=U1900760d1e2b6,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&bu=U3b430bad35360a,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&bu=U6fe8f6759cd351,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj&g=1T4tk&u=f0278789:lim1hwav:3i2&v=18g.xc.0.4km.1.0&m=z&rnd=1703315651597
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
prebid
bids.concert.io/bids/ 		22 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/bids/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
via
1.1 google
x-lat-long
-33.868820,151.209295
x-powered-by
Express
x-region
AU
x-city
Sydney
x-cipher-suite
1301
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-response-time
1090.773ms
x-tls-version
TLSv1.3
server
Google Frontend
etag
W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
x-cloud-trace-context
1efc98a31c76aa31fbd125acad3c235a/17963883463101974493
access-control-allow-credentials
true
x-region-subdivision
AUNSW
prebid
ib.adnxs.com/ut/v3/ 		19 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
an-x-request-uuid
200343bf-1cb6-4c6e-a997-60a23b3cafbc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
cnhi-d.openx.net/w/1.0/ 		175 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnhi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c576c29a-e71d-4c78-93bb-8b44ddd21454%2C0bb43665-79ae-4963-b977-446d17a8c09e%2C81ff6ae8-7d72-471c-8e61-ad39b0747fc4&nocache=1703315651602&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D&gdpr_consent=&gdpr=0&aus=300x250%2C300x600%7C300x250%2C300x600%7C728x90%2C970x250&divids=adb_mediumRectangle_btf2_flex%2Cadb_mediumRectangle_btf1%2Cadb_leaderboard_mid&aucs=%252F9869277%252Fcnhi%252Fregisterherald%252Ftotalaudience%2523adb_mediumRectangle_btf2_flex%2C%252F9869277%252Fcnhi%252Fregisterherald%252Ftotalaudience%2523adb_mediumRectangle_btf1%2C%252F9869277%252Fcnhi%252Fregisterherald%252Ftotalaudience%2523adb_leaderboard_mid&auid=540161677%2C540161676%2C540161674&aumfs=50%2C50%2C50
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
eb8bcc9fb29ef5e98bc24b59fb082a9cac95238417344ec640516af8a766b585

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.register-herald.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=206474
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92dd54fcb92e5631748dee0ef6af5079fa30f246b01a41d3c35abe10c080ae1c

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYhFR0FkXcuDrREFYEtNdKD0bUTbH875EFXExi0hVTVuFqvjikeakyHeFpoBs5bul0Auej%2F3ckTs0Lr%2FNCDTTK4CZkhRJseE0T0682NfCBgcDkEgOaDC7TBHAI8slSQqiDdRTmCO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
839ece669e63a89e-SYD
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
v1
btlr.sharethrough.com/universal/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:12 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:12 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:12 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:12 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=60837829352&lsavail=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:11 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
core-top-6686fd85aa87d8638119b9a1c4afcb1c.js
cdn.smugmug.com/include/js/smugpage/ Frame EC5F 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/smugpage/core-top-6686fd85aa87d8638119b9a1c4afcb1c.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
92f3ce484e494ebeaaae88dbad81595e54f245f10833242715677693c4af8351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Referer
https://photos.register-herald.com/
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

smug-static-cache
Fresh MD5
content-encoding
gzip
content-md5
YXTuZcgmp+d8NRx3ZQDfxg==
x-ttfb
0.0077
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
1676340
edge-control
public, max-age=31536000
x-smugmug-values
3/5 - Deliver Awesome
etag
"6174ee65c826a7e77c351c776500dfc6"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Mon, 02 Dec 2024 21:35:12 GMT
date
Sun, 03 Dec 2023 21:35:11 GMT
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=ec58e149, d=i-014fddba70edea3a8
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
27148
x-request-id
47da8653
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.8.189:1223924
timing-allow-origin
*
x-extra
1701639311.7288
x-amz-cf-id
Iz-k0M_lAhJkShLBpe6NDIhllauR93zlLiLKVcL1bnkh4pMUmpUidg==
core-config-1b71f11c41a1cc03a77fa8fb2082462e.js
cdn.smugmug.com/include/js/smugpage/ Frame EC5F 		351 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/smugpage/core-config-1b71f11c41a1cc03a77fa8fb2082462e.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
0c7423a6f212d19b86954579c93ceeaac2c8e8c38145708f206d19cbbf8ad124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Referer
https://photos.register-herald.com/
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

smug-static-cache
Fresh MD5
content-encoding
gzip
content-md5
xPP5qE7L16SEp7U/h+FplA==
x-ttfb
0.0079
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
844
edge-control
public, max-age=31536000
x-smugmug-values
4/5 - Dare
etag
"c4f3f9a84ecbd7a484a7b53f87e16994"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sun, 22 Dec 2024 07:00:07 GMT
date
Sat, 23 Dec 2023 07:00:07 GMT
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=e8889be1, d=i-0c48950d61e1b36bb
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
49266
x-request-id
063893f1
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.15.140:569246
timing-allow-origin
*
x-extra
1703314807.095
x-amz-cf-id
rSuvIpCW3yipiMv4bVqMNhjN21cIj3PHq4YUK0W95LIg8f7Ur-6bRA==
stylesheet.css
cdn.smugmug.com/img/fonts/sofia-pro/v2/ Frame EC5F 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
bac8ee57b7086f2eac3c07d0852d819ba937a57c16304f9065dfdafbf141d795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 12:07:14 GMT
content-encoding
gzip
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
content-md5
HOhv4frU3LMoVBoaYp+i5A==
x-ttfb
0.0927
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=e8889be1, d=i-02f140aa00a45f69b
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
68817
x-smugmug-values
1/5 - Grow Together
content-length
519
x-request-id
d5ed2c2f
x-ua-compatible
IE=edge
last-modified
Fri, 10 Jun 2022 22:58:54 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
etag
"1ce86fe1fad4dcb328541a1a629fa2e4"
x-frame-options
DENY
x-ttfb-l
519
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=86400
x-s
100.12.215:36832
x-amz-cf-id
dCYyo_qJbJctDX9-xxhkcowj9VM8rGFsz8Yrgfj2LQpPOjyYd-irvQ==
expires
Sat, 23 Dec 2023 12:07:14 GMT
core-b0fab27e417371f8ca2c98bdec5fa440.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame EC5F 		371 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-b0fab27e417371f8ca2c98bdec5fa440.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
296b0fc5bac2f4b01c82cf1e32949b3a9bdf9ab3ac70055b38d62ff86a008102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

smug-static-cache
Fresh MD5
content-encoding
gzip
content-md5
Th6W4pZuaC0k5pThraxf8w==
x-ttfb
0.0078
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
290022
edge-control
public, max-age=31536000
x-smugmug-values
5/5 - Empower Passion
etag
"4e1e96e2966e682d24e694e1adac5ff3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 18 Dec 2024 22:40:29 GMT
date
Tue, 19 Dec 2023 22:40:28 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=ec58e149, d=i-056aa31eb47ae9caa
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
61939
x-request-id
6414a735
x-ua-compatible
IE=edge
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.9.11:3253808
x-extra
1703025628.7704
x-amz-cf-id
MTvBVMl_UqdMT43gH1gNpHFL62FAxh8PuYRMx-oVTLw9wNcEqaBjAw==
widget_bundle-f19f21f392c38da23d0c757e9f2e1c74.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame EC5F 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/widget_bundle-f19f21f392c38da23d0c757e9f2e1c74.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
20be563783d954378502e12eefbffbc1177859da7a39fdc6c36c6270de57ba22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

smug-static-cache
Fresh MD5
content-encoding
gzip
content-md5
GBFdYIF5HaSznKCWY9UqEw==
x-ttfb
0.0078
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
1859241
edge-control
public, max-age=31536000
x-smugmug-values
5/5 - Empower Passion
etag
"18115d6081791da4b39ca09663d52a13"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
expires
Sat, 30 Nov 2024 18:46:50 GMT
date
Fri, 01 Dec 2023 18:46:50 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=ec58e149, d=i-044d177092e9ea5d2
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
9061
x-request-id
6617356f
x-ua-compatible
IE=edge
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.8.117:847410
x-extra
1701456410.2059
x-amz-cf-id
wKlxYB1EsPTltU0ANEzWJGXeAeKM7PIZsoGpEENH63MnkGfKTAD9dw==
gallery_bundle-2e1659080f931bddc7fbfb7c12b9b6cd.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame EC5F 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/gallery_bundle-2e1659080f931bddc7fbfb7c12b9b6cd.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
34729eea1d3a08549f5adff84fd00dda80a970a7e901e1eea37853abdf3ed10a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

smug-static-cache
Fresh MD5
content-encoding
gzip
content-md5
bsFSQDRKdh7Z4h02OqE5Tg==
x-ttfb
0.0112
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
290023
edge-control
public, max-age=31536000
x-smugmug-values
2/5 - Thrill Our Customers
etag
"6ec15240344a761ed9e21d363aa1394e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
expires
Wed, 18 Dec 2024 22:40:29 GMT
date
Tue, 19 Dec 2023 22:40:28 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=4cf206a9, d=i-0294418b97804dbda
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
19460
x-request-id
654f7225
x-ua-compatible
IE=edge
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.0.34:1594346
x-extra
1703025628.5763
x-amz-cf-id
UnlYR2ykWHA_kEGQ2YuHQt7wavAnfyswendD-iRfBnNkW7PmDX8T8w==
smugpage-ZCZJV2U3.js
cdn.smugmug.com/include/js/bundles/ Frame EC5F 		222 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/smugpage-ZCZJV2U3.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
4176afdb4de951e527de41e62d7f04bdb6ede641633dd24bbc412be5d089037b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox;
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox;
X-Frame-Options DENY

Request headers

Referer
https://photos.register-herald.com/
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; sandbox;
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 22:40:33 GMT
strict-transport-security
max-age=31536000
x-ttfb
0.0071
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-08a55b47d3acc8c5f
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
290018
x-smugmug-values
3/5 - Deliver Awesome
x-request-id
e872bc0e
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
222
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-s
100.9.49:1700824
timing-allow-origin
*
x-webkit-csp
frame-ancestors 'none'; sandbox;
x-amz-cf-id
fPun98bdRAKPjkDfGwj5RItP64p-6DSA3juMMyj2J0zQUUncyxPvow==
x-content-security-policy
frame-ancestors 'none'; sandbox;
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
S49V8A6ED51TYJV4
age
1958227
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
839ece670ef75747-SYD
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M7jSThfOlPjEzRAkVokyTJR2zZeuot6QPKFH28IVW3TWGCNHGmrL7VbJ1muTL6BB/Pn5PQKceS8=
publisher:getClientId
ampcid.google.com.au/v1/ 		3 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com.au/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
icons-large-defs-af509ac6af9feb4f95b8c88fc7551ac6.svg
cdn.smugmug.com/include/svg/build/ Frame EC5F 		62 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/svg/build/icons-large-defs-af509ac6af9feb4f95b8c88fc7551ac6.svg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
52878b5aaf6a34d1a0a17e6163c67c72ea59b5419ec553f8f9b5ed3f06c7df58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:15:28 GMT
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-ttfb
0.0101
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
surrogate-control
public, max-age=31536000
x-env
a=live, b=www, c=e8889be1, d=i-04fe365944ae0d113
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
edge-control
public, max-age=31536000
x-amz-cf-pop
SYD62-P1
x-smugmug-values
5/5 - Empower Passion
age
1918723
x-request-id
2b29d18f
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
63709
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-s
100.13.233:571278
x-amz-cf-id
JI17x_SBWQW89fACdfm_sAVqUFl9JdJ2o8ykR9TEZVVqsig-9O3DDA==
expires
Sat, 30 Nov 2024 02:15:28 GMT
icons-small-defs-2ea8b83b5c47f4ff0a4819e6501cf06e.svg
cdn.smugmug.com/include/svg/build/ Frame EC5F 		43 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/svg/build/icons-small-defs-2ea8b83b5c47f4ff0a4819e6501cf06e.svg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
b6d9a34c91bcb65fc4c08271a299444722cec66420409ad095a61aeb57085674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:35:08 GMT
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-ttfb
0.0098
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
surrogate-control
public, max-age=31536000
x-env
a=live, b=www, c=e8889be1, d=i-079215597b444a112
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
edge-control
public, max-age=31536000
x-amz-cf-pop
SYD62-P1
x-smugmug-values
3/5 - Deliver Awesome
age
1676343
x-request-id
15062439
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
44440
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-s
100.15.244:219744
x-amz-cf-id
fK3mTp10Yd2UJvODUv0eSjssekRwJ5wOrccG6eV0QSw72xBGJlNNPw==
expires
Mon, 02 Dec 2024 21:35:08 GMT
rules-p-eb6rW8CarLDWY.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-eb6rW8CarLDWY.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-82.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 06:58:00 GMT
via
1.1 4531d36bddcd36b16bc48daff001c13e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
1174
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 16:26:57 GMT
server
AmazonS3
etag
"ea52eb301590b357d6e197d77eac3ab0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
bJxRBNGWnprXjKRBtNT8uOYQtuAZH6GXnmLV2c5cjGjKge4p3EYTLQ==
chunk-GZ2P37CK.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame EC5F 		69 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-GZ2P37CK.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
1cf62aa1786697a0b6dd2cdd8381ba9d0dce4c0e3d59c7275abe088cabc96387
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox;
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox;
X-Frame-Options DENY

Request headers

Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-ZCZJV2U3.js
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; sandbox;
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Sun, 03 Dec 2023 21:44:48 GMT
strict-transport-security
max-age=31536000
x-ttfb
0.012
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-0f4f5521a40cb9428
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1675763
x-smugmug-values
2/5 - Thrill Our Customers
x-request-id
447bbae1
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
70426
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-s
100.11.6:122395
timing-allow-origin
*
x-webkit-csp
frame-ancestors 'none'; sandbox;
x-amz-cf-id
J8yqCUs5WM9GPP-e_J2yaTJ_75uPIx-q_bZiJ9N-8nM_UYjwAbgD3A==
x-content-security-policy
frame-ancestors 'none'; sandbox;
chunk-M5TLPFGN.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame EC5F 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-M5TLPFGN.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
d57839eea92c7dfb83adca8a7498d6c01be43afeefcffc89ce6f0c17e8439e5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox;
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox;
X-Frame-Options DENY

Request headers

Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-ZCZJV2U3.js
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; sandbox;
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Sun, 03 Dec 2023 21:35:07 GMT
strict-transport-security
max-age=31536000
x-ttfb
0.011
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-0878c8665021b37f9
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1676344
x-smugmug-values
2/5 - Thrill Our Customers
x-request-id
239cc25e
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
68196
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-s
100.8.223:1030047
timing-allow-origin
*
x-webkit-csp
frame-ancestors 'none'; sandbox;
x-amz-cf-id
S1AMnjS1RrB4A3LQ_J-dM2ImnbVnaI2qfRTCzsUkWUxm_fKq9tcEOA==
x-content-security-policy
frame-ancestors 'none'; sandbox;
chunk-7LYQVOJ5.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame EC5F 		229 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-7LYQVOJ5.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
421946ad55afbff6d34f3f8f1e31f11f6ef9c712101fa0fac71db64288857949
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox;
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox;
X-Frame-Options DENY

Request headers

Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-ZCZJV2U3.js
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; sandbox;
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 22:40:28 GMT
strict-transport-security
max-age=31536000
x-ttfb
0.0112
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=4cf206a9, d=i-06334588e1ac77cb4
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
290023
x-smugmug-values
1/5 - Grow Together
x-request-id
ec285010
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
234311
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-s
100.2.167:3837936
timing-allow-origin
*
x-webkit-csp
frame-ancestors 'none'; sandbox;
x-amz-cf-id
wOotH5n_0gVhLkLulBeG2u2kKs3xA9uNZrnD0mGlo55eZIETngOs4g==
x-content-security-policy
frame-ancestors 'none'; sandbox;
chunk-XBWCZZZI.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame EC5F 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-XBWCZZZI.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
c6d480141181a6783a60e44be281bbe67612a4db4e64564bf95ca154c559af71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox;
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox;
X-Frame-Options DENY

Request headers

Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-ZCZJV2U3.js
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; sandbox;
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 02:15:30 GMT
strict-transport-security
max-age=31536000
x-ttfb
0.0078
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=e8889be1, d=i-0b70ab8f7941b38a6
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1918721
x-smugmug-values
5/5 - Empower Passion
x-request-id
c28c852a
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
35115
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-s
100.12.27:1202035
timing-allow-origin
*
x-webkit-csp
frame-ancestors 'none'; sandbox;
x-amz-cf-id
721rQ1Ek_H6c-IL5P1hu44TKm2--BEjbA1MBIeAC1dTtIJCrIFxqDg==
x-content-security-policy
frame-ancestors 'none'; sandbox;
chunk-2WSBCPH4.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame EC5F 		2 MB
507 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
818a7b9136912ddc3941b19619f1360f99fd44e6c7d231f969ece0095649d719
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox;
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox;
X-Frame-Options DENY

Request headers

Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-ZCZJV2U3.js
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'; sandbox;
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 22:40:29 GMT
strict-transport-security
max-age=31536000
x-ttfb
0.0098
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=4cf206a9, d=i-038d50bc6f931367c
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
290022
x-smugmug-values
5/5 - Empower Passion
x-request-id
69d07366
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-frame-options
DENY
x-ttfb-l
1714740
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-s
100.2.211:220568
timing-allow-origin
*
x-webkit-csp
frame-ancestors 'none'; sandbox;
x-amz-cf-id
zNmXMNwhG5TfHNkEX0cRYMuWm3zowz3EuOIMkwQ1fHi10ziA3ZlkPw==
x-content-security-policy
frame-ancestors 'none'; sandbox;
pixel;r=553170730;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticl...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=553170730;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html;uht=2;fpan=1;fpa=P0-663990173-1703315651826;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us_privacy=1---;ref=;d=register-herald.com;dst=0;et=1703315652239;tzo=-480;ogl=type.article%2Curl.https%3A%2F%2Fwww%252Eregister-herald%252Ecom%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-sch%2Cimage.https%3A%2F%2Fbloximages%252Echicago2%252Evip%252Etownnews%252Ecom%2Fregister-herald%252Ecom%2Fcontent%2Ftncms%2Fc%2Cimage%3Awidth.200%2Cimage%3Aheight.200%2Ctitle.West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%2Cdescription.The%20West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20all-state%20soccer%20teams%252C%2Csite_name.Beckley%20Register-Herald%2Csection.Prep%20Zone;ses=71d92997-9236-4d3a-be9c-da378ead51b6;mdl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
truncated
/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
img/png
75964bd7-a51a-48fe-9034-20e4158db5c4
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/75964bd7-a51a-48fe-9034-20e4158db5c4
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=2009464020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&dp=%2Fsports%2Fhigh_school_sports%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ul=en-us&de=UTF-8&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUABAAQCACAAI~&jid=1940518361&gjid=519341539&cid=478712700.1703315651&tid=UA-54716522-7&_gid=1487238193.1703315652&_slc=1&gtm=45He3bt0n71PDQV3Nv72758733&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=Yes&cd12=No&cd13=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&cd15=3.155.0&cd16=false&cd17=Page%20View&cd20=643bc7e1-6854-5a09-baef-a4148634a7f7&cm1=400&gcd=11l1l1l1l1&dma=0&z=2016802483
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=478712700.1703315651&jid=1940518361&gjid=519341539&_gid=1487238193.1703315652&_u=aCDAgUABAAQCAGAAI~&z=1350739067
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2009464020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ul=en-us&de=UTF-8&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUABAAQCAGAAIAB~&jid=1793889729&gjid=1260058163&cid=478712700.1703315651&tid=UA-3850501-28&_gid=1487238193.1703315652&_slc=1&gtm=45He3bt0n71MJDQXDv71530764&cd2=1703315650897.hq0yzyoq&cd3=2023-12-23T15%3A14%3A10.897%2B08%3A00&gcd=11l1l1l1l1&dma=0&z=1003860762
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3850501-28&cid=478712700.1703315651&jid=1793889729&gjid=1260058163&_gid=1487238193.1703315652&_u=aCDAgUABAAQCAGAAIAB~&z=243188831
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2009464020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ul=en-us&de=UTF-8&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUABAAQCAGAAIAB~&jid=913814723&gjid=2134920000&cid=478712700.1703315651&tid=UA-2313981-1&_gid=1487238193.1703315652&_slc=1&gtm=45He3bt0n71MJDQXDv71530764&gcd=11l1l1l1l1&dma=0&z=1623438424
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2313981-1&cid=478712700.1703315651&jid=913814723&gjid=2134920000&_gid=1487238193.1703315652&_u=aCDAgUABAAQCAGAAIAB~&z=2040554592
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2009464020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ul=en-us&de=UTF-8&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUABAAQCAGAAIAB~&jid=869260741&gjid=1460626327&cid=478712700.1703315651&tid=UA-101908882-1&_gid=1487238193.1703315652&_r=1&_slc=1&z=493345415
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
46da1ac9767431baa494d3650d97fd01d65c925950f7d41da9b4f1ca8cd4f0df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2009464020&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ul=en-us&de=UTF-8&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section&ea=Load&el=sports%2Chigh_school_sports&ev=1&_u=aCDAgUABAAQCAGAAIAB~&jid=&gjid=&cid=478712700.1703315651&tid=UA-3850501-28&_gid=1487238193.1703315652&gtm=45He3bt0n71MJDQXDv71530764&gcd=11l1l1l1l1&dma=0&z=881534833
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:58:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69349
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
combo.js
cdn.smugmug.com/include/combo/ Frame EC5F 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/combo/combo.js?13c86319&yui/3/cookie/cookie-min.js&yui/3/history-base/history-base-min.js&yui/3/history-hash/history-hash-min.js&yui/3/history-html5/history-html5-min.js&yui/3/event-key/event-key-min.js&yui/3/event-outside/event-outside-min.js&yui/3/attribute-complex/attribute-complex-min.js&yui/3/classnamemanager/classnamemanager-min.js&yui/3/event-focus/event-focus-min.js&yui/3/widget-base/widget-base-min.js&yui/3/widget-htmlparser/widget-htmlparser-min.js&yui/3/widget-skin/widget-skin-min.js&yui/3/widget-uievents/widget-uievents-min.js&yui/3/widget-autohide/widget-autohide-min.js&yui/3/button-core/button-core-min.js&yui/3/button-plugin/button-plugin-min.js&yui/3/widget-stdmod/widget-stdmod-min.js&yui/3/widget-buttons/widget-buttons-min.js&yui/3/widget-modality/widget-modality-min.js&yui/3/widget-position/widget-position-min.js&yui/3/widget-position-align/widget-position-align-min.js&yui/3/widget-position-constrain/widget-position-constrain-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-6686fd85aa87d8638119b9a1c4afcb1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
f631edaf540eea64f3b5382b263e6475001339064c3880ecc0a7d95d09103c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding
gzip
content-md5
nxrLSbC830MMXEN8g7qcOA==
x-ttfb
0.008
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
6515233
edge-control
public, max-age=31536000
x-smugmug-values
3/5 - Deliver Awesome
etag
"9f1acb49b0bcdf430c5c437c83ba9c38"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Mon, 07 Oct 2024 21:26:59 GMT
date
Sun, 08 Oct 2023 21:26:59 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=ec58e149, d=i-0a69d66086e22669c
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
16324
x-request-id
44e28faa
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.11.218:1037834
timing-allow-origin
*
x-amz-cf-id
HPPDCg_SciB5wF0M4Hjw7UvcWLhNwPMUk8mcVxv7qWVx6MyPsCA52g==
combo.js
cdn.smugmug.com/include/combo/ Frame EC5F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/combo/combo.js?13c86319&yui/3/widget-stack/widget-stack-min.js&yui/3/panel/panel-min.js&yui/3/yui-throttle/yui-throttle-min.js&yui/3/dd-ddm-base/dd-ddm-base-min.js&yui/3/dd-drag/dd-drag-min.js&yui/3/dd-plugin/dd-plugin-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-6686fd85aa87d8638119b9a1c4afcb1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
9d26c6f724bc6ac59ccfbd85ceff3ed8454be67845dde1474ff85f2c849b0fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding
gzip
content-md5
/7Id0LrQgdcHsVwpCtDz9Q==
x-ttfb
0.008
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
3682932
edge-control
public, max-age=31536000
x-smugmug-values
3/5 - Deliver Awesome
etag
"ffb21dd0bad081d707b15c290ad0f3f5"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Sat, 09 Nov 2024 16:12:01 GMT
date
Fri, 10 Nov 2023 16:12:00 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=e8889be1, d=i-0ab350f9fdf7ca5d9
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
5541
x-request-id
6f197082
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.13.174:16746
timing-allow-origin
*
x-amz-cf-id
6cXNx6X5OCF5yVGWFUhhB6iARbghR4HNJ86hy4_GDyd8oC3UTxtmAQ==
combo.js
cdn.smugmug.com/include/js/lib/build/combo/ Frame EC5F 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/lib/build/combo/combo.js?sm-facebook/63c5/sm-facebook-min.js&sm-templates-form/1060/sm-templates-form-min.js&sm-fields/95ad/sm-fields-min.js&sm-help-links/ec66/sm-help-links-min.js&sm-panel-draggable/ae55/sm-panel-draggable-min.js&sm-panel/e014/sm-panel-min.js&sm-terms-of-use/e945/sm-terms-of-use-min.js&sm-page-nav-login/e217/sm-page-nav-login-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-6686fd85aa87d8638119b9a1c4afcb1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
69c9e74ee4fc0b5580882e62532ba29af29cb23b9fbb4a57d363b9e7e49ac55d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding
gzip
content-md5
/6DDEVjURWCLUswtGYSMDQ==
x-ttfb
0.0081
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
5744449
edge-control
public, max-age=31536000
x-smugmug-values
4/5 - Dare
etag
"ffa0c31158d445608b52cc2d19848c0d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Wed, 16 Oct 2024 19:33:23 GMT
date
Tue, 17 Oct 2023 19:33:23 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=e8889be1, d=i-0d780c39035c3b188
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
8337
x-request-id
bed0ab36
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.15.167:167731
timing-allow-origin
*
x-amz-cf-id
DkLmhOEyv4ZKpVj8dg0sXo_DuwXsXkbDlR9ueZ6kzS9VVCcAjDvTog==
combo.js
cdn.smugmug.com/include/js/app/build/combo/ Frame EC5F 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/app/build/combo/combo.js?sm-login-helpers/65cc/sm-login-helpers-min.js&sm-login/ecc5/sm-login-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-6686fd85aa87d8638119b9a1c4afcb1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
7353d0c3d4f50bf7eca4c3eb24124bb20e74e1d95b76a84649164e1835f0f7fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding
gzip
content-md5
fa7ESMRwUbdzvif1jf8qkw==
x-ttfb
0.0078
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
1509363
edge-control
public, max-age=31536000
x-smugmug-values
3/5 - Deliver Awesome
etag
"7daec448c47051b773be27f58dff2a93"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Wed, 04 Dec 2024 19:58:09 GMT
date
Tue, 05 Dec 2023 19:58:09 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=4cf206a9, d=i-076bba385628b4c66
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
4098
x-request-id
6844bf21
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.3.16:3511551
timing-allow-origin
*
x-amz-cf-id
bUAHOJxJ_qKfD65pciV6NB6ggUrtkXWMVL0I2WxCPtO8TXzCsIZrug==
18307bf0-2530-4ed5-9fb7-8cf1eb8b8fa8
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/18307bf0-2530-4ed5-9fb7-8cf1eb8b8fa8
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
liveView.php
live.primis.tech/live/ Frame 634A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
b334cd50bd8b17c39eafe048e4005893aabeac05b3775ab6a856b67ebfd9b4b2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SnzKcPY3JaX4S66AfH-245yh84aKNWCIA9x2lwjk9qJov6HrHBssxg==
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-101908882-1&cid=478712700.1703315651&jid=869260741&gjid=1460626327&_gid=1487238193.1703315652&_u=aCDAAUABAAQCAGAAIAB~&z=910338213
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 23 Dec 2023 07:14:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame F80A 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ad7b17f2334f453e6e0353225c2037eef9f8afd66fdad8262c91437e14ee6cdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80229
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Dec 2023 07:14:12 GMT
WidgetTemplate.min.css
cdn-p.cityspark.com/cdn/widget/ Frame F80A 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
66e7656dc57ecf05b433ebae0948744b817616f643cc85099147f0cf89f21bba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 23 Dec 2023 09:14:12 GMT
date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 08 Dec 2023 19:36:08 GMT
server
Microsoft-IIS/10.0
etag
"1da2a0dca6e2185"
x-powered-by
ASP.NET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
angular.min.js
cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/ Frame F80A 		233 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 23 Dec 2023 07:14:12 GMT
age
21446199
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
84345
x-served-by
cache-fra-eddf8230123-FRA, cache-bne12520-BNE
etag
W/"3a3d1-mQhO7M4PisJK9aOZxo7KSLWf0fo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
widgetcombined2.min.js
cdn-p.cityspark.com/cdn/widget/ Frame F80A 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/widgetcombined2.min.js?v=11
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 23 Dec 2023 09:14:12 GMT
date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b701231"
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7200
x-proxy-cache
HIT
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame F80A 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:12 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
c7adfbec-9811-4e41-8a3e-09c9514b50d6
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/c7adfbec-9811-4e41-8a3e-09c9514b50d6
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 23 Dec 2023 05:52:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4891
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 23 Dec 2023 07:52:41 GMT
snowplow_2-20230602110113.js
cdn.smugmug.com/include/js/ Frame EC5F 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/snowplow_2-20230602110113.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

smug-static-cache
Fresh Timestamp
content-encoding
gzip
content-md5
EwuBovMqM+rLBTrFUN6G+Q==
x-ttfb
0.0076
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
surrogate-control
public, max-age=31536000
age
1676342
edge-control
public, max-age=31536000
x-smugmug-values
2/5 - Thrill Our Customers
etag
"130b81a2f32a33eacb053ac550de86f9"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Mon, 02 Dec 2024 21:35:10 GMT
date
Sun, 03 Dec 2023 21:35:09 GMT
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD62-P1
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=4cf206a9, d=i-00d9ba6c381b36a3f
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
content-length
30140
x-request-id
6e13c67a
x-ua-compatible
IE=edge
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
x-ttfb-l
0
x-s
100.3.251:118874
timing-allow-origin
*
x-extra
1701639309.96
x-amz-cf-id
uSpVfamParMvst_i45uYm9BhDt6vNvUkzeSy_y9nAeoKEK6IcCozfg==
cookiemonster.mg
www.smugmug.com/include/js/ Frame 891E
Redirect Chain
  • https://www.smugmug.com/include/js/cookiemonster.mg?returnTo=https://photos.register-herald.com
  • https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com
  • https://www.smugmug.com/include/js/cookiemonster.mg?smsess=468a9e43c5c9c906b43467626e8943bf&skey=092ef9b3d2db14132b302803b6b4f747
15 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.smugmug.com/include/js/cookiemonster.mg?smsess=468a9e43c5c9c906b43467626e8943bf&skey=092ef9b3d2db14132b302803b6b4f747
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
83d49e7e236d7955b241cefcb55edb2c64a5dc48d5c462fc8fe5ffe6b5142da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://photos.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, no-store, no-cache, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
Sat, 23 Dec 2023 07:14:13 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
x-amz-cf-id
BZO19uK9-0tznHyPM-QdwCUBnhVZI0RBT30axF66ksVS3xS6Po56GQ==
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
x-env
a=live, b=www, c=4cf206a9, d=i-07b1a43352839222d
x-powered-by
SmugMug/1.0
x-request-id
5b72895f
x-s
100.3.154:662997
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
3/5 - Deliver Awesome
x-ttfb
0.0082
x-ttfb-l
15
x-ua-compatible
IE=edge

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Dec 2023 07:14:13 GMT
Server
nginx
cache-control
private, no-store, no-cache, max-age=0
expires
Sat, 23 Dec 2023 07:14:13 GMT
location
https://www.smugmug.com/include/js/cookiemonster.mg?smsess=468a9e43c5c9c906b43467626e8943bf&skey=092ef9b3d2db14132b302803b6b4f747
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
smug-cdn
cloudflare (via photos.register-herald.com)
x-env
a=live, b=www, c=e8889be1, d=i-0dc469879d96a638b
x-powered-by
SmugMug/1.0
x-request-id
26245c0d
x-s
100.15.139:434012
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
1/5 - Grow Together
x-ttfb
0.0095
x-ttfb-l
0
x-ua-compatible
IE=edge
/
photos.register-herald.com/services/api/json/1.4.0/ Frame EC5F 		30 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&returnModelList=true&idCopy=true&PageNumber=1&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.7.58.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-58-147.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
6d889b5aa8c7222a8815cb082d472a5a5826f46c0570e721b1e2aac09910330c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept
application/json
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
baggage
sentry-environment=live,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=6b061a1787024952ad50162568d3e266,sentry-sample_rate=0,sentry-sampled=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
sentry-trace
6b061a1787024952ad50162568d3e266-a6ccdf9d02e0d8d3-0

Response headers

Date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
x-ttfb
0.0707
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug-API/1.4.0
Transfer-Encoding
chunked
x-env
a=live, b=www, c=e8889be1, d=i-0dc469879d96a638b
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
4/5 - Dare
Connection
keep-alive
api-method
rpc.gallery.getalbum
x-request-id
bb005393
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
x-ttfb-l
30271
cache-control
private, no-store, no-cache, max-age=0
x-s
100.15.139:433233
expires
Sat, 23 Dec 2023 07:14:12 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=eprpqj&adnum=377292
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 fcfb767b5ad15bbc6d9e5b12d89c5172.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
999870
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
LgK6MLJvs8iLpDMPHBnZdtjJL1SmBlay3sv_TcWxsxCHfVsWsbJRcA==
/
www.register-herald.com/tncms/search/mlt/ 		16 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/tncms/search/mlt/?origin=643bc7e1-6854-5a09-baef-a4148634a7f7&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e16e7e02ddcb64645a20673667dbaa4db3d8969828673aa94fd27080c7272c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-length
5207
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 29 Jul 2014 23:05:56 GMT
x-vcache
MISS
etag
W/3ade88786c46b42c18c32d62f933fb04
x-frame-options
SAMEORIGIN
vary
X-IPCountry, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.72.3; app21; 0.07s; 2M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
iu3
s.amazon-adsystem.com/ Frame B24C
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&dcc=t
354 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&dcc=t
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
ff3c803cfd295d79144ff2e5d3baeacb6b4e84ac721be1d71128a5339f14317f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
354
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 23 Dec 2023 07:14:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3VX4WS062EE13H4PBWGD

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 23 Dec 2023 07:14:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W7QSYXPR8ACZG9G41D5T
index.js
cdn.viafoura.net/entry/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/entry/index.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-63.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06dab1aec38a24a4278e4107e18b2500f118e6a7897d41135c111aa9e6680ab4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
aG3seF3kXMLh6jy6qFgZJudJrKm5RwC.
content-encoding
br
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 07:11:45 GMT
x-amz-cf-pop
SYD62-P2
age
148
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 11 Dec 2023 20:16:34 GMT
server
AmazonS3
etag
W/"45e0fb924328dd1beea8be74d8c7d376"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=600,s-max-age=60
x-amz-cf-id
ED7fPTpPOjQmw8YImAZQHfMXf3SXmUQ-Gmb6VP4GncGvmz1Zq880pg==
diberp-tcx-v7.13.0.js
www.americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 11:05:56 GMT
content-encoding
gzip
age
590897
x-guploader-uploadid
ABPtcPpQV1w2XmLVTRNqfSV2zj8mV1tVK6SG98Fxw5DDhLObFmkqidrcQmWE9XE4idR65DeXWZ3EwTJDa7IAEv8C0Ll-
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Sun, 15 Dec 2024 11:05:56 GMT
truncated
/ Frame F80A 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon.woff
cdn-p.cityspark.com/cdn/widget/fonts/ Frame F80A 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-p.cityspark.com/cdn/widget/fonts/icomoon.woff?-35bf
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Origin
https://www.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 23 Dec 2023 09:14:13 GMT
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b700e5c"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=7200
accept-ranges
bytes
content-length
2012
x-proxy-cache
HIT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cnhi.com&p=%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&u=BePkhB-YLbXCBq5VZ&d=register-herald.com&g=34377&g0=registerherald&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7564&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&b=7515&t=hrJcuCbeVUABAlkYcCuurtKJZfXR&V=143&i=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&tz=-480&sn=1&sv=Cjwd5DDYSA5lCujOU_1a3I3DX17PT&sr=external&sd=1&im=061b0ffa&_
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.251.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-251-225.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:13 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		160 KB
28 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1075877514219374&correlator=4395088999380227&eid=44807747%2C31079527%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Cweatherhousead%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4&prev_iu_szs=120x60%2C120x60%2C120x60%2C300x250%2C300x250%2C728x90%7C970x250&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703315652891&lmt=1406675156&adxs=145%2C1190%2C1350%2C650%2C1180%2C120&adys=72%2C2521%2C2521%2C6200%2C2511%2C169&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&vis=1&psz=433x0%7C300x0%7C300x0%7C530x1%7C300x10%7C1360x40&msz=120x0%7C120x0%7C120x0%7C500x0%7C300x0%7C1360x0&fws=4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=478712700.1703315651&ga_sid=1703315653&ga_hid=2009464020&ga_fc=true&dlt=1703315649586&idt=906&prev_scp=pos%3Datf%26adb_imp%3D1%7Cpos%3Dbtf1%26adb_imp%3D1%7Cpos%3Dbtf2%26adb_imp%3D1%7Cpos%3Dbtf2%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf1%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf2%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&cust_params=section%3Dsports%252Fhigh_school_sports&adks=3340913407%2C1354580610%2C1354580611%2C2887631201%2C3311734294%2C2439515184&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
c6a1bec9809b12d5a667f4b3e5e21ad8d11b7f94113196cfd1b3107ce1e1d640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28177
x-xss-protection
0
google-lineitem-id
-2,-2,-1,6424508554,6428961268,6422406940
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-1,138457405804,138458356624,138457143819
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 07:14:13 GMT
expires
Sun, 22 Dec 2024 07:14:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abd18dad-7db0-4de3-ae03-112d583eda5a
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/abd18dad-7db0-4de3-ae03-112d583eda5a
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png?resize=400%2C44
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
2
cf-polished
origFmt=png, origSize=10751
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="627134b320195.webp"
content-length
5364
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 May 2022 13:57:07 GMT
server
cloudflare
x-vcache
MISS
etag
"bdf93259bcd79bd4c05d76c1031b2fce"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece6eea7255b1-SYD
expires
Sat, 30 Nov 2024 13:17:24 GMT
/
adspsp.com/pt/1710310/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/11/3/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=0,1,2,3,4,5:6,7,,5y:8,9,,9g:a,b,,3h:c,d,,9b&b=0,1,8,e,f,5:6,g,,5y:8,h,,9g:a,i,,3i:c,j,,9b&b=0,1,k,l,m,5:6,n,,5y:8,o,,9g:2,p,,eB:2,p,,eB:a,q,,3i:a,q,,3i:c,r,,9b:c,s,,9c:t,u&bi=1,A179417763732db1,6,U1900760d1e2b6,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience,4,540161677,5,11747857,10,206474,33,RdDNDHspumwjeZ0rUNnd0pI3,U3b430bad35360a,adb_mediumRectangle_btf1,540161676,11747850,206473,QelwClNwBTEkTmmySB7CPYkI,14,U6fe8f6759cd351,adb_leaderboard_mid,540161674,12812950,6708,213819,ccVECva4DSFcmufUCsC4hRze,RhAhHL3X0jLoZaEznwQUyb71,172,CNHI&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp&g=2T5v4&u=f0278789:lim1hwav:3i2&v=18g.xc.0.5un.1.0&m=z&rnd=1703315652949
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
deflate.min.js
live.primis.tech/main/js/ Frame 634A 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
server
nginx
x-amz-cf-pop
NRT51-C2
etag
W/"64db4a53-3217"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jK9_J5hquZUL06ZepZki3tOPPPtl5ZcuoR_i3SqLR7E0F4XhBwBewg==
omweb-v1.min.js
live.primis.tech/content/omid/static/ Frame 634A 		39 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
NRT51-C2
etag
W/"64d0ac45-9c3c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uZzHgDexStz4C-9LKcGrWkRuIc6p3PncsCUFVBCvKYD7CL7iDKntgQ==
omid-session-client-v1.js
live.primis.tech/content/omid/static/ Frame 634A 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 08:33:09 GMT
server
nginx
x-amz-cf-pop
NRT51-C2
etag
W/"64d0ac45-1013e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
9BWX2kVRUByOzZcQJn9HtucRzZ6OV1chxZulsaHZoksvVE1ipvGAgA==
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 634A 		258 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:40 GMT
server
nginx
x-amz-cf-pop
NRT51-C2
etag
W/"623b1728-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sh08KtJdmSaKGwqPzZmGs2n37tJaawWZ3exTDXNK-V62HfHRUS9n1Q==
expires
Sun, 22 Dec 2024 07:14:13 GMT
prebidVid.7.16.0_19.min.js
live.primis.tech/content/prebid/ Frame 634A 		552 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
9bbc75a0a2b151cd0d0695a5e2096cb0655302daecb12241849319087b419f46

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:12 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 13:16:47 GMT
server
nginx
x-amz-cf-pop
NRT51-C2
etag
W/"657b003f-8a1f4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uR2SqexXygU6xsHJxOu-6lLVWulevYaF1zGaFu71pZrPbxu5i2iuMQ==
expires
Sun, 22 Dec 2024 07:14:12 GMT
liveVideo.php
live.primis.tech/live/ Frame 634A 		674 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1703315651341&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1703315652&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
1dd295aed62a84467e229c6dcdbb4fecd4dfe18a06fa0581b1fddeda2cd044ff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
iexoRsM0-q1EWYuCHVF9LaO8pN_cLfIOyqucBw40QOKqyNoprls2nw==
tp2
stats-new.smugmug.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stats-new.smugmug.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.158.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-158-103.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://photos.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://photos.register-herald.com
access-control-max-age
600
content-length
0
date
Sat, 23 Dec 2023 07:14:13 GMT
server
nginx
tp2
stats-new.smugmug.com/com.snowplowanalytics.snowplow/ Frame EC5F 		2 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-new.smugmug.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.158.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-158-103.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://photos.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://photos.register-herald.com
date
Sat, 23 Dec 2023 07:14:14 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JD3VHQYLPF&cx=c&_slc=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1b61248f73280d8acdfacf5d5b904bcec38cfb95e7f05c0b55113a4cdae34554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82979
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Dec 2023 07:14:13 GMT
005ee5c5-9482-46ee-8785-c80a59c4a374
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/005ee5c5-9482-46ee-8785-c80a59c4a374
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ajax-loader.gif
cdn-p.cityspark.com/cdn/widget/ Frame F80A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-p.cityspark.com/cdn/widget/ajax-loader.gif
Requested by
Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 23 Dec 2023 09:14:13 GMT
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=0
last-modified
Fri, 01 Dec 2023 16:43:43 GMT
server
Microsoft-IIS/10.0
etag
"1da24758b7019d2"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7200
accept-ranges
bytes
content-length
4178
x-proxy-cache
HIT
b4dfd712-480e-4024-b2c2-9355fa230981.medium.PNG
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/b4dfd712-480e-4024-b2c2-9355fa230981.medium.PNG
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d793f7b358e51a0efdf4f1ec14c40fa77e952ffd31108e8ea70fdb143bda673d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
MISS
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
2zPJN01ehWMRRfuLfKUHzA==
content-length
41837
x-ms-lease-status
unlocked
last-modified
Thu, 31 Jan 2019 23:40:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D687D573F2BDC7
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d445f60f-e01e-007e-0604-24adf6000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
c01ab2b8-8a72-44b5-9c2f-ea43546408d6.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/c01ab2b8-8a72-44b5-9c2f-ea43546408d6.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e6bc4d791420dcc8261c13f735ced73d2cb3f7a888edb1cdedd52496c3e83a4f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
940zwK6GvmVpfPT35CsrMQ==
content-length
67693
x-ms-lease-status
unlocked
last-modified
Thu, 01 May 2014 11:04:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D133443EB6FA3A
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f5634b5b-401e-0015-62ba-ce2a02000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
0d4bcac9-97e1-4cfe-a72e-32ff09bd8022.medium.PNG
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/0d4bcac9-97e1-4cfe-a72e-32ff09bd8022.medium.PNG
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a78a3948ad7bb1d7f64ab2064a1f98bd756369db7fb5ae2662e3a8adc4877e77
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=0
content-md5
IEXZ6SM5+DoTfEGE3RWfIw==
content-length
17333
x-ms-lease-status
unlocked
last-modified
Sat, 01 Dec 2018 06:31:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D65756B064FF39
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
c285a30a-f01e-003f-0e72-fdf512000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:13 GMT
1298d874-c634-4884-bc87-f721627a5027.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/1298d874-c634-4884-bc87-f721627a5027.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e495cf67a02f9ad05bf3383f48c0a421c799d957dc6f645ea7d5f19698eecb34
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=0
content-md5
AL4JVBZhtIms1nTTw0M/Gg==
content-length
37768
x-ms-lease-status
unlocked
last-modified
Fri, 21 Nov 2014 03:31:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D1D352C11CC110
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
2489d649-201e-0003-3421-12dcd5000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:13 GMT
0XZba8nWR02OuE7uDUv3BA.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/0XZba8nWR02OuE7uDUv3BA.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ddedfcd34ffa6bc3ce06bf5ee76ac251f77cf36da59ef61842d52c595cd03033
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=0
content-md5
Z2eM9dL83eaUePvbIw1L1w==
content-length
72960
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jun 2023 17:20:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB740E1C8F9244
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
926e0281-301e-0030-73a4-0e837e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:13 GMT
8f43a9e5-c66f-4c36-8d35-6c2d18aea113.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/8f43a9e5-c66f-4c36-8d35-6c2d18aea113.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7bca9726da087a0a6fdf65de46981d17f81cfad010f87113779cc829ca0f261d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=0
content-md5
PPXvlSP/5TiKtZip02RZ8Q==
content-length
107286
x-ms-lease-status
unlocked
last-modified
Fri, 21 Nov 2014 04:51:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D1D35DF0CDFA8E
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
82c1d556-e01e-006e-6313-0d689e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:13 GMT
cecfa573-9fd1-430d-9517-87c0437b4fc5.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/cecfa573-9fd1-430d-9517-87c0437b4fc5.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4a8539eefbfc8f3c0d8a1a287b6edb6083378a308c717498606c751ed1401ad5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=0
content-md5
c5F2fuIhK7DRDZ4+tDEPbg==
content-length
130632
x-ms-lease-status
unlocked
last-modified
Fri, 18 Oct 2013 01:03:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D099B4F12E3C25
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d4dd822d-c01e-000b-116b-08c6da000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:13 GMT
2V5zCEEoq0WTxPg_CPgfSg.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/2V5zCEEoq0WTxPg_CPgfSg.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82751019365a81df9a2ed6f9d1735b175664b0e48c7ac2b3050d4fbc2ce00f13
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
rja89VT/lTBeoBCA6hNliw==
content-length
33603
x-ms-lease-status
unlocked
last-modified
Wed, 11 Oct 2023 04:14:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBCA10921E3533
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
df2e546e-901e-0006-40d6-0e0e0e000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
cnEoOpK9K02jmG82_aN_7w.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		343 KB
344 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/cnEoOpK9K02jmG82_aN_7w.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cfafda767cb2da7d5331e3525cfe3b02b78671536afd9eb7effa2b108232a954
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
REVALIDATED
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
mCTJ0fdFaTY4XxlINsQoLg==
content-length
351375
x-ms-lease-status
unlocked
last-modified
Sun, 09 Jul 2023 11:23:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB806EE7D6DE34
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
fa3b2918-901e-005b-5327-b4048a000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
jhKpe6EWlE-5MrFwqi6iVQ.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/jhKpe6EWlE-5MrFwqi6iVQ.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
71ab471c226952284e51dac8df3ac9d02b910a5de381e7af381382e301381491
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
K3o/ODY3fjxGxF8pDB40Vw==
content-length
120847
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB740E1D486BF0
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
5ff6418f-f01e-0010-44e1-29f8d9000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
pICGz2t1H06iMCbtScrvRw.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/pICGz2t1H06iMCbtScrvRw.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e04ea830baaeb56a3e9bc4620d3a80f17308cb505c0affb856ce26ddd9e08dab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
8yS1dDpkISFZ6NJCrvSVLg==
content-length
18094
x-ms-lease-status
unlocked
last-modified
Sat, 04 Nov 2023 21:45:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBDD7F583448A9
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
9043adc2-f01e-0072-3db9-1d3afe000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
5O1MhFWdKEizwYv6NxVneA.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		223 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/5O1MhFWdKEizwYv6NxVneA.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4201c50877f79b56b72321b09af458eb6fd625f394b0303c26611093ec6e7c4a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
FSHCCwN8dQOPr3ck0CD89g==
content-length
227845
x-ms-lease-status
unlocked
last-modified
Fri, 04 Nov 2022 11:53:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DABE5B42E1B6D9
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
1f8de9c8-c01e-0024-2941-2acb11000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
8020f925-ad40-4410-a346-467fc5783201.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/8020f925-ad40-4410-a346-467fc5783201.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ab01cfa50aee4bc6c1a157bf5204316b8cc12256a47e8619dc6d9b660b5f81bc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
5ZBRcqDwtCyh2xSN5mG+Lw==
content-length
111529
x-ms-lease-status
unlocked
last-modified
Sun, 11 May 2014 20:37:39 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D13B6FFC2BF6D4
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
a752dd1f-401e-0015-1b91-322a02000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
acedd18f-bc6d-4611-826e-0cfedb0a8148.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/acedd18f-bc6d-4611-826e-0cfedb0a8148.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aaa2d79e5d4827223111a72b2c3d6f123fce5b7a17ee16812d0add434cac49a8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
OqcweEr9sECfUXLuEfmoJw==
content-length
113685
x-ms-lease-status
unlocked
last-modified
Sun, 21 Sep 2014 05:34:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D1A374E109378B
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
dbd875d8-501e-0019-7963-28bd0a000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
dqISsRx-uUq1ri1-UjYlRg.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/dqISsRx-uUq1ri1-UjYlRg.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9eec7ce21de4b10ed581ed0aa1341b90337de0d2082b842d4c73784768c80bff
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
bwkN3jN8Qa9a6if92+mGlw==
content-length
99510
x-ms-lease-status
unlocked
last-modified
Wed, 25 Oct 2023 09:31:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBD53D228B9FC6
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
23741568-001e-0059-67e4-2dba32000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
jMuJK6Ojv0atGe5WjGcKrw.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/jMuJK6Ojv0atGe5WjGcKrw.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d13fa5c201c6be934debd26a6b6b539ce8ef8c7eeb9930f1c538cb956907d541
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
WSMWYD0jUinc/ZGqkXGXUA==
content-length
38665
x-ms-lease-status
unlocked
last-modified
Mon, 25 Sep 2023 05:07:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBBD85421CC3F8
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
6ab5706c-b01e-0073-7be7-246522000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
0aa7c31f-7fd4-426f-9071-961dd969b4d4.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/0aa7c31f-7fd4-426f-9071-961dd969b4d4.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7dfcc9cfdbe4b83c43d71ea2109e68a52ba09b8802b9075d88c06766f6e1562e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
XqmxALj0QzuHsAs1YTnpvw==
content-length
6989
x-ms-lease-status
unlocked
last-modified
Tue, 20 Nov 2018 00:57:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D64E831819960C
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
5d9b0cc8-c01e-0034-2d2c-110e79000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
truncated
/ Frame F80A 		407 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec8db98b4b25ecc3804750f0861b38eba9800d9ae893205ea67a3b44db2f2008

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
bb98f80b-0b3e-4af5-a30e-fa5b197c87e8.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/bb98f80b-0b3e-4af5-a30e-fa5b197c87e8.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a460ff736cf024b7c896b059ce807a0d8d8e6388fcc7a74367f8f6ef25af536c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
4SgGgSbGPy7x6zE+/5qyiQ==
content-length
116002
x-ms-lease-status
unlocked
last-modified
Thu, 01 May 2014 09:21:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D13335E1DF2FB4
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
63485790-501e-0009-3c61-287862000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
a633282f-461d-4c6f-936c-5c1d7edb4319.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame F80A 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn59755463.blazingcdn.net/portalimages/portalimages/a633282f-461d-4c6f-936c-5c1d7edb4319.medium.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2efcf7faa01f245785a42edd419ba726a87d07ebd26e4f7309473772899a684e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
x-ms-blob-type
BlockBlob
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=0
content-md5
r0HaiM/mFmbQBkNbHvVNRQ==
content-length
110977
x-ms-lease-status
unlocked
last-modified
Fri, 11 Apr 2014 01:14:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D1233A8520FE1B
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
9d7b837e-401e-0083-5895-1123d3000000
cache-control
max-age=172800
x-ms-version
2009-09-19
expires
Mon, 25 Dec 2023 07:14:14 GMT
collect
www.google-analytics.com/g/ Frame F80A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je3bt0v9122458175&_p=1703315652530&gcd=11l1l1l1l1&dma=0&cid=1944768880.1703315653&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fwidget%2Fregisterherald%2F1490%2FRegister-Herald%20Events%2F2a13a98a%2F&sid=1703315653&sct=1&seg=0&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&dr=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&dt=WidgetTemplate&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hostname=p.cityspark.com&tfd=618
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
api.viafoura.co/v2/www.register-herald.com/bootstrap/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.register-herald.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.61.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-61-41.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a315ba79603a29db5541ae07ff57c80bf576fdfdf43b6506f46cca00968cd6e9

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-instance-id
i-0343858b0f6c5814a
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Sat, 23 Dec 2023 07:14:14 GMT
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame F80A 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:13 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
nuicons24-v29.woff2
cdn.smugmug.com/img/fonts/ Frame EC5F 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/img/fonts/nuicons24-v29.woff2
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-b0fab27e417371f8ca2c98bdec5fa440.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
507362f936c032885f298fb1432630b4d40262a986629f6872d1426ed05a33a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Referer
https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-b0fab27e417371f8ca2c98bdec5fa440.css
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 21:44:50 GMT
strict-transport-security
max-age=31536000
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
content-md5
zlvY4NJTfNuiiEhGhogpOw==
x-ttfb
0.1425
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-090f15d45a0be687c
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1675763
x-smugmug-values
4/5 - Dare
content-length
21612
x-request-id
0477593b
x-ua-compatible
IE=edge
last-modified
Mon, 22 Aug 2016 17:21:14 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
etag
"ce5bd8e0d2537cdba28848468688293b"
x-frame-options
DENY
x-ttfb-l
21612
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-s
100.8.128:205900
x-amz-cf-id
FjohFTW6KE77XYnBRdNxi2Nj6ywqcrkc-Cfe9c7ATqqNIkg3FCgbeA==
expires
Mon, 02 Dec 2024 21:44:50 GMT
v2!token
photos.register-herald.com/api/ Frame EC5F 		405 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/api/v2!token?APIKey=W0g9oqdOrzuhEpIQ2qaTXimrzsfryKSZ
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.7.58.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-58-147.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
cc0eeeb06bf15479f20e8f3d2131df6c8545d06d5b97ac211090cb6c40d98158
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept
application/json
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
x-ttfb
0.0284
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=4cf206a9, d=i-0294418b97804dbda
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
2/5 - Thrill Our Customers
Connection
keep-alive
Content-Length
268
x-request-id
3ee2924b
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding, Origin
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://photos.register-herald.com
cache-control
private, no-store, no-cache, max-age=0
access-control-allow-credentials
true
x-ttfb-l
405
x-s
100.0.34:2232
expires
Sat, 23 Dec 2023 07:14:12 GMT
/
photos.register-herald.com/services/api/json/1.4.0/ Frame EC5F 		30 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&idCopy=true&PageNumber=1&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.7.58.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-58-147.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
6d889b5aa8c7222a8815cb082d472a5a5826f46c0570e721b1e2aac09910330c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept
application/json
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
baggage
sentry-environment=live,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=6b061a1787024952ad50162568d3e266,sentry-sample_rate=0,sentry-sampled=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
sentry-trace
6b061a1787024952ad50162568d3e266-ae119c5793577f48-0

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
x-ttfb
0.0733
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug-API/1.4.0
Transfer-Encoding
chunked
x-env
a=live, b=www, c=e8889be1, d=i-079215597b444a112
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
1/5 - Grow Together
Connection
keep-alive
api-method
rpc.gallery.getalbum
x-request-id
824fc8b7
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
x-ttfb-l
30271
cache-control
private, no-store, no-cache, max-age=0
x-s
100.15.244:3367985
expires
Sat, 23 Dec 2023 07:14:13 GMT
/
photos.register-herald.com/services/api/json/1.4.0/ Frame EC5F 		30 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&idCopy=true&PageNumber=2&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.7.58.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-58-147.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
6d889b5aa8c7222a8815cb082d472a5a5826f46c0570e721b1e2aac09910330c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept
application/json
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
baggage
sentry-environment=live,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=6b061a1787024952ad50162568d3e266,sentry-sample_rate=0,sentry-sampled=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
sentry-trace
6b061a1787024952ad50162568d3e266-8a2ae8821db3de0a-0

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
x-ttfb
0.0671
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug-API/1.4.0
Transfer-Encoding
chunked
x-env
a=live, b=www, c=e8889be1, d=i-02151b99adfe5e1e1
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
3/5 - Deliver Awesome
Connection
keep-alive
api-method
rpc.gallery.getalbum
x-request-id
c24d71a6
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
x-ttfb-l
30271
cache-control
private, no-store, no-cache, max-age=0
x-s
100.13.9:464098
expires
Sat, 23 Dec 2023 07:14:13 GMT
231110-photo-iceskating-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LfBnqPK/0/abc41d5c/S/ Frame EC5F 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LfBnqPK/0/abc41d5c/S/231110-photo-iceskating-S.jpg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
339af7757e7d0b0e4dbe710ba687e72fbb6371a8911a5cae6d0ab5c7bc149590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:02:59 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
JYIakaAPHwLLBtEa2CI8ew==
x-smug-ph
0.0233
x-ttfb
0.0734
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=e8889be1, d=i-01c6bf18a58bd8db5
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
267073
smug-content-length
56110
content-length
56110
x-request-id
48c19cb3
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:34:56 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 21:02:59 PST
x-response
Buffer
etag
"25821a91a00f1f02cb06d11ad8223c7b"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-LfBnqPK/0/abc41d5c/S/231110-photo-iceskating-S.jpg>; rel="canonical"
x-amz-cf-id
MBvP9t-vXk1nDVh30KArfcpKzxY0O4sEFNQJneC5OvTpVRIIulxSzQ==
expires
Thu, 19 Dec 2024 05:02:59 GMT
231110-photo-healingday-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-rSf22pZ/0/0b688912/S/ Frame EC5F 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-rSf22pZ/0/0b688912/S/231110-photo-healingday-S.jpg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
71c01ed8d44711e5595e581ced6547780ba3378b7c741ed600c9284fcd069399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:03:00 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
vgvmlYz5w1mcaXgVaNs2Kw==
x-smug-ph
0.0225
x-ttfb
0.1153
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=ec58e149, d=i-0e854e668c80f8554
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
267073
smug-content-length
70408
content-length
70408
x-request-id
ce829443
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:34:57 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 21:02:59 PST
x-response
Buffer
etag
"be0be6958cf9c3599c69781568db362b"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-rSf22pZ/0/0b688912/S/231110-photo-healingday-S.jpg>; rel="canonical"
x-amz-cf-id
k4fHXbDJjCx2ecgm0wUbD1oByVN6FoveU6mK-65NkUmQhePSFkNJWg==
expires
Thu, 19 Dec 2024 05:02:59 GMT
2-photo-veteransparade%20002-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-L23XXrP/0/41ea50b5/S/ Frame EC5F 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-L23XXrP/0/41ea50b5/S/2-photo-veteransparade%20002-S.jpg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
b2d9deaece78cb2ba2f912e3c098bed480c59ba7e9855060b6a7fdc934cb0320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:02:59 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
7zHQsmPUU0sPxNcyFexFNg==
x-smug-ph
0.023
x-ttfb
0.073
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0601f12115be9c257
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
267073
smug-content-length
57961
content-length
57961
x-request-id
9a462d1e
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:34:59 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 21:02:59 PST
x-response
Buffer
etag
"ef31d0b263d4534b0fc4d73215ec4536"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-L23XXrP/0/41ea50b5/S/2-photo-veteransparade%20002-S.jpg>; rel="canonical"
x-amz-cf-id
DY8a6vc3VCI75OMumkWOyeR_NV6JOApd1JMKPar3W7nkefvK5kx9hg==
expires
Thu, 19 Dec 2024 05:02:59 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Dec 2023 07:14:14 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JD3VHQYLPF&gtm=45je3bt0v9123094753&_p=1703315650340&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=478712700.1703315651&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&sid=1703315653&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7966
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JD3VHQYLPF&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		184 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&pid=1JYmS1CvoF8qx&cb=1&ws=1600x1200&v=23.1211.1645&t=1200&slots=%5B%7B%22sd%22%3A%22adb_leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22registerherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_floorboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22registerherald%2Frichmedia%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
b588ea72dd5c4473914a375fe8b8fedadd07c9bda7adf15988b2f7778b155925

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
184
x-amz-cf-id
qZTcJYxYUo5Kl4YQiny7Oz6sAZNktKa_sE5lCmYL6du3tVMmQUSz2g==
/
adspsp.com/pt/1710310/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/1/2/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=2//2-3^k8`2i:4@540161673^k8`2i,5@11747832^k8`2i,6@6708^k8`2i,6@6708^qy`6y,10@206471^k8`2i,10@206471^qy`6y,33@PDDWminnzbApknGlqgkxpZCm^k8`2i,172@CNHI^k8`2i_11^qy`2i.k8`2i:4@540327076^qy`2i.k8`2i,5@11908123^qy`2i.k8`2i,6@6708^k8`2i,6@6708^qy`2i,10@302372^k8`2i,10@302373^qy`2i,33@4toHxb5i3eKGPsfolJ10gLL8^k8`2i,33@ZKnbpUBWqDmzqbvOMugL6P14^qy`2i&bu=U6310f4c7c862e88,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&bu=U64b6d0c9a11d5cc,adb_floorboard,%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp&g=2T65r&u=f0278789:lim1hwav:3i2&v=18g.xc.0.5rb.1.0&m=z&rnd=1703315653332
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
spacer.gif
cdn.smugmug.com/img/ Frame EC5F
Redirect Chain
  • https://photos.register-herald.com/img/spacer.gif
  • https://cdn.smugmug.com/img/spacer.gif
43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.smugmug.com/img/spacer.gif
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:15:32 GMT
strict-transport-security
max-age=31536000
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
MlRyYBVx8x4b8AZ0w2jTNQ==
x-ttfb
0.0741
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-056aa31eb47ae9caa
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1918722
x-smugmug-values
3/5 - Deliver Awesome
content-length
43
x-request-id
a71d959b
x-ua-compatible
IE=edge
last-modified
Sat, 20 Jul 2013 19:09:23 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
etag
"325472601571f31e1bf00674c368d335"
x-frame-options
DENY
x-ttfb-l
43
content-type
image/gif
cache-control
public, max-age=31536000
x-s
100.9.11:858287
x-amz-cf-id
70ewd3aHag4oyAqKLIpXlMb2_f6cIZ-zGJNtpIlxOz3Iext4kzIHZQ==
expires
Sat, 30 Nov 2024 02:15:32 GMT

Redirect headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
x-ttfb
0.01
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=ec58e149, d=i-004a0923f7482763a
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
5/5 - Empower Passion
Connection
keep-alive
Content-Length
0
x-request-id
0ce6f6ab
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
x-frame-options
DENY
x-ttfb-l
0
Content-Type
text/html; charset=utf-8
location
https://cdn.smugmug.com/img/spacer.gif
cache-control
private, no-store, no-cache, max-age=0
x-s
100.8.186:950642
expires
Sat, 23 Dec 2023 07:14:13 GMT
regular.woff2
cdn.smugmug.com/img/fonts/sofia-pro/v2/ Frame EC5F 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/img/fonts/sofia-pro/v2/regular.woff2
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
e8b138927bc6dfe8f0c9fcc7b125177e4c442662226023ec28e01671ed333586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Referer
https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css
Origin
https://photos.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:19:10 GMT
strict-transport-security
max-age=31536000
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
content-md5
5HrV4oTYBDD6uP/ALR41oQ==
x-ttfb
0.1332
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=e8889be1, d=i-0ad098646f8420e69
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1918503
x-smugmug-values
5/5 - Empower Passion
content-length
29636
x-request-id
5e3ed9a0
x-ua-compatible
IE=edge
last-modified
Fri, 10 Jun 2022 22:58:54 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
etag
"e47ad5e284d80430fab8ffc02d1e35a1"
x-frame-options
DENY
x-ttfb-l
29636
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-s
100.13.78:2863608
x-amz-cf-id
GICaPodgOjnaiErWneGBqMxSi_MvzfWzsIyBOM2tVvh_LKHpP1vr-w==
expires
Sat, 30 Nov 2024 02:19:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=206471
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce407f7b6547f294980588909a8d544edd7904f293bdda3c8d5ce86383842cf9

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLaMGSvKzb8yNTF1s7SRAhRDcQPLqR0Rkp44WwTLP3eZ20PYVfz2%2F3RKqHOAn3vgxGuI7XomQPRy4cIc7ZOFaVNDKo%2FQRNClr44oKWNKgcllgR44tzkgslOm8%2F6ocTvJWI1g5pC%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
839ece716ca8a89e-SYD
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
cdb
bidder.criteo.com/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=52793973774&lsavail=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:13 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
arj
cnhi-d.openx.net/w/1.0/ 		175 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnhi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6f5e5055-0b91-4491-a824-a10cf8735e42%2C55033da7-6c53-4b97-9a6a-0f8c424c6b06&nocache=1703315653343&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D&gdpr_consent=&gdpr=0&aus=728x90%7C970x90%2C728x90&divids=adb_leaderboard_btf%2Cadb_floorboard&aucs=%252F9869277%252Fcnhi%252Fregisterherald%252Ftotalaudience%2523adb_leaderboard_btf%2C%252F9869277%252Fcnhi%252Fregisterherald%252Frichmedia%2523adb_floorboard&auid=540161673%2C540327076&aumfs=50%2C50
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6c656742fe739c35281189b7a606fc45fd7410f98b7b1112616988a1f7f8467e

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.register-herald.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:13 GMT
an-x-request-uuid
fe050772-8a47-40d2-a3f8-dc4e577cf7e8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
bids.concert.io/bids/ 		22 B
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/bids/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
via
1.1 google
x-lat-long
-33.868820,151.209295
x-powered-by
Express
x-region
AU
x-city
Sydney
x-cipher-suite
1301
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-response-time
488.793ms
x-tls-version
TLSv1.3
server
Google Frontend
etag
W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
x-cloud-trace-context
ebff5e5fec178c50b770714f9bd47d44/1472717926368191552
access-control-allow-credentials
true
x-region-subdivision
AUNSW
/
register-herald-cnhi-pw.newsmemory.com/ 		193 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=3b1f52a7c56ec8e9ce7cfde1b29b68e7&v=3&r=4618
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
632d8dd9ec8cd77742080da2893b43a55ffc1c4ada82518adc2d7c86bedc8c67

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
Last-Modified
Thu, 17 Aug 2023 14:18:11 UTC
Server
Apache
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Keep-Alive
timeout=2, max=299
Expires
Sat, 23 Dec 2023 09:14:13 UTC
v2!prefetch
photos.register-herald.com/api/ Frame EC5F 		190 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/api/v2!prefetch?_shorturis&APIKey=W0g9oqdOrzuhEpIQ2qaTXimrzsfryKSZ&_prefetchImages=only&_verbosity=1&_accept=application%2Fjson&_filteruri=
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.7.58.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-58-147.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
3ba9a07cb4d783c069ce0ae2d5ba581612abbec9104f5198d7b24d4b1db8b0b8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept
application/json
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
x-ttfb
0.0253
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=e8889be1, d=i-052fcf4cd7554454d
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
4/5 - Dare
Connection
keep-alive
Content-Length
191
x-request-id
258a187d
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding, Origin
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://photos.register-herald.com
cache-control
private, no-store, no-cache, max-age=0
access-control-allow-credentials
true
x-ttfb-l
190
x-s
100.12.210:994176
expires
Sat, 23 Dec 2023 07:14:13 GMT
/
adspsp.com/pt/1710310/13/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/13/3/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=0,1,2,3,4,5:6,7,,lZ&bi=1,A179417763732db1,14,U6fe8f6759cd351,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience,172,CNHI&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp&g=2T6bi&u=f0278789:lim1hwav:3i2&v=18g.xc.0.5rb.1.0&m=z&zi=adb_weather_atf,weatherhousead,0,adb_button_btf1&z=0,1,2,2:.,1,120x0,mq,420.0,0,008d&z=3,1,2,2:.,1,120x0,mq,21y0.0,10o,008d&rnd=1703315653539
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
45e2bd8cf04e8e4a6ca88fddb1132a33e5a830d6096
bandborder.com/submit/2b6fcf560/ 		299 B
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/submit/2b6fcf560/45e2bd8cf04e8e4a6ca88fddb1132a33e5a830d6096
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.179.148 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
148.179.110.34.bc.googleusercontent.com
Software
/
Resource Hash
539bdee30c2d40b4dbff1302cd2951cfd6ca20c3988d27af25f84b5cbe66b5fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
x-hostname
fen-hoothoot-asia-east1-test-vdsz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 23 Dec 2023 07:14:13 GMT
container.html
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 93A3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 07:14:13 GMT
expires
Sun, 22 Dec 2024 07:14:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.1 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 07:14:13 GMT
expires
Sun, 22 Dec 2024 07:14:13 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F53F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux6kSDYtgAKLBtBZVec0TZ01dZH5JZmK5RLbqhKsbzMZxgpYG5NGxLAfI1JkGOhE4_JbiACk7aN6uyRiodUOZ6RqcV42EEWU21a6ZnM6TgpdbuNcR4VzzBHytV-WVEZIKtDWfEMdS4G-6kKHH5JkFT6tv8mIFzCVtaav6AxeZKAuanzpqN3gvH7pTuKr6POzyIIm6PZSj7kZNep8DVN6W1U32vvuhy6xMcRdhVei-I9kGA76i6rA-zN3a2ZonOhsEfdhBz7QXwv7KP7AFSbluZ_tH8LwOqLGM0hSQqp6RuZjgADl2joAgm6mr7BjG1ksw7mppQj0H1I3OtKzB4e5fUdN_PG3ldjTlLOJp94T6DsRga-LjRedRuOcL6bnm878nFbOUSBfjBU8sg4B3lvog0aiJy&sai=AMfl-YTyrLYMls-rTvHdvs1a_L4vbV036BG56RUFtaMUsJED4yZ1z6Tg_m-KRbL_6HSi96tvXFhqHwf7BOHe5aSvlytr4NVIHrRW76o9PM0hb9E1-KDTRlrnfJ-k5PrlHHq7QoMF8vDIow1t3MDiBnxT4dMZ&sig=Cg0ArKJSzEJjStMqhHRYEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 07:14:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F53F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 01:53:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F53F 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 07:14:14 GMT
13810539858892574308
tpc.googlesyndication.com/simgad/ Frame F53F 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13810539858892574308
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
d42092f9d6707cf4d96d134bd38e5c8903f90783a625c419c7a78dda1f6bcd6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 22 Dec 2024 03:46:06 GMT
date
Sat, 23 Dec 2023 03:46:06 GMT
x-content-type-options
nosniff
age
12488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48171
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 20:35:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame 9DCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZJT2ViC8onGStyVrc8M1N9TRe6o75cR4UE5xGjy5cuWsqkk-gGOG0mov_NXr2Yu4-VgTQUwq0Qt474zrntRhfH1iVPrzd3Cmr2D3Yfs6venEZ1r6hUszaGU1TFkS9IyGuyhfGcpVk_sb68RNnGW43EReTWnvRCCwVHm8EsxyAvXUdCMAsIgMTftteTwuYDBlGIaQKjS1Yw8uIX6YNAgi9GkcKNlH5aRp4TgsrrsB-AaNFBMNtaLd1C5hLGxiQOhZw6SdKPyK6spJqgZmCeBadnTIkmO7ca3nnTWRb7HrjUNFIFJLUVZSIfREsNyBIk7osOcYpYuAV997KeVZQj1CPasXpMX27PIuvSh-kMKaGpsk3_DJGZWVL1Mo&sai=AMfl-YRMQkJaSjVcWujZD4Rke2-L7aIRiv4JbfRMgfPulQAPcMPpteUHrrC6eqhKAExiKsHV-MaoX_yjoOv8qCuQs9eo6LjMfNMmIvq19mR3qpqQR39kQQJhDLuaiA_x4rVnPGqGkmS5eHNxYawAmOp21gUd&sig=Cg0ArKJSzAF-gLFIIVpiEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 07:14:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9DCA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 01:53:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9DCA 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 07:14:14 GMT
9458328796838900004
tpc.googlesyndication.com/simgad/ Frame 9DCA 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9458328796838900004
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
89b64a549d518b819fbd2042ec56d22960ec33a5035a947f4dcd771a1456d1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 23 Dec 2023 07:14:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38218
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 13:07:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 22 Dec 2024 07:14:14 GMT
truncated
/ Frame F53F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
539f473bb2fa343b219763abd4fc6d2987918673dde4040ce7130acabfabb6de

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9DCA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afc65d9aeb877dae9824ff89b925bb8240b668930b4f318dc94ebd314192b07d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
pr
s.amazon-adsystem.com/v3/ Frame E94A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f65f95d81e79f5aac1a8ba556a504baa07ca44df2fc5fd74b5d425f23fc4ef4e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2345
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 23 Dec 2023 07:14:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
M9WYGJTJYCY2K33Y2R2M
afr.php
ads.as.criteo.com/delivery/r/ Frame 9EDE 		1 B
56 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=ZYaIxQAAhHQDgxo4AA3_F1TOsLZFW4pLKPpGlw&u=%7C29yuZtz%2B9B84vdqztoCws2yL4VbbSb3L8a6W3wiCff4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uyW-RKtW37aQ28h4FHW0qHkRNX8Tp4yBrvqqQh5fet8XixysOMtZI9ldmtb2zmu0m2xjxAIf4RlhbouvpSp7iwW1gaGLkJfDcv4l_M6_5iGTp0f4A3ZWGuCVDYH2gWTZ-Md3O-_6VFkeA3Ruk0w-hKmE6AIzur1AYxnccWgpqpqyBXgsTm5QhMfJJw_Xuz1qRAAfCsqHZJNcxbUC8aJeb05Mo5gm-BSmPIJc0l6KTXU6cf8GbN08kb7WBH_alac_9AI_OlFU4OSrYSNjdamZj-BzkXDM92x0ZWE9_G00ykcAM7yAAGCoRADPY6RZ27wU11b1puFA6JZnk8658EAncyBy143KWHwRurQy3RDGcdhw78Ux6ZeRYWgd0JlP2PeKNsuFp0eA9HP1SniZpxL4Os_iKy2xuFZXN9KNCMgTkdgThnErNwmHpK3N40aOyGsF39YbDMaivuL8eirAd5Kdm3lmDZgAp2F9L0T4DoPj0vfPlyirNdsjE3a3L57cepUZIVaq3c7jpgDg94JfY1-7ba0eNVSsKL_l30T6tsmxgVunMPdy0Rla0iYUQ1HdOwjPr&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6g5DxYiGZfSIAri0jMwPl_63mAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2yAEJqQJCmkgtttCmPuACAKgDAcgDAqoE1wNP0FFkAqSY1O0x3vMl6gVOwigug3s62z1mr_7uQxV57TUXyh-SbT6HCCopU6ecmCn3rJoWpqIY7JFKxI5HfjKyDLsFVxto26KAbd9kRS4QMVwB8xC618XL_fur4-7sHIBdAKtRZpYOBkMZJr11duQOVWI172Di9lrB47-64ydlV2MQFuNvlW-cEtBI5bwONETxAmqpMjNrA94S3lrKcIDuLGfb5NRHCuM0On6x-qmJq6F6dLY5cJztR4Wj7ktD_GpMyhVM81U_kGKdE2VZz4E1-JehmCToWKnAf1BgnW0FkIhU3Fh_YKSHbgMCA_EWNGiP_wuOwbTJYlhWUX17rHn1n4feR9gZDDOAw3wGl-C4QDbOJ8VWYgxtg6vOczpPx6lk8u-DJiqddlOC8LCoAbJlTLMbHD3qc7oubizgy_mn1Oi2Tsu-PuQIBtr4Qop-2U9_xHqUTS6VyyIonRs_8QW1J34XhWfdPQpQJkrwAxSU5uiNvo--IhQFRpD-bPHaQii5jJJK8S1PtMOBOkzGNh3l3EPQ8GtyzNPA82ZZkHSMt4ey4nZWNS6B7yhb9L0ghzFBHNn2p7QepxqjIo5XppiU5YfKOSsrcijWoMHKTvXVNnkkqZOUQxHgBAGABrOkie_huO39nAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYgbm-o4GlgwP6CwIIAYAMAeINEwj3pr-jgaWDAxU4GoMDHRf_DVPQFQGAFwE%26num%3D1%26sig%3DAOD64_0Yc1z4O1MUbduOR7lZS_h3569GOw%26client%3Dca-pub-7327662408303156%26adurl%3D
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=0
content-type
text/html
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 93A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 93A3 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
13953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 03:21:41 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 93A3 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
293022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 21:50:32 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 93A3 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 07:14:14 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 62F0 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 21:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
293022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 21:50:32 GMT
ad.php
g.adspeed.net/ Frame 62F0 		265 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.adspeed.net/ad.php?do=js&zid=117088&oid=27064&wd=-1&ht=-1&target=_blank
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.105.176.240 Sydney, Australia, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
d15.adspeed.us
Software
nginx /
Resource Hash
35b9a959bfb6bafc0c41b87b90cd33752834b92d8e4bd17040d04fcd51ad9671

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 62F0 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 07:14:14 GMT
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=2:1,6,23e0n4r,1i6fe27,1rltyq24,,2y8ziiy,8c`6y,1rltyq24,2y8ziiy,U1900760d1e2b6,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&b=2:1,5,1doakt,1i8ozn5,1rluj3ps,,2ybmy9g,8c`6y,1rluj3ps,2ybmy9g,U3b430bad35360a,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&b=2:1,14,nboe5,1i5j6fp,1rltt3wr,,2y7qgws,k8`2i,1rltt3wr,2y7qgws,U6fe8f6759cd351,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp&g=2T6i6&u=f0278789:lim1hwav:3i2&v=18g.xc.0.5tt.1.0&m=z&zi=adb_button_btf2,weatherhousead,0,adb_mediumRectangle_btf2_flex,totalaudience,6,U1900760d1e2b6,adb_mediumRectangle_btf1,5,U3b430bad35360a,adb_leaderboard_mid,14,U6fe8f6759cd351&z=0,1,2,2:.,1,120x60,n1,220i.0,136,008o&z=3,4,5,6:.,1,500x250,n1,24up.0,3xd,008o&z=7,4,8,9:.,1,300x330,n1,2208.0,12w,008o&z=a,4,b,c:.,1,1360x90,n2,44o.0,k,008p&rnd=1703315653779
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame E94A
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22a65bdba9
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22a65bdba9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YNRG9KERY2ANRWNK1Y7B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:13:52 GMT
via
1.1 4acb5efdd4b252788b64d73e2726c236.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
22
x-cache
Hit from cloudfront
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=22a65bdba9
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
dqWqHZNdk8i2tPbJ9MpMT5zBGmug_3PuuqfpRQFtaHPcvZDvElYizg==
https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ Frame E94A 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ecm3
s.amazon-adsystem.com/ Frame E94A
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=53df9add-94ad-429c-928a-569fae49ff0d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=53df9add-94ad-429c-928a-569fae49ff0d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F6EGTHCSXCYS94AM08E7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=53df9add-94ad-429c-928a-569fae49ff0d
access-control-allow-origin
*
date
Sat, 23 Dec 2023 07:14:14 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
s.amazon-adsystem.com/ Frame E94A
Redirect Chain
  • https://trace.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61ca4d6d64612kqekh00lqhq5ud8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61ca4d6d64612kqekh00lqhq5ud8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TQ0QTKE4EXFDHRA0QHAJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=baidu.com&id=f5ef61ca4d6d64612kqekh00lqhq5ud8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame E94A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAOHFk7LDRIAABQDGJ5Vlw&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAOHFk7LDRIAABQDGJ5Vlw&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0CNCC2HW3BHG3DA63WJ7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAOHFk7LDRIAABQDGJ5Vlw&ex=beeswax.com
Date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usermatch
ssum-sec.casalemedia.com/ Frame 9E41
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c9220e49ec12e3a773395daddef3dca162730b15278dedfbd175608dbb64f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
839ece75bbfca956-SYD
content-encoding
br
content-type
text/html
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMYMdPNTF3ZLLcJqO7%2Fj5vg4So8Kv0pa6FDKKG1UfUkDX9cpustBbwU%2BG6CzLUk7q1JC4TtLugfWsmjioOLaAjs8%2BdZoAuc91TuXAAbsUVuj6Z1r1NZGEIVjhkDN0I7dXTKGL%2BPgYXf7lA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
839ece74fe7fa89e-SYD
content-length
0
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6%2BphzLLgGQDUxQ1EchyKppYusssU%2FjyR4vo9zf7Vbirb07WOTOZsbDjgVD6QzWBUDrzhtvid%2BX5lWFqhCmP4VCAWd3F5jk4va27bjgpB4w93uJz40IaMvX9W9cWN8JoD8JkcnPf1tGKIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame D84C 		728 B
913 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
be243adef96f6c4e57c8761546a6ffe1cec8a2b7eb279ceea14e4dc9b20e4905

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
728
date
Sat, 23 Dec 2023 07:14:14 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 03FC 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=97370
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 23 Dec 2023 07:14:13 GMT
expires
Sun, 24 Dec 2023 10:17:03 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E9D0 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Dec 2023 07:14:13 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 9DC1 		714 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
91e17fc814c840447a1775993f9cf26bdde9490d4510f3693535947ea8e9eda8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
429
content-type
text/html
date
Sat, 23 Dec 2023 07:14:13 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame E9D0 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.204.65.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-65-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
68333be71b25015bb3506ff566dee7f3da971778a1a4451933c0b84b7b10bbc0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 04:29:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76515
Connection
keep-alive
Content-Length
13201
Expires
Sun, 24 Dec 2023 04:29:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 03FC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13862964&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
59cd4b7728a07d9d637220b0927acb83d20b46dfa07d85f59a6cf060519d8d4e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 23 Dec 2023 07:14:13 GMT
content-length
1672
content-type
text/html; charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame E9D0 		7 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1075877514219374&correlator=483012437449789&eid=44807747%2C31079527%2C31080117%2C676982996&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Clargevideoplayer%2Creveal%2Ctotalaudience%2Crichmedia&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=1x1%2C1x1%2C728x90%7C970x250%2C728x90%7C970x90&ifi=7&sfv=1-0-40&fsbs=1%2C1%2C1%2C1&ists=4&eri=1&sc=1&cookie=ID%3Ddecfed6a6e349cb6%3AT%3D1703315652%3ART%3D1703315652%3AS%3DALNI_MYMdIwXFkvOAqp9OeqaGWnFyJ_4Yw&gpic=UID%3D00000cbe70d8c956%3AT%3D1703315652%3ART%3D1703315652%3AS%3DALNI_MYKOWOp_3O338KDjXfWTPn5g8J-6g&abxe=1&dt=1703315654000&lmt=1406675156&adxs=150%2C150%2C436%2C436&adys=7466%2C7466%2C6644%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5%7C6%7C7%7C0&ucis=7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&vis=1&psz=1360x784%7C1360x784%7C1600x50%7C1600x-1&msz=1x-1%7C1310x0%7C1600x0%7C1600x-1&fws=4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600&psts=AOrYGsn-RE2gACOfgDmLUyQXJCVnWLz0jbbN6ro00Kk0zl2hQYg-9xOnmQNtWeay98BKAQIhLp4c-af7Sy-GhWF_e7kHar7tZw%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslz_8DNOzDEnXYh9f9gjrVdC5rlSpgoMrDm6bjhAK_U56YSpV8lJBOQcag_pR9XC2c92OWxwyY1T0YzkkwSyuv9mUcH4A%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnKaiUmt8eYN6wBn5DoOGdSS2HG3pgE6GvumU2gWFeAEHRmkws-PzBTOZE8XkRP52Pfl6Z_JIsE14UKjqLzKhjFzRB3Xw&ga_vid=478712700.1703315651&ga_sid=1703315653&ga_hid=2009464020&ga_fc=true&ga_cid=1944768880.1703315653&dlt=1703315649586&idt=906&prev_scp=adb_imp%3D1%7Cadb_imp%3D1%7Cpos%3Dbtf%26amznbid%3D2%26amznp%3D2%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Camznbid%3D2%26amznp%3D2%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&cust_params=section%3Dsports%252Fhigh_school_sports&adks=1564369288%2C179213305%2C2439763612%2C907753814&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
0428bafe5e2cc1adc696cf77955d355cd0f60837cd5c4eaa200f15e5e73f5b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17678
x-xss-protection
0
google-lineitem-id
-2,-2,6417862739,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,138443594473,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adspsp.com/pt/1710310/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/11/3/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=0,1,2,3,4,5:6,7,,5r:8,9,,3r:a,b,,3o:a,b,,3o:c,d,,2u:c,d,,2u:e,f,,3f:g,h,,aO&b=0,1,i,j,k,l:6,m,,5r:8,n,,3s:a,b,,3o:a,b,,3o:c,o,,2u:c,p,,2u:e,q,,3f:e,r,,3f&bi=2,A7836ccecf95fc21,3,U6310f4c7c862e88,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience,4,540161673,5,11747832,6,6708,10,206471,33,PDDWminnzbApknGlqgkxpZCm,172,CNHI,11,U64b6d0c9a11d5cc,adb_floorboard,%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia,540327076,11908123,302372,302373,4toHxb5i3eKGPsfolJ10gLL8,ZKnbpUBWqDmzqbvOMugL6P14&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp&g=2T6oi&u=f0278789:lim1hwav:3i2&v=18g.xc.0.5tt.1.0&m=z&rnd=1703315654007
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 9DC1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=c5accf18-fbfd-888e-afa0-8e53c4c49ba2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F6Y3ES7J42B002DNH7KE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9DC1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0&gdpr_consent=
43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=9d7ab365-e757-3374-6fae-0cc4acf75042&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 07:14:14 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 9DC1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYaIxsCo8X4AAJdKQWkAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYaIxsCo8X4AAJdKQWkAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 23 Dec 2023 07:14:14 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.165","key":"ZYaIxsCo8X4AAJdKQWkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40305"}
X-SO-Key
ZYaIxsCo8X4AAJdKQWkAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40305
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZYaIxsCo8X4AAJdKQWkAAAAA
Cache-Control
private
X-SO-HostName
a-ad40305.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
66.203.112.165
sd
jp-u.openx.net/w/1.0/ Frame 9DC1
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXpkGaD48TyQks8AED1M6Mvk_c8AAAGMlYZGOA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXpkGaD48TyQks8AED1M6Mvk_c8AAAGMlYZGOA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 98c0260f137c498b550b5ea75d3bc892.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXpkGaD48TyQks8AED1M6Mvk_c8AAAGMlYZGOA
cache-control
no-cache
content-length
0
x-amz-cf-id
Om-06MsGrjx3KOgH9ZuzA095LdBpSnqJTm-Jxc1kH6AIESqGTgRqOA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9DC1 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjExNTYwYWYtMmUyMC02ZGQwLTdhNGUtNTY3ZDY2MTU5ZTIy
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9DC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFxfFJqA8pi6GNbgE6OzKR4&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFxfFJqA8pi6GNbgE6OzKR4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFxfFJqA8pi6GNbgE6OzKR4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 62F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQjYRG4cXCmu7JMZLxcZfI1b4BEVORc-y1wAicdmKiY2k_KWQBcTi_bzfsX1iJpFDPHTsQBKgTxRYy3qRAdyr-5khuyhK5Urdf5voZtJ0gT42AXOK9YRQQTclKZTDyzuEv3Tua4da7_XaLoVw4_MnDcXGNthniS43OTb3WFza4s_gO8ADynOovPw-rhwpFxmoGOgnmLxUahsOVjKmqGRDrlZR1FQGkz1PQp54DgtBZQfEOUNyHmXPfvrcIUzheEWTIZTOFIEIeu1ijK8YSl7pKrWNteFUfjTrd05RixvK7QPzoZG2BP_syAJJW-Y2ucswxvJ9Q3UVsBxkic5hd5-c7Xku8hkshd54_SgeiRTviARhTvdcORVIdNr_7IwGPi7ydKrBsfARrmMcumKKMh7ZfM5t7&sai=AMfl-YQmgFLiSdIjvePnJHE1psFYmmC4TtolmDD1XUM35GEyMc8VuT5lxhQSdQTUQZgr9EeBEQqkDL9M_6sqBqnuUdQsgeaypIjxArMfu-WOTR8qZJB9N0j5VHveM7C4JXcxQLwdAlFcV6gS9DLTzebOKZ86&sig=Cg0ArKJSzK48DLPK2crnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 93A3 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bcd690a7fe1dd55141cc031d0d3db6970a78143b7a00a998fe70338be963ba9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-41a361c60353/ 		36 B
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-41a361c60353/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 9E41
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&expiration=1705907654&gdpr=0&gdpr_consent=
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&expiration=1705907654&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRGuyekX72eHs7r6BLpc3StMksu9TG33bzH7Lp4yaREw8J2R0Q6xUhDEodoD4YKhZ061yGyqayD87fe4UirVfPGL0BRct9id7%2B1ghJNXxiQYeoOP9vwiJruUMDsVCuANdmCUOC0aUVU0bA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece769f8aa89e-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&expiration=1705907654&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 07:14:14 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 9E41
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYaIxbSizXj-SopHFCEksgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPCAfOHo5bqqueS_mXLlNvU&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPCAfOHo5bqqueS_mXLlNvU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gud7zhmo9vKFxPLptTt2ZrGeY15ANqLYrzxHGyF0PuwkMKJZFohu7V784tXWnC%2F5KbLDpSqQafsSk3qmXa%2Fv2MkKyEbURW0i%2B4lwfMQLFlx2nCYPDECPCXJHwqrkM6YHHjn5mUOCfjR1qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece783ea7a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPCAfOHo5bqqueS_mXLlNvU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9E41 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
91M9618M3EC2G4DH31WQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame 9E41
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYaIxbSizXj-SopHFCEksgAA%264778&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYaIxbSizXj-SopHFCEksgAA%264778&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1bbc552bec454c76b37c231cd654e7ff
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1bbc552b-ec45-4c76-b37c-231cd654e7ff
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ca86ab71-1ff7-4760-8875-a4aba5bb3c67%3A1703315655.5649836&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dca86ab71-1ff7-4760-8875-a4aba5b...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2018245968139501534&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dca86ab71-1ff7-4760-88...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ca86ab71-1ff7-4760-8875-a4aba5bb3c67%3A1703315655.5649836&_=1703315655.5667074
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMk8H8zrCwYruKBMsoOB9bs&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMk8H8zrCwYruKBMsoOB9bs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:16 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMk8H8zrCwYruKBMsoOB9bs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9E41
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFumE7LDRIAABRW-aEkOg&expiration=1704525254
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFumE7LDRIAABRW-aEkOg&expiration=1704525254
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BAR1KdEdC0PyeGQyeOAv22VcjkYXk3TxmXgISR8e51%2BEkip1QCBtvzoVzn%2FA%2BxjcKQNV7NWfDVwJ1nONWIXfmiLEkPvsABorP8JWz2oxkxpYzVsmLpBKCzd57ivMShJc0sqA9OamisTog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece78ef52a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFumE7LDRIAABRW-aEkOg&expiration=1704525254
Date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame 9E41
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9d1f2264-dbff-25cf-1bdf0f53
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9d1f2264-dbff-25cf-1bdf0f53
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbwkiFWrrFgJAPSAqzlHWsJ7w5vqZYsg0s5J5M9iA%2B74%2BTm1%2BQI6R3CuBL7kGbj5tszTJXS83MP8l%2BfrjbZr3U4xf2uJT0ENYYqG4C9iG9CArmtNPHbolMm2GIof7CizuCuvcldx"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece77e850a89e-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9d1f2264-dbff-25cf-1bdf0f53
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 9E41
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ef%2F4FE1uEwWmzqs652Py0GVhI86K2gwQhJ3U3F%2Fm0pKO03VwLVVdMT%2FL00qIWXi1AtvKU7dtWa%2F9F9%2FNrYmgTtl0nOKL5UZ53qWW0XimesTmGgsTi9TkrvsXjsmYC4GAevVc4qS5rKp8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7bc9f9a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Sat, 23 Dec 2023 07:14:14 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9E41
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 9E41 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M33RNFW5NSD392RCPSJ2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame CE7C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
6154
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 23 Dec 2023 07:14:14 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
322, 4138
X-Served-By
cache-lga13626-LGA, cache-bfi-kbfi7400048-BFI
X-Timer
S1703315655.523484,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame AC74 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
6153
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 23 Dec 2023 07:14:14 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
322, 7611
X-Served-By
cache-lga13626-LGA, cache-bfi-krnt7300113-BFI
X-Timer
S1703315655.604855,VS0,VE0
/
photos.register-herald.com/services/api/json/1.4.0/ Frame EC5F 		27 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&returnModelList=true&idCopy=true&PageNumber=2&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-2WSBCPH4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.7.58.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-58-147.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8fb721a95314b392269801a586acec95660718e70a65c65fccd05bc0e815b11d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept
application/json
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
baggage
sentry-environment=live,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=6b061a1787024952ad50162568d3e266
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
sentry-trace
6b061a1787024952ad50162568d3e266-beeb7bafdeb4ae25-0

Response headers

Date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
x-ttfb
0.0908
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug-API/1.4.0
Transfer-Encoding
chunked
x-env
a=live, b=www, c=ec58e149, d=i-056aa31eb47ae9caa
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
2/5 - Thrill Our Customers
Connection
keep-alive
api-method
rpc.gallery.getalbum
x-request-id
c403e2f1
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
x-ttfb-l
27532
cache-control
private, no-store, no-cache, max-age=0
x-s
100.9.11:1711357
expires
Sat, 23 Dec 2023 07:14:13 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F53F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0y1cfnd7esCQI1JaLVrg6iKKz_FTIPBzCZps5I141E0XFAsmzmQeJVZUTnpb7ciuWUX4v8Q-lFizAL5RykHVHxm9jLfNCwngz5rCtGNZ7fpLpqWXJ6LW02lKgDwQM99MyykaQG7RySvwwRpfuHW_eJ7S_88s8uzi8j0OCgNMZ7mvDJKNU2_Otordi_FcnWlsVxuBG-SAdSujWD7OIamxgGCb1dG7QTS9KMRmEFpPLbUDEVugrUpe2V1B5tGahGi5_wY_WAcDMOuxh45VzVhSOzoXA6JEAmtjbM10MVOWLKuqXHdV2h4SUn-mwM_-2qZRKp1xXUk29E2pKuA7SFVdcXNd9S2l6cGy8j3l-FwY_Jvu0cJ9FkgV28uhL4aGiKpUTFPWrtk40Tpf6ha5jWCPcp9Gnc8g&sai=AMfl-YSK4MpcEjz5pqogY0FoY_iYbj3MBmxjoNuqjO4OIhaOynyBoBkXhI9j5HtxXuoGJMluHSMUU9iOoXubGolx0pLjjRD4tGqESj0FFNkkRsvDwT9XAWJM6KW32TaB5oRnOIBklNG1WQgk_HjA9skEKIPv&sig=Cg0ArKJSzC2Hyfz5jds8EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 07:14:14 GMT
pd
jp-u.openx.net/w/1.0/ Frame 51D0 		792 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ec47167093f1afaab6f0d45d6b6143c8d9bb67e4505cebf20d1502c45d4ebbd6

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
436
content-type
text/html
date
Sat, 23 Dec 2023 07:14:14 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
publishertag.prebid.js
static.criteo.net/js/ld/ 		98 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-18615"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 24 Dec 2023 07:14:15 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 5799 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
118
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
839ece77f89ea949-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
Sat, 23 Dec 2023 11:14:14 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:13 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 09:01:01 GMT
server
nginx
x-amz-cf-pop
NRT51-C2
etag
W/"656ee6cd-47bd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-HV9oykVDVWTijCOw5zzMVevE9UPDK5yvO5DIUD1xHZz09RXekXXFg==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 634A 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:02:13 GMT
content-encoding
gzip
via
1.1 4bf8b888ab09c75583ef96928f051bfc.cloudfront.net (CloudFront), 1.1 82008a7e089b84e7f0a6d8d139a4e3de.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD62-P1
age
722
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Jgo2jLD-_3cUsxt50LwO1TRnyK8Pfe8-bfyOH_SekCGQ-v32JoaDTQ==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 634A 		92 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=55f091f7-583a-4818-9de4-7f6567075ae3&iiqpciddate=1703315654398&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=390_1703315654399&fbp=1120628901&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ref=www.register-herald.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-50.syd1.r.cloudfront.net
Software
/
Resource Hash
259375496f67e58d9dc4c96ec60ffe53a431d4159eca6f6abf32f2bd21745994

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 f3cea93c854337bc785f9b21c41ff66c.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
access-control-max-age
3600
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.register-herald.com
access-control-allow-methods
POST, GET
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
Kv08kwhAyQS8h8iTloDY4oC8nVaS0ngJYG0_y8mmp1F9QtkHaV4_Eg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=649153&iiqidtype=2&iiqpcid=55f091f7-583a-4818-9de4-7f6567075ae3&iiqpciddate=1703315654398&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=649153&iiqidtype=2&iiqpcid=55f091f7-583a-4818-9de4-7f6567075ae3&iiqpciddate=1703315654398&tsr...
43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=649153&iiqidtype=2&iiqpcid=55f091f7-583a-4818-9de4-7f6567075ae3&iiqpciddate=1703315654398&tsrnd=869_1703315654400&fbp=1120628901&vrref=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&jsver=5.09&ckls=true&ci=eoHK786CH6&nc=false&trid=-1936762309
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
z_vl1IcfxSx7F-t8FGjMG7Ojrx9jIvExWEz3gcIhPHrxJ3MtvNzc-w==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=649153&iiqidtype=2&iiqpcid=55f091f7-583a-4818-9de4-7f6567075ae3&iiqpciddate=1703315654398&tsrnd=869_1703315654400&fbp=1120628901&vrref=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&jsver=5.09&ckls=true&ci=eoHK786CH6&nc=false&trid=-1936762309
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
fOY9KEyLU0OxwRHqi1nOJptkHVMcyww0zXtESmBbqfoR5GF2Zy1JMg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9DCA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxxOoLNYRvL7HIoyzaLmPYhTXhvyPRmOG7glTmLbYWMek97F-T7JccvPIisnwwWobVbyKM8ji4KofFCKPRphhFeRdlziiiXip80cgqpgShyKHWxhTGcJxut8PxA-tTfLZwG_qQOeldZ2YH5zHe4yCgUNOxFtmN0WehasxNnHn37N_VS50FlrsfXDk96UbCRz4eqfb5XDS9qpiVhtBrvZCOD0gNyCnTNj-l8PlVoxCLYSBnmWzLx3dAE6_Ls6TTnC-4FcWyjuzjOlO1KU3HlreKLOKewooobsMbEtNOAQewjCjJStyRKSyWU-8sqVQVqlgsIywvfsHQKKspS1F-M2m_Sf0XQQyfOflPT4I4uGmDaEyq5sTANfWC5bVmeA&sai=AMfl-YR9A2Hd0se7izSx0v3GERuvIhxN-SIBn2fRp7odbUreRktpNItwKUTrslse_AjSN66RPAnxO3V-lQ4knXZH3FTyEqBFWHcuVnXF9ZfqL-tt3B-fZb7-dIY1oWg6ZIXRikLxo31WE9WmSeG4zID_gM4d&sig=Cg0ArKJSzF6tm4tKbL6NEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 07:14:14 GMT
sd
u.openx.net/w/1.0/ Frame 51D0
Redirect Chain
  • https://sync-axelmark-dsp.focas.jp/sync/opx
  • https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=tYtQeVKNboHZJMuR7CCOrzbV2wht35zEhkKlSXO98bn9FRUY
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=tYtQeVKNboHZJMuR7CCOrzbV2wht35zEhkKlSXO98bn9FRUY
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
vary
Accept-Encoding
content-type
text/html
location
https://u.openx.net/w/1.0/sd?gdpr=0&gdpr_consent=&id=559785451&val=tYtQeVKNboHZJMuR7CCOrzbV2wht35zEhkKlSXO98bn9FRUY
x-cloud-trace-context
01d895feed289bce7110f8d51821c75e
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame 51D0 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame 51D0
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57y7EE01WBDCM006SvaB
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57y7EE01WBDCM006SvaB
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=57y7EE01WBDCM006SvaB
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame 51D0 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=fbc82e65-f982-c938-65a6-be903f6befbc
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.125.194 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-125-194.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 51D0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=0QJjteEPWOVyOHxktb2SCULLcKU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=0QJjteEPWOVyOHxktb2SCULLcKU
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=0QJjteEPWOVyOHxktb2SCULLcKU
Date
Sat, 23 Dec 2023 07:14:15 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
09bdd521-77fb-a13d-5e79-1a3153a09d0b
pr-bh.ybp.yahoo.com/sync/openx/ Frame 51D0 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/09bdd521-77fb-a13d-5e79-1a3153a09d0b?gdpr=0
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 51D0 		0
0
dds
rtb.openx.net/sync/ Frame 51D0
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=Qiw5WU7RilqJ2kBzf-5q-A==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 51D0 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 51D0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pd
jp-u.openx.net/w/1.0/ Frame A9F6 		1 KB
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4895102f9972ac7ddb17c1d46e591cc919dafc2e150fe3f8973802cad94f6d8b

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
589
content-type
text/html
date
Sat, 23 Dec 2023 07:14:14 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame D84C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=493c18da-c5c5-41d3-9fbb-fb7ce35c3eba
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PM0H3XPSBYMPW0B2PYCZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame D84C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NDkzYzE4ZGEtYzVjNS00MWQzLTlmYmItZmI3Y2UzNWMzZWJh
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame D84C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 07:14:14 GMT
server
Kestrel
content-length
323
v1
match.sharethrough.com/sync/ Frame D84C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
v1
match.sharethrough.com/sync/ Frame D84C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
  • https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=PNoZYBiDuXiYZvaVd8ixzJNL&source_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=sharethrough&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT, Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 93A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1ci2xYiGZfSIAri0jMwPl_63mAWY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi03MzI3NjYyNDA4MzAzMTU2yAEJqQJCmkgtttCmPuACAKgDAcgDAqoE1ANP0FFkAqSY1O0x3vMl6gVOwigug3s62z1mr_7uQxV57TUXyh-SbT6HCCopU6ecmCn3rJoWpqIY7JFKxI5HfjKyDLsFVxto26KAbd9kRS4QMVwB8xC618XL_fur4-7sHIBdAKtRZpYOBkMZJr11duQOVWI172Di9lrB47-64ydlV2MQFuNvlW-cEtBI5bwONETxAmqpMjNrA94S3lrKcIDuLGfb5NRHCuM0On6x-qmJq6F6dLY5cJztR4Wj7ktD_GpMyhVM81U_kGKdE2VZz4E1-JehmCToWKnAf1BgnW0FkIhU3Fh_YKSHbgMCA_EWNGiP_wuOwbTJYlhWUX17rHn1n4feR9gZDDOAw3wGl-C4QDbOJ8VWYgxtg6vOczpPx6lk8u-DJiqddlOC8LCoAbJlTLMbHD3qc7oubizgy_mn1Oi2Tsu-PuQIBtr4Qop-2U9_xHqUTS6VyyIonRs_8QW1J34XhWfdPQpQJkrwAxSU5uiNvo--IhQFRpD-bPHaQii5jJJK8S1PtMOBOkzGNh3l3EPQ8GtyzNPA82ZZkHSMt4ey4nZWNS6B7yhb9L0gxTNgjjw4LsrhLms9ydjNZbGA7xDAFzPD-tuAOgh0UNnN0ZK112zgBAGABrOkie_huO39nAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYgbm-o4GlgwOACgP6CwIIAYAMAeINEwj3pr-jgaWDAxU4GoMDHRf_DVPQFQGAFwGyFxwKGhIUcHViLTczMjc2NjI0MDgzMDMxNTYY5YsR&sigh=po0b4O0x2-Y&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_E_wkCptwd8fiixnNIzvjKnRoo92ASRiWCxy5kftETAyalyDUJQmaqCaFOFTx2IxAe4zmuvD8VyHz4eNHJUTLDrIvRhez_2aregMYAQ&cbvp=2&vis=1
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 93A3 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k46HGdLwEXg8YvgtEgIAAAChV9YXR5oFJ3DJxG8JOY7bEMSIhmX_mXkr1SQGUtXDAAASAAAKCkFRVUREUUVCRFE&wp=ZYaIxQAAhHQDgxo4AA3_F1TOsLZFW4pLKPpGlw&cbvp=2
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
172915
server
Kestrel
content-length
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 634A 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 07:09:46 GMT
x-amz-cf-pop
SYD62-P1
age
26655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gVSVEQjvAN0uK7e-ZQmnTiSj2up5ti0B532sSgWLoQfelWwrRBLfiw==
ad.php
g.adspeed.net/ Frame 62F0 		1 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.adspeed.net/ad.php?do=js&zid=117088&oid=27064&wd=-1&ht=-1&target=_blank&cb=0.7602716421392062&ref=https%3A//www.register-herald.com/&uri=https%3A//94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: g.adspeed.net
URL: https://g.adspeed.net/ad.php?do=js&zid=117088&oid=27064&wd=-1&ht=-1&target=_blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.105.176.240 Sydney, Australia, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
d15.adspeed.us
Software
nginx /
Resource Hash
0b191a61fab467a5bcd49179e283d990ea6ea8362aceeaa127f40051d2128a99

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame FC7F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
118
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
839ece78f990a949-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
Sat, 23 Dec 2023 11:14:14 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 0A96 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f53687b3497bf7b4d269bac64d2100637eb1f9639d9630447516b24390747e7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
839ece790fbaa956-SYD
content-encoding
br
content-type
text/html
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfS7ltuyQAKFjAYmSSduX%2BCk3TuWzIEYVwA0GBpXvZmi8JJBCRUS5HWn%2F%2B%2FDlYU2kYaeYagxAvuhZTRtiSfLyNuxrhw%2FlGvUq4P1CuG%2B15g%2FsgXHL0Kzq6a7n5CuNJqvSiVq0Wn77kb6FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Pug
simage2.pubmatic.com/AdServer/ Frame 3E73
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f0c66586-88c7-4400-8f7a-1d57c011903f&gdpr=0&gdpr_consent=
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f0c66586-88c7-4400-8f7a-1d57c011903f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 03:52:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 23 Dec 2023 07:14:15 GMT
Expires
Sat, 23 Dec 2023 07:14:14 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x48 config_version:"146"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f0c66586-88c7-4400-8f7a-1d57c011903f&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 7094 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID235B4D78-F1FB-4418-B2CA-57F5903AA12B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 07:14:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
720VCXZ69SKN20HG9KZG
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 03FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I1tNePH7RBiyylf1kDqhKw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=97369
accept-ranges
bytes
content-length
5622
expires
Sun, 24 Dec 2023 10:17:03 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 03FC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=235B4D78-F1FB-4418-B2CA-57F5903AA12B
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=235B4D78-F1FB-4418-B2CA-57F5903AA12B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ef5b9e8a-4a93-4966-b307-a876b6db9aec%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=ef5b9e8a-4a93-4966-b307-a876b6db9aec%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=ef5b9e8a-4a93-4966-b307-a876b6db9aec%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c822726-6357-40ad-8c01-822eca9a1a3b&ttd_puid=ef5b9e8a-4a93-4966-b307-a876b6db9aec%2C%2C
date
Sat, 23 Dec 2023 07:14:14 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 03FC
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.74.215.70 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-215-70.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.10.192
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.26.187
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 03FC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=235B4D78-F1FB-4418-B2CA-57F5903AA12B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=235B4D78-F1FB-4418-B2CA-57F5903AA12B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=235B4D78-F1FB-4418-B2CA-57F5903AA12B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:33 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:33 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=235B4D78-F1FB-4418-B2CA-57F5903AA12B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 03FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjM1QjRENzgtRjFGQi00NDE4LUIyQ0EtNTdGNTkwM0FBMTJC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 03:40:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 03FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoYPhG1KP2aiWD5vCI0bl8&google_cver=1
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoYPhG1KP2aiWD5vCI0bl8&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 01:20:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoYPhG1KP2aiWD5vCI0bl8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 03FC 		43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 22 Dec 2023 07:14:14 GMT
235B4D78-F1FB-4418-B2CA-57F5903AA12B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 03FC 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/235B4D78-F1FB-4418-B2CA-57F5903AA12B?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 03FC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 07:14:14 GMT
server
Kestrel
content-length
355
9519efce37408d6f711d2a0de840b1ff32b5ae4e3
bandborder.com/009ae2ed4a2/ 		3 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/009ae2ed4a2/9519efce37408d6f711d2a0de840b1ff32b5ae4e3
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.179.148 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
148.179.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
x-hostname
fen-hoothoot-asia-east1-test-vdsz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 23 Dec 2023 07:14:13 GMT
sd
us-u.openx.net/w/1.0/ Frame A9F6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=34020ad8-a3b0-491c-8321-40503298dd37-658688c7-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
x.bidswitch.net/ Frame A9F6 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=openx
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
apsoutheast-match.deepintent.com/usersync/108/ Frame A9F6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsoutheast-match.deepintent.com/usersync/108/
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-length
0
server
c
sd
us-u.openx.net/w/1.0/ Frame A9F6
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=6f89329ee4d11f25&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMWCo8OeH7FwM1RhdLAAAAAAA&expiration=1703402055&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMWCo8OeH7FwM1RhdLAAAAAAA&expiration=1703402055&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMWCo8OeH7FwM1RhdLAAAAAAA&expiration=1703402055&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame A9F6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=b3be30ec-3f3d-093d-3c89-cdce3b54a42b
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=b3be30ec-3f3d-093d-3c89-cdce3b54a42b&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=b3be30ec-3f3d-093d-3c89-cdce3b54a42b&verify=true
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Server
13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=b3be30ec-3f3d-093d-3c89-cdce3b54a42b&verify=true
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame A9F6
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:14 GMT
redirect
match.rundsp.com/ Frame A9F6 		0
0
19cb1bfc173dcb98ccec
s.amazon-adsystem.com/x/ Frame A9F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame A9F6
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=Hx6ZzeAB1RgWd95
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=Hx6ZzeAB1RgWd95
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0ad8138d56a9ec354@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=Hx6ZzeAB1RgWd95
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A9F6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZYaIxwAJAt7ZKwBU
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYaIxwAJAt7ZKwBU&_test=ZYaIxwAJAt7ZKwBU
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYaIxwAJAt7ZKwBU&_test=ZYaIxwAJAt7ZKwBU
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bfi-kbfi7400043-BFI
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703315655.182879,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYaIxwAJAt7ZKwBU&_test=ZYaIxwAJAt7ZKwBU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame 46A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpg-M_IO0CVn-KrYcrMCMxpvP4qJLmjjVGuF3qnvm4eE8gfALH67TkpsCZUaFcPFqeFUnyuV-t1Gpt7G9pzpw6e9mm8YH625e68RC7HL9yJWMjEKuYJi9AvOC2mNhT4DJd8FUBcUaZDDPdBH-Q1FDZ9O0IiipGAyp-f2AQ1M0NzaJKQJxjAZnUcDb2ildmyD2wv2ND9sPuJLdLsBCVo8EZF_Xb9R0byy0su1QUEUT-vRVk7_XNsBaoVwtanzZeQTbx_WuAyWQ8DA1pzmWRd5mI4_8zfupDB-WPLa1BoeShxOlp0VXJJ9okJy70koWvv8mfkpuMdC0smaGeBKEddHdVm3H0A4Xe9W4zLD-TgHl3cSatKfN-mCpTHzyx1bl7JUiQQhH21kHhOpQaXq3iPJ0s&sai=AMfl-YR8CHu9O-5XHosg2b_J1hPyQJVCYOXtJWwgdfwm2Z9B0jr1c9VklggSYHK7MoXZMCCHwlFUxGMHhAt0H5C_mTtYlHh_DK8LMUl93RoydRtRub572Lug8DPjBiyJtOU&sig=Cg0ArKJSzFCWO_O0KfaCEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 46A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jan 2024 01:53:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 46A1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 07:14:14 GMT
11594795860315571444
tpc.googlesyndication.com/simgad/ Frame 46A1 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11594795860315571444
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
70fe0964e3e9607986ac8357c221236c12fc9ce359208618b1c22c5ccad56273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 23 Dec 2023 07:14:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31513
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 14:48:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 22 Dec 2024 07:14:14 GMT
l
www.google.com/ads/measurement/ Frame 46A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIA4xKrjEymE5ywKcJLn1lsMqOI54dOM532UM6bb24sqCvC-qiXgh6sj-agEYw4F-TjZW4DwEb-kF78BfCTPZJtk632g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
usermatch
ssum-sec.casalemedia.com/ Frame C15B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d883504a7aff773c3293930b3c2598b97a5071332cbd306843082fc8c8aee3c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
839ece79a855a956-SYD
content-encoding
br
content-type
text/html
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH2dA9RcKMS5hpXURT%2FThO5XuzJTrW3DV%2BszYSsEHSfXKiszonjjpiJrjE019F1iXCaa%2FgKvyH9JsH3EoWGonI0bIvqE62dZ%2FP6E%2BlHdCBTmAFbO8Osn9WiMPjYVTc9R%2FOgcXhheqT01Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 46A1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ff6c684c54408783115f056632f1c528fee3e8148a03f6094597f37a3cca2d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		1 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Dec 2023 06:01:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 23 Dec 2023 07:14:14 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F76C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=97369
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 23 Dec 2023 07:14:14 GMT
expires
Sun, 24 Dec 2023 10:17:03 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A817
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=6adf55d5-ab11-0b87-2bcb-9ae740bf1357
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=6adf55d5-ab11-0b87-2bcb-9ae740bf1357
43 B
846 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=6adf55d5-ab11-0b87-2bcb-9ae740bf1357
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 23 Dec 2023 07:14:15 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-id
q4lxajeDMPhLuFfDuBtidpDyR0BIN5q2jgoffv5wMdyWD-EveZZCIQ==
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 07:14:15 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=6adf55d5-ab11-0b87-2bcb-9ae740bf1357
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-id
6of8Kvk-lSBFQCqmd1YjOfRUqqf6221kdg3UFglvcDkme0qMVuvFaA==
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
liveView.php
live.primis.tech/live/ Frame 634A 		89 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTJzMmpkNTuuNwI4MmQ2MwUkOTUlLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyV5WzcNM01UVTRZVFy5T0RNME5dSTFNVGfkTWx1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXuPVFy3TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcNNU1UUTRNQXA5LayOnWZjqWkGNXxjp1cwY3B0qaBmpC1vTEqENXtgSwY0rERhQWIjLXFvUGpzqzyxX2NioaRyoaRsnWQ9Mmp1MDtjMlZ2nWRsY29hqGVhqF9xZXNwPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X3RcqGkyPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X2R1pzF0nW9hPTY0JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMwJEMmImMmVGMmAmOTqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmNmM3N0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPS0mMlZaZW9Mo25aPTE0NvZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTY1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTt2ODuwNDA4OTU5JzNvqXN0ZXI9MTpjMmMkNTY1NDplOQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
10a122379f29f0d321825275b79e654bb5638906cd652941dfea2b9d7f14660f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
10626
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
eRkE_W6DfVQAKaiTqDn7_ruVOoUaXOjpbWsJo0UXR2agFya3u9rgtg==
liveView.php
live.primis.tech/live/ 		0
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpjMmMkNTY1MlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMwJEMmImMmVGMmAmOTqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmNmM3N0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTY1JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTA5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTt2ODuwNDA4OTU5JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MDMmMTU2NTQ2OTtzqWyxPVNyn2yhZG9TUGkurWVlNwU4Nwt4YmVuYwJwMlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phpzVanXN0ZXIgnGVlYWkxLzNioSUlRaNjo3J0plUlRzucZ2usp2Nbo29fX3Njo3J0plUlRaqyp3QgqzylZ2yhnWEgnGyanC1mY2uio2jgp29wY2VlLWNiYWNbZXMgYXNmo2NcYXRco24gozFgZXMgYWkfLXN0YXRyLXRyYW0yMxZupaRcY2kyXmY0M2JwN2UkLTY4NTQgNWEjOS1vYWVzLWE0MTQ4NwM0YTqzNl5bqG1fJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPWI4OTZwYwQ1MTFyZDNzNTVxZTM4N2MmOWFuZGM4OWI3
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
cHMtxdMJ2dWF1kJDijqnuNgnUEkf8Tg0du2_TnKftxMYCf1uaikHVg==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 634A 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.22235.space.105129,adsize.400x225
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 634A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7&google_hm=MWNiYjNmMzEtOTQ5Ni00YzhhLWIyY2ItNDY4ZTcxMTZhYmU3
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAsPYZzI15yr-q3lAL6wq5k&google_cver=1&ssp=sekindo&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAsPYZzI15yr-q3lAL6wq5k&google_cver=1&ssp=sekindo&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAsPYZzI15yr-q3lAL6wq5k&google_cver=1&ssp=sekindo&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=3eb5d6d9-0fbf-42aa-b548-96201153baec&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=3eb5d6d9-0fbf-42aa-b548-96201153baec
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=3eb5d6d9-0fbf-42aa-b548-96201153baec
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
IW2S7dK-qfSBarjJouSsiw5xAJPkgeEZCBSZhF9E5TWjsFZ-Vgd9Sg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=3eb5d6d9-0fbf-42aa-b548-96201153baec
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
MWPxbHGpLakcilPTAn5VuqPwZNJoVzrLuVRmy3M4mGitGAW0nBZYqw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZYaIxbSizXj-SopHFCEksgAA%264778
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYaIxbSizXj-SopHFCEksgAA%264778
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYaIxbSizXj-SopHFCEksgAA%264778
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
vGpfx09bZfIfCQfpb9gG68ru63l9wxuclpKgFWpJx72NTapsh2f4gQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYaIxbSizXj-SopHFCEksgAA%264778
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
rZcqaNGVWiKsPRQAXnWt7S6i0FyTl9XUWdOW8RGtjOJ9tsXKIj0MOA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=4250019921879004143228
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4250019921879004143228
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4250019921879004143228
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
eTanGu2-AL2TOxejxUiG-0GCmqVMiajD9AjTrz0iDJehCPtvvOJlrA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=4250019921879004143228
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
w3U2_5w8iKlZXD7GmGTqYrsWDlCUskZcxskZfZNKEFvtLHtmgsIYJg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQHQ5UJ7-P-DGP6&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
MuWYE21KH1R0u_DvlyC9ECLcJ_Y3LWPFYo2U18XEssVLPzxp6i9TXQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
x7Pb1CuDsz_CPAM0VOHTOR5eQbXhlZem3jOx918P8299Zp0DWhD04A==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-i700Q3BE2uKl.aH7W8luFOW2IFAXlMkF~A
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-i700Q3BE2uKl.aH7W8luFOW2IFAXlMkF~A
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-i700Q3BE2uKl.aH7W8luFOW2IFAXlMkF~A
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
JzMEhl1c9D14ng6spWTmJMbXvzGMG_VS3AIiQm3Kzj2or2UtuTsQmw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-i700Q3BE2uKl.aH7W8luFOW2IFAXlMkF~A
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
fB5-T91ttyKF_-NlD3uy0PuXR3y_7dVqDVOmmJgqDgGGeuBXGNHfZQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=6973a68ce8454db9aa5e3733793c2879
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=6973a68ce8454db9aa5e3733793c2879
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=6973a68ce8454db9aa5e3733793c2879
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
LVk-Sb4Lfv9m4xnsyIgJzoBaMPOXC6L7U-sAF9V3xm8HMnbs5ivPgg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=6973a68ce8454db9aa5e3733793c2879
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
J8fNLd5GmI5JhDomG6hdxgtjyiN8nR0BCed33VYWVvr3SMhii_smMw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=658688c408959&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3463172542890107000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3463172542890107000V10
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3463172542890107000V10
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
LQ_wupZA-nDmmDPXF_70kmXdq34e0A64lKqOalExWoAPSLvazMRguw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3463172542890107000V10
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
2AE1-2mXhCSbCUE7W72Hqg7KAqEVgWPZ5pIvQQ43Wlp7hhclEUmmqg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H3iyDLZHYN4Hns6tTJSsiFZZ
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H3iyDLZHYN4Hns6tTJSsiFZZ
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H3iyDLZHYN4Hns6tTJSsiFZZ
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
p1KsV3KIvNsQ-_PtIrmBvOifUYI7RDfi7IoWrQ2YP69dIyrb-DV3ew==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H3iyDLZHYN4Hns6tTJSsiFZZ
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
VwEfBRYfDMhk0WCB39-fJI74bhL6c8QIzsPKSQaNOcbubk7QGjpPSA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=a24564821d8f9a1534f22ed12c8a5fc&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=a24564821d8f9a1534f22ed12c8a5fc
43 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=a24564821d8f9a1534f22ed12c8a5fc
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Ijk-fHPIzuKTFDYvIGddZxqURTBXMUIxATWU8XX9qvgVU6Af0Q5glw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=a24564821d8f9a1534f22ed12c8a5fc
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ZSREyP7U3e72jr1flqqsZ0N0DeCWv4RVF-acGKrX6V2q-eapyQUkVQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=f8547d09-4918-4aac-9462-5b28974d48b1
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=f8547d09-4918-4aac-9462-5b28974d48b1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=f8547d09-4918-4aac-9462-5b28974d48b1
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
FgKtfugF9NrJOGbQUgK06u8vEv1UgcBXbTcK0oJ0bgSBEHGIt47Mng==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=f8547d09-4918-4aac-9462-5b28974d48b1
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QpFBcA-LKoSNZ7IXMfalrCkxbMU4Zgv2sTTIA9FPPrN3Y3SKyZgPVg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5770507232381317882
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5770507232381317882
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5770507232381317882
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Vt2G9KAemzhZXBaCXw2WHHVGuCQwHPMqwH5BCm_mJcESKAqi9xHtlA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5770507232381317882
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0U2vZnKEz5FQUWILwpUsdYYzoMX-yuZBfjuLDxfD73x1a4AKCl5Hqg==
cookie
cm.adform.net/ Frame 634A 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:16 GMT
server
nginx
content-length
43
content-type
image/gif
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=493c18da-c5c5-41d3-9fbb-fb7ce35c3eba&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=493c18da-c5c5-41d3-9fbb-fb7ce35c3eba
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=493c18da-c5c5-41d3-9fbb-fb7ce35c3eba
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
hlijQfVjWvsK8qtbktlfrwzUqvt_Our8KcE_a6B-jWTTSJA01KJ0Xw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=493c18da-c5c5-41d3-9fbb-fb7ce35c3eba
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0jOIc612IIghgPiZgKXA_OM6cknqXMIhT9WKODo55BW511Hsaxfn2A==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 634A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1703315655947
  • https://ad.turn.com/r/cs?pid=45&rndcb=3015143342
  • https://sync.1rx.io/usersync/turn/2766854501026029548?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-27...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
JEG7qi8CaypqpV7jLTSj0_wa5eE5cM_ZHU4IsV3zTeaJ5jj8T8BYeQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
CgHvpjtKjzRe9DyUKnGSr5S5tsm_7FQAzLiw93s1hrH__YGcTmeqyA==
vid652f37158a628346251952.jpg
video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.jpg?cbuster=1697593111
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
5216f2de1c18fc2b3fe9f9074b4a0a4f341e33475648b62a5d94696ad0ef4c99

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 20:53:44 GMT
via
1.1 1dfba6c05648522e13059c944a28466e.cloudfront.net (CloudFront), 1.1 6ee3eecd683392286f206a7ea6e9ac0c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
37232
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
30523
last-modified
Wed, 18 Oct 2023 01:39:43 GMT
server
nginx
etag
"3b5e92301fbadeebd4d68d36e1875727"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
Gah9NphYI1jMv4BTobw9x0jbODXYHBaeNUfkI4YFoTK2nJiqitoycw==
expires
Sat, 23 Dec 2023 20:53:44 GMT
liveView.php
live.primis.tech/live/ Frame 634A 		147 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTJzMmpkNTuuNwI4MmQ2MwUkOTUlLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyV5WzcNM01UVTRZVFy5T0RNME5dSTFNVGfkTWx1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXuPVFy3TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcNNU1UUTRNQXA5LayOnWZjqWkGNXxjp1cwY3B0qaBmpC1vTEqENXtgSwY0rERhQWIjLXFvUGpzqzyxX2NioaRyoaRsnWQ9Mmp1MDtjMlZ2nWRsY29hqGVhqF9xZXNwPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X3RcqGkyPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X2R1pzF0nW9hPTY0JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMwJEMmImMmVGMmAmOTqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmNmM3N0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPS0mMlZaZW9Mo25aPTE0NvZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTY1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTt2ODuwNDA4OTU5JzNvqXN0ZXI9MTpjMmMkNTY1NDp3MQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
d89e0d10987f50644c012ac99774361319d3fd168f2d42fd06a9693fe2a2d6fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
14109
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
x6PChjrSV6FrwfytcW7r_y9-z5TmeK82grXiWftq1ZnqQMbNUEVGAQ==
liveView.php
live.primis.tech/live/ Frame 634A 		80 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTJzMmpkNTuuNwI4MmQ2MwUkOTUlLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyV5WzcNM01UVTRZVFy5T0RNME5dSTFNVGfkTWx1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXuPVFy3TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcNNU1UUTRNQXA5LayOnWZjqWkGNXxjp1cwY3B0qaBmpC1vTEqENXtgSwY0rERhQWIjLXFvUGpzqzyxX2NioaRyoaRsnWQ9Mmp1MDtjMlZ2nWRsY29hqGVhqF9xZXNwPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X3RcqGkyPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X2R1pzF0nW9hPTY0JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMwJEMmImMmVGMmAmOTqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmNmM3N0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPS0mMlZaZW9Mo25aPTE0NvZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTY1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTt2ODuwNDA4OTU5JzNvqXN0ZXI9MTpjMmMkNTY1NDp3Mt==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
0a901f87053b72c46a61546634eac69df7a1b99c6a654f0576d8d6c554593b4c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
9452
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
GNmsHFYE1ahOJgunbpja7gEL6fAMmcqf84pk5IFVkfrAX_Zx9KC6-A==
liveView.php
live.primis.tech/live/ Frame 634A 		97 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTJzMmpkNTuuNwI4MmQ2MwUkOTUlLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyV5WzcNM01UVTRZVFy5T0RNME5dSTFNVGfkTWx1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXuPVFy3TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcNNU1UUTRNQXA5LayOnWZjqWkGNXxjp1cwY3B0qaBmpC1vTEqENXtgSwY0rERhQWIjLXFvUGpzqzyxX2NioaRyoaRsnWQ9Mmp1MDtjMlZ2nWRsY29hqGVhqF9xZXNwPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X3RcqGkyPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X2R1pzF0nW9hPTY0JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMwJEMmImMmVGMmAmOTqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmNmM3N0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPS0mMlZaZW9Mo25aPTE0NvZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTY1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTt2ODuwNDA4OTU5JzNvqXN0ZXI9MTpjMmMkNTY1NDp3Mt==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
5f9c05a1676cfba3705f6e689ad0b807cdeccdb5614f134cac85aa81574d5b51

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
10904
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
nYsdH0wAkKt_7Hi7psiRTs3PwyPMUO5Jb-JoQdHl7KQt6NRfdnYbUw==
liveView.php
live.primis.tech/live/ Frame 634A 		148 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTJzMmpkNTuuNwI4MmQ2MwUkOTUlLz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyV5WzcNM01UVTRZVFy5T0RNME5dSTFNVGfkTWx1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXuPVFy3TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcNNU1UUTRNQXA5LayOnWZjqWkGNXxjp1cwY3B0qaBmpC1vTEqENXtgSwY0rERhQWIjLXFvUGpzqzyxX2NioaRyoaRsnWQ9Mmp1MDtjMlZ2nWRsY29hqGVhqF9xZXNwPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X3RcqGkyPTteQ2uyZXNyK0Jun2VxK01uY2Flo25cJaZcZF9wo250ZW50X2R1pzF0nW9hPTY0JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEkOTp1Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmEmMwJEMmImMmVGMmAmOTqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmNmM3N0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGp3BipaRmJTJGnGyanF9mY2uio2ksp3BipaRmJTJGq2VmqC12nXJanW5cYS1bnWqbLXNwnG9ioC1mo2NwZXIgY29uY2uypl1up3NiY2yuqGyiov1hYW1ypl1uoGjgp3RuqGUgqGVuoSUlRzFlqGywoGVsNwQmYzM3ZTEgNwt1NC01YTA5LWJuZWYgYTQkNDt2MmRuN2Y3Lzu0oWjzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPS0mMlZaZW9Mo25aPTE0NvZ1p2VlSXBBZGRlPTY2LwIjMl4kMTIhMTY1JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NTt2ODuwNDA4OTU5JzNvqXN0ZXI9MTpjMmMkNTY1NDp3Mj==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
7c0eacb9c54f75fa7f86298bca0c878de7269ee9fbf6c8ef7c6b57d3dfd542b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
16223
pragma
no-cache
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
CEviZwLKJTPTrjpFjwTR-7BQTHMXLefIuFMKyqtM7VrhlDY5VOy8Sg==
bounce
ib.adnxs.com/ Frame CE7C
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
an-x-request-uuid
3e110a27-abb2-4995-bb04-306ff0865bf1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
an-x-request-uuid
f5ec8da7-f2b3-497d-a4b1-ce7226cf6bda
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0A96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELU2KldTzn6S7SRkvX_y9vw&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELU2KldTzn6S7SRkvX_y9vw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i32OPJikKJy7jRZg7Y%2FWrxDNCugWxQSchflrOE6qz0xFtGZocAcr9ineehkksVoldxgfvRws8uOdq0NtNOohQVYJ%2BxUuLUc8cbFYUf6VKPSbyAKO9gZxMy4%2BKZ0i1GbViN8ikZtP%2BRXCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7b599ba956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELU2KldTzn6S7SRkvX_y9vw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0A96 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 0A96
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID%26us_privacy%3D1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2814042338364285155&us_privacy=1---
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2814042338364285155&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCU1HJevXtIJunSKgq%2Fow7udGkBIID7qKRj%2F%2Bi4K2rtuQ%2BPQu621Php9TzqTtTUVkCCKQXd4zEd%2FiLhHuogPsLaTQHg3w77dNkXxz5leRPJBCD%2F3Icy0LPRWsglbC50oNEcTJP08U%2BE%2BHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7d8b88a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
an-x-request-uuid
aab86fa8-f111-4ac1-9653-f128bc981769
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2814042338364285155&us_privacy=1---
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0A96
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=bmakYWBr_2N1Zqw0OmGxMWA2rG51a_oyOWXDyCtj
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=bmakYWBr_2N1Zqw0OmGxMWA2rG51a_oyOWXDyCtj
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtyTXH4K%2BiotMg1gNPdEyKqH2XHlmn1zZaPHb5KSrz61I5nJgwIkqJ9hluIovMlXnbUyLCPknMR0zC9KY6hCYx52%2BFEDBSvGKmdsGasQis%2FNKOYYXp%2FzyeqXdmiTSOEd7K9sBEjIfkHtFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7c3a69a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=bmakYWBr_2N1Zqw0OmGxMWA2rG51a_oyOWXDyCtj
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0A96
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778...
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr9Zyo4%2F656OVvx%2FuPRLo73EmdeU1Ccv6ly6u%2B216NfTIgv8mIyR6%2Bqp6GP4%2FAw%2BiuicnPFxp3ajDw26zjCp%2FNPmsd8c2sJNdlGb29kmwe4cEDi8RCP6JBHiwyEpeyzv74x1MF8ITxByTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece800dfca956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT, Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0A96
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 0A96
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8664524426276581944&gdpr=0&gdpr_consent=
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8664524426276581944&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjDcDjXgxjGGN37wasV1qyuhOYw9j6zV1Vhcq%2B5bA%2FWvablueILx0cLKyk51BhdWoI8QgLzDTR4QeZtjI%2BZoTzZ7tQybpDuaK63JEDJVRzk%2FqkkIggTpcxm7RQtpoNLX7CY4P4hVB0%2FYpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7ffde1a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8664524426276581944&gdpr=0&gdpr_consent=
date
Sat, 23 Dec 2023 07:14:15 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 0A96
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=XpnL6tOMGcjER13OMMAn&us_privacy=1---
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=XpnL6tOMGcjER13OMMAn&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ8jYpJhJToizIH0M79GhHBJ08tL1XkeZYOLlKbrOgqPs5AIUW9BPABVEnjpK1NSvcFfFWNixgfGHoy9Yeinf7j9H%2BnwuSQdspnvq5OgI5bDT3mEk0oAmkiFwQBAHknhqUPW4WHsOMXChw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece80febda956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=XpnL6tOMGcjER13OMMAn&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
135
Expires
Thu, 01 Dec 1994 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0A96 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZYaIxbSizXj-SopHFCEksgAA%264778=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
50636
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
839ece7b1b98a949-SYD
content-length
43
expires
Sun, 24 Dec 2023 07:14:14 GMT
ecm3
s.amazon-adsystem.com/ Frame E9D0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=LQHQ5UJ7-P-DGP6
  • https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HFSC26551553XWWQQVK2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a3627e8efa32d23b7838eace974fecff
Expires
0
jload
pixel.adsafeprotected.com/ Frame B24A 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931599&pubId=22235&chanId=www.register-herald.com&placementId=105129&pubOrder=AU&custom=desktop&custom2=windows&custom3=chrome
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.198.172 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-198-172.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
8e9afacdb63121a4ff51e5343eee5067b3b5ba0b6cc828ef45374764b92b765a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
user-registering
ads.stickyadstv.com/ Frame C15B 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.99.59.16 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-99-59-16.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:14 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1703315654906040-46
Expires
Sat, 23 Dec 2023 07:14:14 GMT
crum
dsum-sec.casalemedia.com/ Frame C15B
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719126855&external_user_id=bbb12f36-e420-4e2a-aa43-36e5523f3dd9
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719126855&external_user_id=bbb12f36-e420-4e2a-aa43-36e5523f3dd9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUclxvQn8yDGJJphJvOIOnN5Dy%2FAYneQAcDfz4HZrGsiVvKUGgcTRKWA%2B9%2Fe%2BLI7irmny9wMXsYCAsPfxWLlrLig1aCdeyWaDNAXkAcoRo9FJOvDV6VACDAK1CLaLKJDuZ7KxoKoTaFIMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7d3b40a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719126855&external_user_id=bbb12f36-e420-4e2a-aa43-36e5523f3dd9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame C15B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0QJjteEPWOVyOHxktb2SCULLcKU
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0QJjteEPWOVyOHxktb2SCULLcKU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXdu7vRgYlSwUL%2BsVgQbsSrQSPX8SmGucaBCIW2WE3nrF%2BxlKQP9nKZWSLJs6HaaTtfYhytbxkB55A3ETa2qqlKBbZwCJAJT6t3Zy0kAJR%2Fd4OhuhQMjslvbQ6MAebGmM9MAN0unPnFEBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7f4d48a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=0QJjteEPWOVyOHxktb2SCULLcKU
Date
Sat, 23 Dec 2023 07:14:15 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame C15B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=30DE9C28ED4445DCA5305FC1768B4A1C&us_privacy=1---
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=30DE9C28ED4445DCA5305FC1768B4A1C&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFIZgT7MMqDknA2McRyJqTCcHZn16BaPEh4vK1Sv2QszucDyrkNhSfKXPXGHmLH219Qj9agyYFaL8FHc%2FJ9N0Vl6JPvgQJCksMTH3aeWJyNtmCHl0wgMVSCHgj%2B%2Bm%2FsGli5WGQEOtlzPOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7bb9f3a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 23 Dec 2023 07:14:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=30DE9C28ED4445DCA5305FC1768B4A1C&us_privacy=1---
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:14 GMT
crum
dsum-sec.casalemedia.com/ Frame C15B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778...
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOoa47IKbs9OwnH3zMgMLTvLp55QVl71ibV2X2j3NyXrMA4GQGaUX%2BbTNyCohQ%2FpNw8FNV247vjTbnKPNZ7Noho%2FKyzp4br9mhbOFMBEfIOZMWpsJGPoBj1LvK4LquuAcHSsJSTyCqasoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece800dfea956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=-BbdWnI4K5pEggxosHapHj_9rS_FZsNPB7a-gZYZMgY&pi=index&gpdr=&gdpr_consent=&us_privacy=1---&user_id=ZYaIxbSizXj-SopHFCEksgAA%264778&tc=1
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT, Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C15B
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca4d6d64612kqekh00lqhq5ud8
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca4d6d64612kqekh00lqhq5ud8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQI4VCbFa7VRVb9ZgBFXluuFrtGP6yAcKs8j1Yq%2FhUM3hvOuCsGAqYzQ4Hlqwtq15lu7tK0slL3yuvsfzW3Rq7qFZnKstyVEN7PugG8cIU7sYq792g5JQ9%2B1cAtJb3HrFDEcBQ6xRRaDZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
839ece7c4a74a956-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 23 Dec 2023 07:14:14 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f5ef61ca4d6d64612kqekh00lqhq5ud8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dcm
s.amazon-adsystem.com/ Frame C15B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZAG0NZYH7K4EV0ESWX84
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C15B 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame C15B 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZYaIxbSizXj-SopHFCEksgAA%264778=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.register-herald.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:14 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
50636
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
839ece7b1b9fa949-SYD
content-length
43
expires
Sun, 24 Dec 2023 07:14:14 GMT
bounce
ib.adnxs.com/ Frame AC74
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
an-x-request-uuid
b06302be-1deb-4da8-adc0-c0b50bfeec86
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:14 GMT
an-x-request-uuid
97bcea4f-9abf-40be-83c7-339c3a87b93d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.register-herald.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 20:50:19 GMT
x-content-type-options
nosniff
age
37435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 20:50:19 GMT
/
register-herald-cnhi-pw.newsmemory.com/ 		88 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&service=autologout&ta_MACHINE_ID=3b1f52a7c56ec8e9ce7cfde1b29b68e7&r=1703315654934
Requested by
Host: register-herald-cnhi-pw.newsmemory.com
URL: https://register-herald-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=3b1f52a7c56ec8e9ce7cfde1b29b68e7&v=3&r=4618
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:15 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
text/html
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
88
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=2:2,11,0,0,0,true,0,,0,0,U64b6d0c9a11d5cc,adb_floorboard,%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia&b=2:2,3,2aipl3e,1i3t6kt,1rllqp61,,2y512kz,k8`2i,1rllqp61,2y512kz,U6310f4c7c862e88,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp&g=2T7ee&u=f0278789:lim1hwav:3i2&v=18g.xc.0.6cx.1.0&m=z&zi=adb_large-video,largevideoplayer,0,adb_reveal,reveal,adb_floorboard,richmedia,11,U64b6d0c9a11d5cc,adb_leaderboard_btf,totalaudience,3,U6310f4c7c862e88,adb_leaderboard_mid,14,U6fe8f6759cd351&z=0,1,2,2:.,1,1x1,pr,263t.0,56h,00be&z=3,4,2,2:.,1,1310x0,pr,263t.0,56h,00be&z=5,6,7,8:.,1,1600x90,pr,4uu.0,k,00be&z=9,a,b,c:.,1,1600x90,pt,25gz.0,4jn,00bg&z=d,a,e,f:1,1,n2,44o.0,k,008p,n5,44o.0,k,008s,qf,44o.0,k,00c2_1360x90_k.2v.1l8_1&z=5,6,7,8:1,1,pr,4uu.0,k,00be,q6,4uu.0,k,00bt,qf,4uu.0,k,00c2_1600x90_k.b.64&rnd=1703315654940
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
ingest
i.viafoura.co/v3/www.register-herald.com/ 		67 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.register-herald.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.register-herald.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-41a361c60353%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1703315653%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%22809ac5aa-9a12-49fc-8465-cce714570806%22%2C%22firstVisit%22%3A1703315653%2C%22previousVisit%22%3A1703315653%2C%22currentVisit%22%3A1703315653%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1703315653%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.register-herald.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-41a361c60353%22%2C%22section%22%3A%2200000000-0000-4000-8000-41a361c60353%22%2C%22pageImage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fregister-herald.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2Fb87268c4-7873-11e7-af9a-f3a04545878a.jpg%3Fresize%3D200%252C200%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html%22%2C%22path%22%3A%22%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html%22%2C%22title%22%3A%22West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22The%20West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20all-state%20soccer%20teams%2C%20as%20chosen%20by%20a%20panel%20of%20coaches.%20Sports%20writers%20were%20not%20involved%20in%20the%20voting.%20Class%20AAA%20boys%20First%22%2C%22topics%22%3A%5B%22high_school_sports%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22643bc7e1-6854-5a09-baef-a4148634a7f7%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%223308cd27-9982-4cf9-9a2f-ad4a7ab8af28%22%2C%22w%22%3A%5B%22vf-conversations%22%2C%22vf-tray-trigger%22%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.71.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-71-155.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
a4b22632-0db4-4281-b730-9f3af8a3f784
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/a4b22632-0db4-4281-b730-9f3af8a3f784
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
tap.php
pixel.rubiconproject.com/ Frame E9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/V9A-KjL5Fg628T5zTNTpeA?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-57tivelE2oL7M9Widne7.meNQVKWQw02d.TKoA--~A
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-57tivelE2oL7M9Widne7.meNQVKWQw02d.TKoA--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-57tivelE2oL7M9Widne7.meNQVKWQw02d.TKoA--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame E9D0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=&expires=30
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c822726-6357-40ad-8c01-822eca9a1a3b&gdpr=0&gdpr_consent=&expires=30
date
Sat, 23 Dec 2023 07:14:15 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame E9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRiYjIxNDFjNmU0MDZhNDkxODEyZTNmZmI3MzNmYjA0ZDRkMWE2ZQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRiYjIxNDFjNmU0MDZhNDkxODEyZTNmZmI3MzNmYjA0ZDRkMWE2ZQ&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmRiYjIxNDFjNmU0MDZhNDkxODEyZTNmZmI3MzNmYjA0ZDRkMWE2ZQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame E9D0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6EF4R35R41E0AHXSQ2MA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQHQ5UJ7-P-DGP6&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame E9D0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H973CN6DV2SZ6K3P3Z6G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame E9D0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3Gp2aNfhSFShT0EoDhD7vw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Gp2aNfhSFShT0EoDhD7vw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Gp2aNfhSFShT0EoDhD7vw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RVVZ75TNAJVC0X0108K0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3Gp2aNfhSFShT0EoDhD7vw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame E9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHQ5UJ7-P-DGP6&us_privacy=1---
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHQ5UJ7-P-DGP6&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C7FA65DB82D547538DA666F05472C318 Ref B: SYD03EDGE1918 Ref C: 2023-12-23T07:14:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNKBSdacNL/iW8tXftsA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHQ5UJ7-P-DGP6&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E9D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0gmWFSreDyWe_yQmKgRGY&google_cver=1
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0gmWFSreDyWe_yQmKgRGY&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0gmWFSreDyWe_yQmKgRGY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFIUTVVSjctUC1ER1A2&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDRwW8FO9EvGhlbkrUA8g3c&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIUTVVSjctUC1ER1A2&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIUTVVSjctUC1ER1A2&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIUTVVSjctUC1ER1A2&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E9D0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFumE7LDRIAABRW-aEkOg&expires=30
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFumE7LDRIAABRW-aEkOg&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFumE7LDRIAABRW-aEkOg&expires=30
Date
Sat, 23 Dec 2023 07:14:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
pixel
capi.connatix.com/us/ Frame E9D0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LQHQ5UJ7-P-DGP6&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LQHQ5UJ7-P-DGP6&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQHQ5UJ7-P-DGP6&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
839ece819b11a838-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQHQ5UJ7-P-DGP6&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1---&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
839ece805a4ca838-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
setuid
ib.adnxs.com/prebid/ Frame E9D0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
an-x-request-uuid
8a282217-d0b2-4979-89b8-1501cf534ac7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame E9D0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQHQ5UJ7-P-DGP6&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E9D0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=58eb11ef-6549-470c-9285-c7ace176824f&expires=30&us_privacy=1---
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=58eb11ef-6549-470c-9285-c7ace176824f&expires=30&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=58eb11ef-6549-470c-9285-c7ace176824f&expires=30&us_privacy=1---
Date
Sat, 23 Dec 2023 07:14:16 GMT
Connection
keep-alive
X-CI-RTID
dacc2d94-19a4-40e6-acce-a68293cc3d47
Content-Length
164
Content-Type
text/html; charset=utf-8
receive
pixel.tapad.com/idsync/ex/ Frame E9D0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQHQ5UJ7-P-DGP6&us_privacy=1---
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQHQ5UJ7-P-DGP6&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQHQ5UJ7-P-DGP6&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame E9D0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQHQ5UJ7-P-DGP6&us_privacy=1---
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_pm-db5_rbd_n-Azerion_n-baidu_n-Beeswax_ox-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
CuBuiClmmyrOZ0q-NOjjjcz6RrYq3-sy8OoeatfjWQWWxNXJuFoXVQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQHQ5UJ7-P-DGP6
content-type
text/html; charset=utf-8
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0csermEByt9kzUBD26srJ4mySwCnMgwcfI8odMbgv52YCjI6Dvy81w==
MerryMultiplier_DigitalAd_300x250_FINAL.jpg
adserver.paywallproject.com/wp-content/uploads/2023/11/ Frame 62F0 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adserver.paywallproject.com/wp-content/uploads/2023/11/MerryMultiplier_DigitalAd_300x250_FINAL.jpg
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.57.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
ef8a21d27892ede8a112053582948a52543396d8f99c30c06483a3bf86dec45d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
163048
x-powered-by
centminmod
alt-svc
h3=":443"; ma=86400
content-length
133435
last-modified
Mon, 13 Nov 2023 17:22:04 GMT
server
cloudflare
etag
"65525b3c-2093b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkNixt5TpG7dhqbKy4E8HayVzoxk9Fa8SqnKWT2LBaUQp86frSzRJJfLx0RCBxq3sSrS3uuygoKB9gUPVZCBM5yOG6C8wzSKothUgjfPiGQIZBT%2BEPcoUV%2BfKKpvEnVbKXnLMaVKor%2Fj8gphAIU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
x-hosted-by
BigScoots
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
839ece803c0ba973-SYD
ad.php
g.adspeed.net/ Frame 62F0 		43 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.adspeed.net/ad.php?do=imp&aid=1008850&zid=117088&t=1703315654&auth=8b4439f072566b827f5ce9f561e33a83&oid=27064&wd=-1&ht=-1&ref=https%3A%2F%2Fwww.register-herald.com%2F&uri=https%3A%2F%2F94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html
Requested by
Host: 94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.105.176.240 Sydney, Australia, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
d15.adspeed.us
Software
nginx /
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
max-age=315360000
server
nginx
content-length
43
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
adspsp.com/pt/1710310/15/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/15/2/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=1:1,14,U6fe8f6759cd351,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp&g=2T7ga&u=f0278789:lim1hwav:3i2&v=18g.xc.0.6cz.1.0&m=z&rnd=1703315655007
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
truncated
/ Frame 62F0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b6d2e3fd22f701b8f400e4bf591a1dd83a5217ee7d2d9b7ed4165959a376418

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PM75X7XFT4&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a99b144c967bae8ab8dfb42e979fd76d0aacc189daa44e7c915528b7c0dc7891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 23 Dec 2023 07:14:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 46A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTrQFZDYb0KdjfcscF4-9zYgqGZG9dQgtXLXaCuAqIsj_8RSGyahE43hArTWcQUW9taXqdN6s-dpgGJTjiyN9egx055P0rP7ofL0a8ZNTom_ewc79ssWxrKEejnEoD-TTj8ZsByhCPTwyIg72vl8uexi1cWht-_z1uznb7m-3IlusK8xtMAvpAgknisZmj2Ga88-Gc4pUtDL6_5kYX1vtDWT9-3RvfSjqC_3n6c1kE0B91NfLOK5B2qBqAOUjxrtLcGMBfmfP-j_5u60iWkjYoagEaiv-bTfQ2tnv0vZRuHayImCcCMld1qAm_2LAmCT9Ps_c-L-73gymwcAPg4JHTIrdcUMMPllZEd26KVWEbf-QjBczYddfdf3Rs_FAEHuPuQWShqY1h07OZ64G0TzekGQM&sai=AMfl-YTpiyClPGA2Efp5FNtsQF9XM6khMe6UZkYi5eoViIRdjgHiGQoYJqK6jgm-StyEGZchsprHSBXukhmb-WzFUIQu0jrNgESOgYsxVx6iUNGVJaHROhU2xTIVpeDys0c&sig=Cg0ArKJSzHy2g3nNtLVwEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 07:14:15 GMT
v1
btlr.sharethrough.com/universal/ Frame 634A 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.123.235 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-123-235.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 634A 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:15 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
liveInternalSsp.php
rtb.primis.tech/live/ Frame 634A 		25 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgW%2BgT4mtS%2F2hbhifQy99JPiK4mHHLMNQj7HlxZFyJgDvWm5IJ8NqiS5Yf2QxfuHDDoSWVlxOgodfs%2Bda1OudsHIXuPnau8lt6oa%2FsBy4v%2F4ra8Lzv5QaNW7LsFzXN01PHbQRt1cSvV0qQUZALUenFtn%2BL1%2B3%2F0PksnaedH43PqBWnC108Dx01QuqL%2FYDYu8oJQy4uTM510%2BAmzswJhGh3bi54eIwVDHEyQcHinU7YVQF1VdQUgy7UxzaVfnWcF%2FdRFjSuF6TWLtiCmLPH8FRZuIcdvpIiuHW8kmqq%2FZmpU0kE9lBqLB7E2YCvKiM7jVQoWbiXoM0qJ%2BFymVndhvIm3yF%2B0wKHhu0J5H%2Bm1PWA2wodK8gJ0qVkcP5Onx6Z9vF8Be4HDhambeKZIlln2zarbM4clL9EoXi79AnUOy6AAmeSV%2FZEvjIquoNEPfi%2FR6rQs%2FxDPyQTIbt5Hjuc3P58SON%2FjgqkVRXxJ8y%2BblBiyxRwL0dyvN%2F%2B%2FrPeuXdtX9A7nIo%2FurA7JyyOgSFaQQvCiqSsTe3AajLyGf1RTR05hfxFfb0qRRAhcgl1U2meb6enewfQaODgvvxHNXcqCSdrNGVrhLG%2BFKLv6hpM3hi12diJtaJB6gGS1KwIPpkWQOEVdjUYo7nEDaTL8ZKk4eYeXBMhRir0XgCSbcGfMzdewDwDGGRuuiCS8BHvUECRtGAYynANyBRQSSBBRbIt%2BSRUC4bLpciGUYoHJBvyxlQrJpvswwJE5vMUB%2FExwWI0ab%2B9cVvctDP6XQgWx5g6SkAC8ndz9jt%2FXeGC4fsgqhRXlGDUtASqvkSf2unpqA5ugyy4i0WOxOodh2TYN7eKNZzT2h0NslqsVWuuQ%2FaicNtve7THgIgyjSxehQgOTvs9Sn6tPV86LgaeOmLGyQ4gLUjWPCffZlgEoSA9n0qqsU0lTbX1tdmPlZ2ElV49TwCAfu5shmHezwU1gfmaV7oReBd0hzzpTcUzx3QljoE%2FzSnAw2ZtKuv%2BO6yRzZgBJwx5SiRITu7EDQD8hUgT6QLiN6JdMxkmw9ULOmDQDSnaLUGSRlGr41E2lpJRwHI0leAPpJlNc%2FMkSxvn2MER2ZE1xExGgK79oNOoGcDwhCwYziSTaJkxmrK8aLN6cUJh02%2FSCjnSAm8JQwCL6vNNVyAOawPEMAjwx7PtcsX1Rh4VOMMehBJGM%2BNa7pASRgKuXRCHUUbLtF5RU4mKJQkdtd3LFpxc6xrFY0os952tXrcRRkxJSwnEVmVqUr4JtyV6gvFOdnzU2ZTXGy3w48I15%2FzyVRzgKxQXcqFQgWDvc1Nyp1MtnbTi3FkIp81d8g9TVB1FZ2DEJJmBZ2cb4IabTEgKVWYYHhrdMBvH0TSqWegXNpybsfy5qV7z5KEXEj5a57Ius06QGponfOXsRXoWFWcJqVh2LQEA0wVBYxDdeCrla5K8lrsbdzunXZq0DX281%2B1tRLWYVtLtyKt4nR5JsrP4FYVkxfnTMMta8lxKxvvrQ9%2FOtkBPUDK3AtvYmp105wUu6lUuRS8AUq5vtt6OSZbnKMHogMbQJ7OCMr3ijIPMSzOLn%2BUKxL90r1IUOjPl%2FsUSGSvUpr9N7AOrWOxzVyEjtY%2BkEj9N5ec7ded59Ur2d7VUzxBKO4PRxjtIiixWsSzsMpDM85KLWb11xwcHBQr1DfDlzvzqJhOVQ7J%2BaARJ24asDmOgcA2YvqMjfUZ5O8m0%2BT8PmLTdiu9zafURibLOwXJADQwcF7AxaIRwHp77kZLYqc4gWDK1nj59eIuvZ9ebJtgleQKSUKrLlLS65%2B3AT33F%2FCmOPA8xxjOQ%2FEbttRFEeRK9H0unSRgAxdSJ78Tpz4Gxm%2F95tKRV9jOBcG4lvyyZ1rjPtfVLSDJOk9eZe0QSlDZrtlRl2sNVSIKjWyJ1wAcLX5HyHfAJ5KCux4MOpcbttFjjpCphT%2BTW7Rn%2BXpnSK3Jlpw3bUj5Spo5zgWW%2BzN1E03tnXi5aR7tlxD2AK23RA1k9NFmBQ%2FYEV0eSFeuKA5hM7jJXLi8atvhy7tsCFnmbxAslAAFrLfuLnDWNJTLfHn2zqcaaZoAvZV4k0G%2FU8BHRzlkOtJgve8t8cRMfWLULt2ChEvk%2BFM1tGsFfGvWBx%2BG6UhUn4RncfauXdnQZCvTNeeIQBO5Qzvk7b7jBdFidDdudAhKAde8GVWGurU%2BbdvRgQqVcYwpwq0FVy%2F8TbncS9jNRVqQUAent85pSjCwjO%2FDp61TSCrRgzGeav5WJPMrxfBEGxX37%2FqiyLWhE7odgzkiY%2FnSjrr8YIr554Q3bbVrlD1PIX4Ur7SLwPgBDSgdGHuNYJatPrww8ajx9mCoMR00uy49vhYLc1Ui5WOKoIle7aT0GLlqx1vEzMoauy3oDXEr2mMRGPORrUD94FI6dmOAPsA7zrUoEi4ZcxxrnN7DPoPN3YT%2B3%2B0SnHVViYD%2FrmMgrJ0CtuTh7TfZcZN23fo%2FXd7ID2ze3H3K1X4O2SStXr%2FnBgd2xDoRN%2FXw8auyja%2F%2FmbG2e7i%2FyDFtH%2F2roAnp%2BOHiiM%2BBacO40A35G1f4m4L684Ql4b%2B6AdwcZHnKd9ikWVBV1pjDVijJVerI2UDVNxdAnRneJrjBVJWxLdCohqGxHUHX5PkGbKaUPhlA77IIxARjPgw4qahmjE9uBq5zHhlC2w%2F3iq0GMbq%2BQAk7Qna9bBRPnPnGVxeSJVuCYmtmv7WwV4%2F9EnKXU%2FUC0AtHl%2FCV%2BCnqSrL0Jc8kcmL9K%2F15YeINOgZxGOY%2BrQQvVHC4LgE99qhIYjG781C7Ebil6YFZOEdrki%2FNBxOCZTQCw%2FtFVPtcVDH%2B3vainkSWYAt69Hc8ESugmDHa7FNXIrMjAwfBKS2Y0SE7SwaqR9nJuqiX9d7mQbx8xl3P5g4Pm5LrhySa%2FgbIw0FwALQguDxHoKCwRPV3IML6ASVwwHi9iL3q155qf19hhIhQpAvlkWp1OfhCPWfQlLPJfP8Vj%2Frk3VDRqMCyaelupAHAFKQhChdiKTcXuztntwm6%2BPsfDjQ0jDMi%2Ft1gt6t5CctmSaQdHOUgTO%2Br%2BgpNX6KFs3y1xdjxa4bKWBC4NCo3bcxyFi1SLtikLMMjKd4QxlHoJVECO%2B7KXSylTB0PyzS5cmyN5wOM0xFVta8Q0N4MLKdZaJgKrc9D1DRFVcyiYR4lgvr%2FMVTsqLyzA5uAeonzGCdXrgQCAuKgvdK8srKyXeHiAa32qU1b%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Dec 2023 07:14:16 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT51-C2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
gzreXlDO4IxlcvT-f7kokes80ziHYZDYb3A85O53qfvQKV-KCx7PMg==
activeview
pagead2.googlesyndication.com/pcs/ Frame 9DCA 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIWjqCpT-jIv1O0v6KZIofp4k8BmoHz_e6XBcfcHA3c0Nv9CX8X_xmvAVozsAiomG4jPeuNMPEg7NGTPAys4hMvCGbORHCx3pkOfjG81M3_PNiOcS3m7nxPXRCnQeKTVz-YGqg5Xv7qjTB4NUfnXE2jmh0&sig=Cg0ArKJSzF_Yw9MSIrPXEAE&id=lidar2&mcvt=1000&p=168,436,258,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2439515184&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703315653628&rpt=824&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.466.js
static.adsafeprotected.com/ Frame B24A 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.466.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931599&pubId=22235&chanId=www.register-herald.com&placementId=105129&pubOrder=AU&custom=desktop&custom2=windows&custom3=chrome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 20:53:13 GMT
x-amz-version-id
xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding
gzip
via
1.1 fcfb767b5ad15bbc6d9e5b12d89c5172.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
814863
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:51 GMT
server
AmazonS3
etag
W/"eac384b0904b6f5677cb58a4d4e104c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
p5Owsk8_dBbby6ZIqO5WzTN6LjvicL3Y65yVMN_ssR1MDLo9YvjFnQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 62F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk4wgSJlHQP6-W4RGkptnk8nDZRtZbvlfvNznw-WJpw9nVq0Oz_k3BENu9RvtRsJb1TY0jwvyFGO9Vo6OPEqDPXpSh7LAbTuZe7T315sdfd05Y42uVJEJRiqFNGZ500Da9z-0hxjyY9pOVF7T-RS3zju8x7EqYCcg54TV1DhmP8zOqBGXqJcMo-UawiBvneW80xYSZLKRSxMNWH6VKHaDlzJSSLwgwPs8IM9cCsMgssljyZTvQGSwoLAb1X3wQ6iLsCt2IuWMTjrX6s6uPlVQlkYAxRJuzoj4OpZcGSuwZAyoToQW4iDgA6PF8B6Fky5ureEqzrvDMDOuma6xm91H-qgMMIiqScRcOnGezsCBPDlX746eekLwDCKtZqFiIZaAvgD1oKogV9pcKnGmZ-ngyQ75zkKs&sai=AMfl-YSVOi-4jUbF2wUEZh5L2h20elIe6EDXxtnsbkqqeYIYMZhAtwMyzEesSueJp2FG0A9VnM1k2ZDEJmMO7YOKvbOEbLJQLfMZnuj7HHGRShFZsohF9QYtOHdiks1pIHwqHWBHPUoqfXYVkzx2w7C-oQW7&sig=Cg0ArKJSzJGCe9wjwZOgEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 07:14:15 GMT
async_usersync
ib.adnxs.com/ Frame CE7C 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
an-x-request-uuid
c9573f5b-5e0b-4c8d-9e09-a4a677f240d5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AC74 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:15 GMT
an-x-request-uuid
245bc52c-f199-4c33-b8aa-4dc059d43903
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame F77C 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 fcfb767b5ad15bbc6d9e5b12d89c5172.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
24875253
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
bXtQAroAlXA-_6Dt60hNwzj7MaDhunZgT5YSv3GqwtsFQU1kWoHV1Q==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931599&pubId=22235&chanId=www.register-herald.com&placementId=105129&pubOrder=AU&custom=desktop&custom2=windows&custom3=chrome&adsafe_url=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&adsafe_type=abdq&adsafe_jsinfo=,id:e9639ed7-8f6d-642d-5e26-f19b2e53f608,c:xDjhvp,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-6f6d68999-c2zfp,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:120.6017.720.405,am:a,cc:120.6017.720.405,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:368,mot:0,app:0,maw:0,fm:tZfcUbD+1*.931599%7C11%7C121%7C13%7C141%7C15%7C1611%7C1612%7C16131%7C16132%7C1614%7C1615%7C17%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h1%7C1i%7C1j%7C1k%7C1l,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:VIDEO.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:439,oid:e1740d79-a162-11ee-90bd-82004f5b5432,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.198.172 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-198-172.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
server
nginx
x-server-name
app02.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=e9639ed7-8f6d-642d-5e26-f19b2e53f608&tv=%7Bc:xDjhvr,pingTime:-8,time:440,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:440,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:438,wc:0.0.1600.1200,ac:120.6017.720.405,am:a,cc:120.6017.720.405,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~720.405%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tZfcUbD+1*.931599%7C11%7C121%7C13%7C141%7C15%7C1611%7C1612%7C16131%7C16132%7C1614%7C1615%7C17%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h1%7C1i%7C1j%7C1k%7C1l,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:439%7D&br=c
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.6.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-6-185.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=e9639ed7-8f6d-642d-5e26-f19b2e53f608&tv=%7Bc:xDjhw6,pingTime:-2,time:481,type:a,im:%7BpBlk:458,sf:0,pom:1,prf:%7BbeA:914,beZ:915,mfA:1282,cmA:1283,inA:1283,inZ:1287,prA:1288,prZ:1335,si:1352,poA:1354,bl:1372,poZ:1372,cmZ:1372,mfZ:1372,loA:1390,loZ:1391,ltA:1394,ltZ:1394,mdA:915,mdZ:1249%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:720,h:405,t:438%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:481,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:438,wc:0.0.1600.1200,ac:120.6017.720.405,am:a,cc:120.6017.720.405,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B110~0%5D,as:%5B110~720.405%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tZfcUbD+1*.931599%7C11%7C121%7C13%7C141%7C15%7C1611%7C1612%7C16131%7C16132%7C1614%7C1615%7C17%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h1%7C1i%7C1j%7C1k%7C1l,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:VIDEO.qs,siq:439,slid:%5BVideo-iFrame-SekindoSPlayer658688c5ab2c3,Video-Div-SekindoSPlayer658688c5ab2c3,Player-Div-SekindoSPlayer658688c5ab2c3,primis_playerSekindoSPlayer658688c5ab2c3,primis_container_div,primisPlayerContainerDiv,ahm-vidya-2,asset-below,asset-content,asset-643bc7e1-6854-5a09-baef-a4148634a7f7,main-page-container,main-body-container,site-container%5D,sinceFw:40,readyFired:true%7D&br=c
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.6.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-6-185.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=e9639ed7-8f6d-642d-5e26-f19b2e53f608&tv=%7Bc:xDjhwV,time:532,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:532,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:438,wc:0.0.1600.1200,ac:120.6017.720.405,am:a,cc:120.6017.720.405,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B161~0%5D,as:%5B161~720.405%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tZfcUbD+1*.931599%7C11%7C121%7C13%7C141%7C15%7C1611%7C1612%7C16131%7C16132%7C1614%7C1615%7C17%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h1%7C1i%7C1j%7C1k%7C1l,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:439,sis:486%7D&br=c
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.6.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-6-185.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vid652f37158a628346251952.jpg
video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.jpg?cbuster=1697593111
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
5216f2de1c18fc2b3fe9f9074b4a0a4f341e33475648b62a5d94696ad0ef4c99

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 20:53:44 GMT
via
1.1 1dfba6c05648522e13059c944a28466e.cloudfront.net (CloudFront), 1.1 6ee3eecd683392286f206a7ea6e9ac0c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
37232
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
30523
last-modified
Wed, 18 Oct 2023 01:39:43 GMT
server
nginx
etag
"3b5e92301fbadeebd4d68d36e1875727"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
_uRZYSvTvlI_E8b4herqtBbOdWDJbS9Edf23Le00ZZHynQ83oKk-7Q==
expires
Sat, 23 Dec 2023 20:53:44 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 03FC 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 05:40:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=e9639ed7-8f6d-642d-5e26-f19b2e53f608&tv=%7Bc:xDjhEC,pingTime:-10,time:1009,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703315656658%7C%7C3ee214e7bc112115bf43d946e4c36d3f%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C2df8d4d8389ac14953cb034fd6ee3d9d%7C%7C80e3292d4930d9cb4b9db8cae52d1abb%7C%7C49cf1eab6472eceb19988d06898b7bd8%7C%7C282b327159641fecd25d87cc6c43dcf2%7C%7Cb74b28f170a748b47ade8d41454b0328%7C%7C1663701684%7D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.6.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-6-185.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:16 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 03FC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34294770&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
98a4956d6e98d6da7d533dd35557e1006a1426cc3fff76203d44b6bf1a7d9a27

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 23 Dec 2023 07:14:17 GMT
content-length
1058
content-type
text/html; charset=UTF-8
1.js
register-herald.com/content/tncms/ads/_popup/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald.com/content/tncms/ads/_popup/1.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
c321d73fc9c85f137ab8ff3c6de6f40253e9b6cba52c2b50a70912ca315168fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12121
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 164D 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.register-herald.com
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 07:14:17 GMT
server
Kestrel
server-processing-duration-in-ticks
714865
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2009464020&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ul=en-us&de=UTF-8&dt=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team%20%7C%20Prep%20Zone%20%7C%20register-herald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aDDAAUABAAQCAGAAIAB~&jid=687089057&gjid=338172344&cid=478712700.1703315651&tid=UA-3850501-28&_gid=1487238193.1703315652&_r=1&gtm=45He3bt0n71MJDQXDv71530764&cd1=478712700.1703315651&cd4=false&cd5=false&gcd=11l1l1l1l1&dma=0&z=440828448
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f46.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
31f471fe-251a-4cab-a877-738559bc5bbf
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/31f471fe-251a-4cab-a877-738559bc5bbf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
e21e3999-d51b-4b43-bb0e-907585b2521e
https://www.register-herald.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/e21e3999-d51b-4b43-bb0e-907585b2521e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
65503336e2927.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/e/3c/e3c90c1c-80ff-11ee-988f-4fda01e078c7/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/e/3c/e3c90c1c-80ff-11ee-988f-4fda01e078c7/65503336e2927.image.jpg?crop=1067%2C1067%2C266%2C0&resize=100%2C100&order=crop%2Cresize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e09d37e49935c8d7ae5b8aea9e4273f3ff02b864355e368f0f8558f220b9f31
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
MISS
cross-origin-resource-policy
cross-origin
content-length
3546
last-modified
Sun, 12 Nov 2023 02:06:47 GMT
x-vcache
MISS
server
cloudflare
etag
"f6c684e6ccc84815439ce82b58477fb8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
839ece89be1355b1-SYD
expires
Sun, 22 Dec 2024 07:14:17 GMT
64fbd52ba8445.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/7/da/7da9120e-4eb6-11ee-a370-3bdcb11abbc9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/7/da/7da9120e-4eb6-11ee-a370-3bdcb11abbc9/64fbd52ba8445.image.jpg?crop=1175%2C1175%2C294%2C0&resize=100%2C100&order=crop%2Cresize
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e3df7233ed07e9af27640a3fac893d0157119c63a36603391150523857fe12
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=604800
cf-cache-status
MISS
last-modified
Sat, 09 Sep 2023 02:15:12 GMT
x-vcache
MISS
server
cloudflare
etag
"553ee7ec8b57afcf525ac52672607f4e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
x-robots-tag
noarchive
cf-ray
839ece89be1455b1-SYD
expires
Sun, 22 Dec 2024 07:14:17 GMT
tcx-ping.php
japfg-trending-content.appspot.com/ 		356 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=West%20Virginia%20High%20School%20Soccer%20Coaches%20Association%20names%20all-state%20team&h=www.register-herald.com&p=%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&w=1&a=ldgr4&_debug=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.20 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f20.1e100.net
Software
nginx /
Resource Hash
775d0c39e71211731a20ae7ea1622bfca5a2e5b03d645d1286cfde987bcfb14f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:18 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p
i.simpli.fi/ 		798 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=107348&cb=sifi_att_42656._hp
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.133.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
154.133.124.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
b2842463148746cb02e2ab1b421e6eb3848536c3bd345a223e3a9f7fadca1db7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame A756
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 23 Dec 2023 07:14:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 23 Dec 2023 07:14:17 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5953
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2814042338364285155&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2814042338364285155&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 07:14:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
4e560b8f-5b99-4060-98a5-f9680d4f6084
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 07:14:17 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2814042338364285155&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame A727
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1cbb3f31-9496-4c8a-b2cb-468e7116abe7&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=5212190e-59e5-3047-a7a7-4e620206c88a&ssp=pubmatic&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=445&user_id=5212190e-59e5-3047-a7a7-4e620206c88a&ssp=pubmatic&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 07:14:18 GMT
Server
nginx

Redirect headers

Connection
close
Content-Length
356
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Dec 2023 07:14:18 GMT
Location
https://x.bidswitch.net/sync?dsp_id=445&user_id=5212190e-59e5-3047-a7a7-4e620206c88a&ssp=pubmatic&bsw_param=1cbb3f31-9496-4c8a-b2cb-468e7116abe7
Vary
Accept, Accept-Encoding
Pug
image2.pubmatic.com/AdServer/ Frame 99B4
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 22 Dec 2023 23:00:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 23 Dec 2023 07:14:17 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 77B6
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tcq35qfnlf
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tcq35qfnlf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 03:52:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sat, 23 Dec 2023 07:14:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12tcq35qfnlf
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
ecm3
s.amazon-adsystem.com/ Frame 2C98 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID235B4D78-F1FB-4418-B2CA-57F5903AA12B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 07:14:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
752WH4WASW2HN00EF145
396846.gif
idsync.rlcdn.com/ Frame 03FC
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c8bccc03-2a10-0514-30d7-8c37956c319a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c8bccc03-2a10-0514-30d7-8c37956c319a
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=c8bccc03-2a10-0514-30d7-8c37956c319a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 03FC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
1 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 03:52:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2766854501026029548&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 03FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9dPepd5E2uXFc2fAzpkjNLnyefiEuOg-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9dPepd5E2uXFc2fAzpkjNLnyefiEuOg-~A&gdpr=0
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9dPepd5E2uXFc2fAzpkjNLnyefiEuOg-~A&gdpr=0
date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931599&asId=e9639ed7-8f6d-642d-5e26-f19b2e53f608&tv=%7Bc:xDjhOB,time:1628,type:e,im:%7BpLoad:1569%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1628,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:438,wc:0.0.1600.1200,ac:120.6017.720.405,am:a,cc:120.6017.720.405,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1257~0%5D,as:%5B1257~720.405%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:1052,fm:tZfcUbD+1*.931599%7C11%7C121%7C13%7C141%7C15%7C1611%7C1612%7C16131%7C16132%7C1614%7C1615%7C17%7C181%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h1%7C1i%7C1j%7C1k%7C1l,idMap:1*,rmeas:1,rend:1,renddet:VIDEO.qs,siq:439,sis:486%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.6.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-6-185.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=30DE9C28ED4445DCA5305FC1768B4A1C
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=22a65bdba9&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=22a65bdba9&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.139.210.126 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-210-126.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
via
1.1 4acb5efdd4b252788b64d73e2726c236.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=22a65bdba9&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
lZVwxCQ5Y0TnQz4INjvKAL79WVIh2a0-ZrkzFORYOoTk6Pv0J9gWQQ==
RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/30DE9C28ED4445DCA5305FC1768B4A1C
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=30DE9C28ED4445DCA5305FC1768B4A1C&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=30DE9C28ED4445DCA5305FC1768B4A1C&dongle=yf3
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 23 Dec 2023 07:14:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=30DE9C28ED4445DCA5305FC1768B4A1C&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=30DE9C28ED4445DCA5305FC1768B4A1C
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
H2
Server
52.201.84.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-84-54.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 23 Dec 2023 07:14:17 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=30DE9C28ED4445DCA5305FC1768B4A1C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=30DE9C28ED4445DCA5305FC1768B4A1C
  • https://d.agkn.com/pixel/10751/?che=1703315657732&ip=66.203.112.165&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D232713304739002841116
  • https://um.simpli.fi/aa_px?sk=232713304739002841116
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Sat, 23 Dec 2023 07:14:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=30DE9C28ED4445DCA5305FC1768B4A1C
43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
H3
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
W7pIybaaPlUbizYohS6hEsa5RJxSqtXnKCiguLL_4HCQ32dNgqSpYg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 22 Dec 2023 07:14:17 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 22 Dec 2023 07:14:17 GMT
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=30DE9C28ED4445DCA5305FC1768B4A1C;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=30DE9C28ED4445DCA5305FC1768B4A1C;mimetype=img;sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODczMDUxNzI5NjEwMTYyNTk4
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJ1S_uYN5p-uv1jA3-s316Q&google_cver=1
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJ1S_uYN5p-uv1jA3-s316Q&google_cver=1
Protocol
H2
Server
107.178.240.89 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
89.240.178.107.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:18 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEJ1S_uYN5p-uv1jA3-s316Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=30DE9C28ED4445DCA5305FC1768B4A1C&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=30DE9C28ED4445DCA5305FC1768B4A1C&j=0&xl8blockcheck=1
0
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=30DE9C28ED4445DCA5305FC1768B4A1C&j=0&xl8blockcheck=1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sat, 23 Dec 2023 07:14:18 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=30DE9C28ED4445DCA5305FC1768B4A1C&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 22 Dec 2023 07:14:17 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=30DE9C28ED4445DCA5305FC1768B4A1C
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
HTTP/1.1
Server
52.21.185.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-185-227.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 23 Dec 2023 07:14:17 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=30DE9C28ED4445DCA5305FC1768B4A1C
62 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
H2
Server
23.202.168.221 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-168-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 23 Dec 2023 07:14:17 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
tpid=30DE9C28ED4445DCA5305FC1768B4A1C
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=30DE9C28ED4445DCA5305FC1768B4A1C
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
H2
Server
52.74.215.70 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-215-70.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.14.197
content-length
49
expires
0

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=30DE9C28ED4445DCA5305FC1768B4A1C
43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
HTTP/1.1
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:17 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
362588.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=30DE9C28ED4445DCA5305FC1768B4A1C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=8c822726-6357-40ad-8c01-822eca9a1a3b
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=8c822726-6357-40ad-8c01-822eca9a1a3b
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=8c822726-6357-40ad-8c01-822eca9a1a3b
date
Sat, 23 Dec 2023 07:14:17 GMT
server
Kestrel
content-length
199
/
www.google.com.au/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1703315657299&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=y...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzpfTpY...
  • https://www.google.com.au/pagead/1p-conversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzpf...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-conversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzpfTpYGlgwMVSoRmAh20vQLM&is_vtc=1&ocp_id=yYiGZY6PH8qImsMPtPuK4Aw&cid=CAQSKQAvHhf_LIa4G7aZ2pw7cjz-xKIkyg-rKllt0syQlx_iBiwfSN1crFHw&random=3401278311&ipr=y
Protocol
H2
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.com.au/pagead/1p-conversion/1026675585/?random=862120691&cv=7&fst=1703315657299&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIzpfTpYGlgwMVSoRmAh20vQLM&is_vtc=1&ocp_id=yYiGZY6PH8qImsMPtPuK4Aw&cid=CAQSKQAvHhf_LIa4G7aZ2pw7cjz-xKIkyg-rKllt0syQlx_iBiwfSN1crFHw&random=3401278311&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=30DE9C28ED4445DCA5305FC1768B4A1C
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
an-x-request-uuid
7a9bb7f4-e4ab-4534-be58-4017fab6750b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ib.adnxs.com/setuid?entity=66&code=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=30DE9C28ED4445DCA5305FC1768B4A1C&expires=365
42 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=30DE9C28ED4445DCA5305FC1768B4A1C&expires=365
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=30DE9C28ED4445DCA5305FC1768B4A1C&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=30DE9C28ED4445DCA5305FC1768B4A1C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 22 Dec 2023 07:14:17 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEPhOqasvZXerWxJmQO9uNJ0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=30DE9C28ED4445DCA5305FC1768B4A1C
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 22 Dec 2023 07:14:17 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2-photo-veteransparade%20001-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-7t43rZs/0/2d52e45c/S/ Frame EC5F 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-7t43rZs/0/2d52e45c/S/2-photo-veteransparade%20001-S.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
3f7c43ddc9f8db390cfd1619f0f31b2446222e2f1c7b4bddd4c16826b6007049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:48:34 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
OEmDZhs6Z+vK9d+ERlJULQ==
x-smug-ph
0.0221
x-ttfb
0.0681
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0a6f0d163f9da3e6a
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
264343
smug-content-length
62780
content-length
62780
x-request-id
394495e2
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:34:59 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 21:48:34 PST
x-response
Buffer
etag
"384983661b3a67ebcaf5df844652542d"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-7t43rZs/0/2d52e45c/S/2-photo-veteransparade%20001-S.jpg>; rel="canonical"
x-amz-cf-id
VF_tsNZ6wz9zRissMDmjZlip4wEthLqUTpHBf_lOZXlU9vOY8HE6kw==
expires
Thu, 19 Dec 2024 05:48:33 GMT
231110-photo-healingday-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-rSf22pZ/0/0b688912/S/ Frame EC5F 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-rSf22pZ/0/0b688912/S/231110-photo-healingday-S.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
71c01ed8d44711e5595e581ced6547780ba3378b7c741ed600c9284fcd069399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:03:00 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
vgvmlYz5w1mcaXgVaNs2Kw==
x-smug-ph
0.0225
x-ttfb
0.1153
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=ec58e149, d=i-0e854e668c80f8554
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
267077
smug-content-length
70408
content-length
70408
x-request-id
ce829443
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:34:57 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 21:02:59 PST
x-response
Buffer
etag
"be0be6958cf9c3599c69781568db362b"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-rSf22pZ/0/0b688912/S/231110-photo-healingday-S.jpg>; rel="canonical"
x-amz-cf-id
DwoxI_3DbmnZxG8nNTjQbEUb46A9Ht9JB9yvXF7bjVqjtn2OkE9sDw==
expires
Thu, 19 Dec 2024 05:02:59 GMT
spacer.gif
cdn.smugmug.com/img/ Frame EC5F
Redirect Chain
  • https://photos.register-herald.com/img/spacer.gif
  • https://cdn.smugmug.com/img/spacer.gif
43 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.smugmug.com/img/spacer.gif
Protocol
H2
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:15:32 GMT
strict-transport-security
max-age=31536000
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
MlRyYBVx8x4b8AZ0w2jTNQ==
x-ttfb
0.0741
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-056aa31eb47ae9caa
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1918725
x-smugmug-values
3/5 - Deliver Awesome
content-length
43
x-request-id
a71d959b
x-ua-compatible
IE=edge
last-modified
Sat, 20 Jul 2013 19:09:23 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
etag
"325472601571f31e1bf00674c368d335"
x-frame-options
DENY
x-ttfb-l
43
content-type
image/gif
cache-control
public, max-age=31536000
x-s
100.9.11:858287
x-amz-cf-id
Fbh_59DgSCXQ1458k_keZdMGOVqz8kyDYW7r46ADfYpehKz_JZBRww==
expires
Sat, 30 Nov 2024 02:15:32 GMT

Redirect headers

Date
Sat, 23 Dec 2023 07:14:17 GMT
x-ttfb
0.0108
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=4cf206a9, d=i-0d02c127dc257aa2c
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
4/5 - Dare
Connection
keep-alive
Content-Length
0
x-request-id
47006e9e
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
x-frame-options
DENY
x-ttfb-l
0
Content-Type
text/html; charset=utf-8
location
https://cdn.smugmug.com/img/spacer.gif
cache-control
private, no-store, no-cache, max-age=0
x-s
100.0.63:652051
expires
Sat, 23 Dec 2023 07:14:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 07:14:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D984 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
351836
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 05:30:21 GMT
expires
Wed, 18 Dec 2024 05:30:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2EC7 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f4.1e100.net
Software
GSE /
Resource Hash
e6f3fde3109dcc27badac7692fa65424702b953e0b14b66322227fe888f3642d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-03nDKj_ge63Gi4y2AP6AVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-03nDKj_ge63Gi4y2AP6AVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 07:14:17 GMT
expires
Sat, 23 Dec 2023 07:14:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D984 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 00:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
198415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 00:07:22 GMT
generate_204
tpc.googlesyndication.com/ Frame D984 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?cp8QWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 2EC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1075877514219374&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
trinity.json
apex.go.sonobi.com/ 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22273d791b3478bd%22%3A%22121808278466059cd0bb%7C300x250%7Cgpid%3D%2F281191609%2C9869277%2Ftrx_cnhi%2Fregister-herald.com%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&s=cab1c9e0-29c3-41b3-a1ab-8313d3b87aac&pv=8bba087d-29ea-4d3d-bd21-d1209d1127aa&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html%22%2C%22domain%22%3A%22register-herald.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22register-herald.com%22%7D%2C%22keywords%22%3A%22high_school_sports%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200021%22%2C%22hp%22%3A1%7D%5D%7D&us_privacy=1---&coppa=0
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.78 Hemet, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d1d2e46b99e3b4c1436e37d07687545c02c35abf3cb73408752b9172da709df9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:18 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-75
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type
application/json
Access-Control-Allow-Origin
https://www.register-herald.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
436
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		23 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
780bc4164bc6926b544c9116ee57616a28718234fad902fe43afa27420193577

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 23 Dec 2023 07:14:17 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.register-herald.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
arj
justapinch-com-d.openx.net/w/1.0/ 		190 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=88fdcb93-33a9-4ba6-b239-884bf378349a&nocache=1703315657838&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!americanhometownmedia.com%2C00021%2C1%2C%2C%2C&aus=300x250&divids=ahm_widg_id_7&aucs=&auid=544092638
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f77a61fde66a46bbe5aa005b8fe48f1796301acea2b33e08c3e5aa184a52e556

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.register-herald.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
expires
Mon, 26 Jul 1997 05:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F76C 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66030942&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d689506793986be07750932d72d64ebbdcd831a9d22a7e2ec84487532f3b3dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 23 Dec 2023 07:14:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
prebid
id5-sync.com/api/config/ Frame 634A 		135 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 634A 		0
0
id
id.crwdcntrl.net/ Frame 634A 		152 B
829 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.213.147.200 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-213-147-200.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
238208a4ba0394c585753f2493bc21a3c5e9855413361033009bba393e3c9b8a

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache
x-server
10.42.29.204
access-control-allow-credentials
true
content-length
152
expires
0
rid
match.adsrvr.org/track/ Frame 634A 		108 B
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
5fc4c44dd4dd3c0cb300be345201f2b6f2d48825811794f50dd0e0ac2baad170

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 23 Dec 2023 07:14:18 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.register-herald.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 22 Jan 2024 07:14:18 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E166 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-59-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=97365
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 23 Dec 2023 07:14:18 GMT
expires
Sun, 24 Dec 2023 10:17:03 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 164D 		451 B
568 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=register-herald.com&sn=ChromeSyncframe&so=0&topUrl=www.register-herald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.register-herald.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b8b8fd24883988625fb9c121f4bce7c0759eb375d23a451e292d665475b45f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.register-herald.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1450471
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1075877514219374&bg=!qaqlquXNAAY3kmNgF5I7ADQBe5WfOPqIRPWVDor0I0K3lmXV-KFvYH_F9l55A_gY1QXAtS_cLqhHa-Cgb6XmJ6JlbgR3AgAAAKhSAAAABWgBB5kC8cBrzwH2K1uyqdT9hXUjAZDzkHrWIzUZ-Vo2zmkThDiLK4WkA6ie6yrZ1w5rCOIiqyU-tBbXUEly_huryL0EiQD5RIOntRzuxY1wJnnG48EAycgoCF7oo8cLW2JUKnIYLz7cofO7LD5cYRR_MPR7kLIin9v7v7UBvBiuePlc7pkxhjWeR7t0aEnSjwUKbTQyzrevm6ExS9v6Fs0Q0EhSCwSnzQ3Ad-PgBZu6MSvRaSlNKRv9B6XBOxMFyGaGPnogEIZV20GZq2NVaEX5fyKQ9RtpkMb06qLCftPCrdSWK3qt_9h1InOu0w2GW4cVxInGkp7dhqUNNlS6E_vK6ZHBuVNGCPbN6fNkxJXTMqor-uRXMyBnXRZJDAOj-wWSke6dYy2jvI7LFErEaP47dT5XJArEbZp5au8AZKhP__2dZhFDoUBNx_2BLC8n_xsy_IrID_5Zl8FvVhA8bquAcwBAQE5Mubn3cRNSFSw9nbhpdTJiJs3zlQArAG1raMhvMP9PbbxkT4aLFHW06zwedYhKARMjkdDfSQ08C4btNV2BviE1XuR1zS5bMoGUrfkQO-ZIJtXT4E7lUbmHw77umZeKvB_X_EJXA_5DP2zv62yYcXTG54rhPXj1Lcdyn9zLcT5avLHUfLJyu02dR7BuxatR2e-DWkcxmtq9mzXTHTJYy5dMmHUiba0sfrf0DpHZ5Z04N-jBM3hlW0UrOyF-lRM70-QaCuBhZH-9srHxO40cwuJ4Y7buIQrqyT2a_8VF3VMchkuBBFii0iEjuePa1-N_rp0jE19dQJbktHgfBOr2TDw8RltYswNm5JD3P-GM0Gas5BMfhRjL6hvLcNR5xMMBezdy0WfH5NKQQTW9PgtRhtuEztuK4PrGUuhEah0LQu32DuzlfxT9KeZcb_IPiqyi_pYLD3_a2OnFoTWHrkXhAgKC-n0yQjuh41RljueOZViKTLJR4KxAyHFLri-qxRwVm49gLj_5xtFIy7O9mXmTMoooiw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1FEE 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 23 Dec 2023 07:14:18 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-kbfi7400043-BFI
x-timer
S1703315658.360037,VS0,VE123
Pug
simage2.pubmatic.com/AdServer/ Frame 5A80
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0QJjteEPWOVyOHxktb2SCULLcKU&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0QJjteEPWOVyOHxktb2SCULLcKU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 07:14:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Dec 2023 07:14:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0QJjteEPWOVyOHxktb2SCULLcKU&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 94A5
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8cb031b0954848aaaaf47f16c883878a
42 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8cb031b0954848aaaaf47f16c883878a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 03:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sat, 23 Dec 2023 07:14:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=8cb031b0954848aaaaf47f16c883878a
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame 725E 		43 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 23 Dec 2023 07:14:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame F8FF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 01:20:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 07:14:18 GMT
expires
Sat, 23 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
722979
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 07AC 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame EF95
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6ryyaeTHAASF3Oa3yoiGZQ
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6ryyaeTHAASF3Oa3yoiGZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 01:20:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 07:14:18 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=6ryyaeTHAASF3Oa3yoiGZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame A5D8
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3ff20361085447bc8d97a6ba5406ecb5
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3ff20361085447bc8d97a6ba5406ecb5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 03:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 07:14:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3ff20361085447bc8d97a6ba5406ecb5
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame C4D2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e358ef80-a162-11ee-83f2-8b28e3594203
42 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e358ef80-a162-11ee-83f2-8b28e3594203
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 07:14:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sat, 23 Dec 2023 07:14:18 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e358ef80-a162-11ee-83f2-8b28e3594203
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1b-delivery-2
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame D699 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 07:14:18 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame A248 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.248.125.194 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-125-194.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sat, 23 Dec 2023 07:14:18 GMT
i.match
s.tribalfusion.com/z/ Frame EE59
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
839ece94ce1a5735-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 07:14:19 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
839ece931c965735-SYD
content-type
text/html
date
Sat, 23 Dec 2023 07:14:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
266
141
match.deepintent.com/usersync/ Frame 57A7 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sat, 23 Dec 2023 07:14:18 GMT
server
c
cookiesync
core.iprom.net/ Frame F179 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 23 Dec 2023 07:14:19 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-b64532de96d1@version_1.579
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 988F
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 03:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 23 Dec 2023 07:14:18 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 4B94
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hx6ZzeAB1RgWd95&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hx6ZzeAB1RgWd95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 22 Dec 2023 23:00:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 23 Dec 2023 07:14:17 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Hx6ZzeAB1RgWd95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-02709237e5f898394@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0050
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245968139501534
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245968139501534
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 07:14:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 23 Dec 2023 07:14:18 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2018245968139501534
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame 1636
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=52528806
  • https://sync.1rx.io/usersync/tradedesk/8c822726-6357-40ad-8c01-822eca9a1a3b
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 03:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sat, 23 Dec 2023 07:14:18 GMT
etag
RX2787b8f026154a39af163f6c452051a9004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame 68C2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:30DE9C28ED4445DCA5305FC1768B4A1C&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:30DE9C28ED4445DCA5305FC1768B4A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 03:33:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sat, 23 Dec 2023 07:14:18 GMT
expires
Fri, 22 Dec 2023 07:14:18 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:30DE9C28ED4445DCA5305FC1768B4A1C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame E8F5
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
43 B
846 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 23 Dec 2023 07:14:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-id
6SwQTyK4J-x0iZofhdflgGy6SfgOlzXzZ87x3vnkkrhRBc6qiP4ORQ==
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 07:14:17 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-id
dr7pVTPqnitpg_4dMb74ypl1jFRwIHLlqxBDQoU_J3-gFx3MQPXthQ==
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
Pug
simage2.pubmatic.com/AdServer/ Frame F76C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7327025687900932889
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7327025687900932889
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 07:14:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7327025687900932889
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame F76C
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=656e707d4e8f22c2&is_secure=true&networkId=17100&version=1&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWTsVZmXQNgM6dcsPAAAAAAA&expiration=1703402058&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWTsVZmXQNgM6dcsPAAAAAAA&expiration=1703402058&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 03:40:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMWTsVZmXQNgM6dcsPAAAAAAA&expiration=1703402058&nuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
adspsp.com/pt/1710310/18/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/18/1/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp.3T94p&g=3Ta6f&u=f0278789:lim1hwav:3i2&v=18g.xc.0.6cz.1.0&m=z&zi=adb_leaderboard_mid,totalaudience,14,U6fe8f6759cd351,adb_floorboard,richmedia,11,U64b6d0c9a11d5cc&z=0,1,2,3:1,2,n2,44o.0,k,008p,qf,44o.0,k,00c2,t0,44r.0,0,00en_1360x90_k.2k.1f4&z=4,5,6,7:1,2,pr,4uu.0,k,00be,qf,4uu.0,k,00c2,t0,4uu.0,0,00en_1600x90_k.2k.1f4_1&rnd=1703315658540
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
v1
lb.eu-1-id5-sync.com/lb/ Frame 634A 		44 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
57cfdf8a8eb59a88cd9551a3aa445f58a534f9cb64d1a12c4e5097dde0031064
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 03FC 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1075877514219374&correlator=3002558678047709&eid=44807747%2C31079527%2C31080117%2C676982996&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Cregister-herald.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=11&sfv=1-0-40&fsbs=1&eri=1&sc=1&cookie=ID%3Ddecfed6a6e349cb6%3AT%3D1703315652%3ART%3D1703315652%3AS%3DALNI_MYMdIwXFkvOAqp9OeqaGWnFyJ_4Yw&gpic=UID%3D00000cbe70d8c956%3AT%3D1703315652%3ART%3D1703315652%3AS%3DALNI_MYKOWOp_3O338KDjXfWTPn5g8J-6g&abxe=1&dt=1703315659347&lmt=1406675156&adxs=840&adys=6017&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&vis=1&psz=300x250&msz=300x-1&fws=4&ohw=1600&ga_vid=478712700.1703315651&ga_sid=1703315653&ga_hid=2009464020&ga_fc=true&ga_cid=1944768880.1703315653&dlt=1703315649586&idt=906&prev_scp=slotName%3Dldgr4%26pubDom%3Dregister-herald.com%26atab%3Dtrue%26frstlk%3Dtrue&cust_params=section%3Dsports%252Fhigh_school_sports&adks=8025182&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
aea63270c63a351ac4af2a765eb47fa8ffc6f79c27836ae83af0cd2cc180631a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13163
x-xss-protection
0
google-lineitem-id
6256584425
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138438042764
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.register-herald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveMatching.php
live.primis.tech/live/ Frame 634A 		0
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32335F30397D7B7331353038393436337D7B4337377D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=66.203.112.165&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703315652&csuuid=658688c408959&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=-33&geoLong=146&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:19 GMT
content-encoding
gzip
via
1.1 907ba743e2765555b63c3c5668ab8cb4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
gf2Hhg3ykTqLdNz5Sy6iGBOo25Jbn_fBB9E7YlzMtV8VaII8mYQ9rA==
view
securepubads.g.doubleclick.net/pcs/ Frame C907 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6vVzhSiNbY98AzaWIhQAxLyyDlh3RLqXr3rOHbIcE7QpVPH7S1_F8Bx-8PUoBDl0sytD4X7srf2RUt06QH8IgHaA3gxn4xkABw1PjMLeZ8ye4YXfOWGcGm0lIu2-eu744UX_6NnIPJSq-82XuWcDqRcHl7mNdyORuhPmoielFE0LMF8hOqx8FxgUErIPkKGj_nbh-v87jGN7cG0Gwi4nSGlePBLq7VBy7N6q8wy-ANppB5qmd8iCGHqpoob4GhbIw-wguKlDISXtPbTMgCu4PRcDdtyrWF8i-MBpjm-6Tz0w0_SBfvY4iTiRDC2RAgtNVvr15FHXNuhSmdT5EvXEXWWkQEyvSfZf1GdA9xmGXGik3wLU7VNLPg1SHvVNH_xEqMAZiiTONmdwaiKuLgqgH&sai=AMfl-YR-xAUtq42V9XeTEewImS3be4S6I8QCfyUlNr_UV6wXERUoe2qO7gUgIafe0h1mi0jUS5_kSTvmtnoh6jpV2NZX2ei3MrZLrQZcqAE7V3-zUBWYQLp62bvIoadFYHA&sig=Cg0ArKJSzM_ObkqHyeahEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C907 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 07:14:20 GMT
6983302731070568873
tpc.googlesyndication.com/simgad/ Frame C907 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6983302731070568873?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
2e1ffff02bf49daaaccce97d786db71c3baccef6a577565ba66023b27d9ee21e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 23:17:48 GMT
date
Tue, 19 Dec 2023 23:17:48 GMT
x-content-type-options
nosniff
age
287791
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167476
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 18:22:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
212.json
id5-sync.com/g/v2/ Frame 634A 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
fa03c760e72d6370db11e021f0fca23644566ba0a3b19021bb248296c6bbc9db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.register-herald.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.register-herald.com
date
Sat, 23 Dec 2023 07:14:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame F76C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame C907 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssw-V5Ewnq2CT1admp0nvsbWxN1pfMAF9vMA6yOBw4YCUFFvIx1ZY0Qe4D13NMiwNSJLRnJ1NjXe8f_-aZLg55KstNhik7CTTU36Z_upiyEILRwZFLiuYJ43B5aWi9HzHg75T6P69mp-grDXMWyjCkcWw-MLNNPZ62nX8nWW6cGLGaFtCEmwkPF3BstrsF6Y6fP1MR4S9DC_TsEiXf2UQ4TlVRz2jCoig6z0ORkNKyTm4QlvC_IUabsMT8UwfgVfLSwGrbSa_vi4ASjn20BYmHCwiF-A7F-9PNmNrdyzmiGVtDJPTVjZ7Fw5cbtocyC13zYv1XvNvZuJ0Ntl4J6ZtApAuS9Frktb99zFJavs3u858gXO9WaXR6LO3AnvLnVUw5bDK2bz81X7LA23T179238U6k&sai=AMfl-YRRT6gPdEQV9zep6YpsrLH9ymROLaoh7IBw-c_RQRTJDyVJCdkGMifqjUH3Sp1DXostK2LUxaFk3nMzyG8RWzRKkuc7Db2zYXAFdpLz94h6aelM1jE-9HDAK4i4voo&sig=Cg0ArKJSzP69B9eHJ_LDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 23 Dec 2023 07:14:20 GMT
truncated
/ Frame C907 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a47cc5b959d172b397b812de84ce4321c99c4583a1f9769e6d31d40fa0fbdafe

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame F76C 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77849686&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 23 Dec 2023 07:14:20 GMT
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame E166 		47 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32915197&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 23 Dec 2023 07:14:21 GMT
content-length
47
content-type
text/html; charset=UTF-8
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 93D9
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
43 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.67.93.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-126.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 23 Dec 2023 07:14:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
x-amz-cf-id
WEgL3aX-pnsaBiNCXqxl0i94vNDbAyUQ9P6dyngZLBVe7xNIeeuV2A==
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 07:14:21 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=235B4D78-F1FB-4418-B2CA-57F5903AA12B
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
x-amz-cf-id
Mn6zB0edBhnITRTYnygFEIQfUV2aqVAq2lpzdM2XrXKW4IzlDug8bg==
x-amz-cf-pop
NRT51-C2
x-cache
Miss from cloudfront
2-photo-veteransparade%20003-M.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-Dcf8dNp/0/becdfb09/M/ Frame EC5F 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-Dcf8dNp/0/becdfb09/M/2-photo-veteransparade%20003-M.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
c691e1709d704eba06caf96f64486db5fa0908b04d38815d7cc50e350e4d0154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 22:56:43 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
4K8CtM5zRUneXGVFtZBLmg==
x-smug-ph
0.0232
x-ttfb
0.1341
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0ed9629088a3e64f3
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
289058
smug-content-length
78290
content-length
78290
x-request-id
51ea7862
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:35:00 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 14:56:43 PST
x-response
Buffer
etag
"e0af02b4ce734549de5c6545b5904b9a"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-Dcf8dNp/0/becdfb09/M/2-photo-veteransparade%20003-M.jpg>; rel="canonical"
x-amz-cf-id
qevTjvammLXFuL16vv1tI2M9jy80J2e39G4iB3XHqUVCRwx2GBPxfA==
expires
Wed, 18 Dec 2024 22:56:43 GMT
2-photo-veteransparade%20002-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-L23XXrP/0/41ea50b5/S/ Frame EC5F 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-L23XXrP/0/41ea50b5/S/2-photo-veteransparade%20002-S.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
b2d9deaece78cb2ba2f912e3c098bed480c59ba7e9855060b6a7fdc934cb0320
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:02:59 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
7zHQsmPUU0sPxNcyFexFNg==
x-smug-ph
0.023
x-ttfb
0.073
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0601f12115be9c257
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
267081
smug-content-length
57961
content-length
57961
x-request-id
9a462d1e
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:34:59 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 21:02:59 PST
x-response
Buffer
etag
"ef31d0b263d4534b0fc4d73215ec4536"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-L23XXrP/0/41ea50b5/S/2-photo-veteransparade%20002-S.jpg>; rel="canonical"
x-amz-cf-id
uBeuQxJfItAuWJSr9twYwCWPT8Esf1fhHRB74FPwTCzW40QcvMGp2w==
expires
Thu, 19 Dec 2024 05:02:59 GMT
spacer.gif
cdn.smugmug.com/img/ Frame EC5F
Redirect Chain
  • https://photos.register-herald.com/img/spacer.gif
  • https://cdn.smugmug.com/img/spacer.gif
43 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.smugmug.com/img/spacer.gif
Protocol
H2
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:15:32 GMT
strict-transport-security
max-age=31536000
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
MlRyYBVx8x4b8AZ0w2jTNQ==
x-ttfb
0.0741
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-056aa31eb47ae9caa
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1918729
x-smugmug-values
3/5 - Deliver Awesome
content-length
43
x-request-id
a71d959b
x-ua-compatible
IE=edge
last-modified
Sat, 20 Jul 2013 19:09:23 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
etag
"325472601571f31e1bf00674c368d335"
x-frame-options
DENY
x-ttfb-l
43
content-type
image/gif
cache-control
public, max-age=31536000
x-s
100.9.11:858287
x-amz-cf-id
H5dgFU1HdwQbXbNMSfrQ1JsdkmvxxRluybQTKac8ELvh45ByXHyaPQ==
expires
Sat, 30 Nov 2024 02:15:32 GMT

Redirect headers

Date
Sat, 23 Dec 2023 07:14:21 GMT
x-ttfb
0.0096
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=e8889be1, d=i-08e29f3cbb86dad46
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
4/5 - Dare
Connection
keep-alive
Content-Length
0
x-request-id
f1e7d993
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
x-frame-options
DENY
x-ttfb-l
0
Content-Type
text/html; charset=utf-8
location
https://cdn.smugmug.com/img/spacer.gif
cache-control
private, no-store, no-cache, max-age=0
x-s
100.15.247:1524381
expires
Sat, 23 Dec 2023 07:14:21 GMT
pd
jp-u.openx.net/w/1.0/ Frame 0798 		998 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e4887f66fbb37871cf75115b09309a4684bbfc3a150220d493a22b071a15992f

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
569
content-type
text/html
date
Sat, 23 Dec 2023 07:14:21 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018245968139501534
49 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018245968139501534
Protocol
HTTP/1.1
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-74
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2018245968139501534
Date
Sat, 23 Dec 2023 07:14:21 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=0QJjteEPWOVyOHxktb2SCULLcKU
49 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=0QJjteEPWOVyOHxktb2SCULLcKU
Protocol
HTTP/1.1
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-85
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=0QJjteEPWOVyOHxktb2SCULLcKU
Date
Sat, 23 Dec 2023 07:14:21 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7327025687900932889&ssp=sonobi
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=7327025687900932889&ssp=sonobi
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 23 Dec 2023 07:14:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=7327025687900932889&ssp=sonobi
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4bd1642a73&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=8c822726-6357-40ad-8c01-822eca9a1a3b&pubid=4bd1642a73
49 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=8c822726-6357-40ad-8c01-822eca9a1a3b&pubid=4bd1642a73
Protocol
HTTP/1.1
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-25
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=8c822726-6357-40ad-8c01-822eca9a1a3b&pubid=4bd1642a73
date
Sat, 23 Dec 2023 07:14:21 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=2fc7f361-968a-4b22-b6b8-f4e230c04636&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SWJFSWhqV28taTNZMjZoNFRpWnU2Zw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAMKk0PmgtMFG4gwc1nTzyc&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=lKZ8FDkv20Td
49 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=lKZ8FDkv20Td
Protocol
HTTP/1.1
Server
72.34.250.75 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:22 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-93
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=lKZ8FDkv20Td
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7fc76965fd-s686s
expires
-1
getuid
sync.smartadserver.com/ Frame 0798
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
23.106.127.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:22 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://u.openx.net/w/1.0/sd?id=537106470&val=[sas_uid]&cklb=1
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:22 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0798 		0
0
merge
ce.lijit.com/ Frame 0798 		43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=f1946da5-0de3-0979-2812-ba62d4466f10
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Dec 2023 07:14:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
jp-u.openx.net/w/1.0/ Frame 0798
Redirect Chain
  • https://ds.uncn.jp/ox/0/sync
  • https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_1300640c-15c2-40bc-a2cd-6782d9423208
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_1300640c-15c2-40bc-a2cd-6782d9423208
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:22 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://jp-u.openx.net/w/1.0/sd?id=540741011&val=v_1300640c-15c2-40bc-a2cd-6782d9423208
Date
Sat, 23 Dec 2023 07:14:22 GMT
Server
Apache
Connection
keep-alive
Content-Length
114
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 0798
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=9d1f2264-dbff-25cf-1bdf0f53
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=9d1f2264-dbff-25cf-1bdf0f53
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 23 Dec 2023 07:14:21 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=9d1f2264-dbff-25cf-1bdf0f53
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
sync.targeting.unrulymedia.com/csync/ Frame 0798
Redirect Chain
  • https://sync.1rx.io/usersync/openx/0e4ca307-9ce2-011f-3f43-552c0a4f1c3e
  • https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:22 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
pragma
no-cache
date
Sat, 23 Dec 2023 07:14:22 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 0798
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2814042338364285155
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2814042338364285155
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:21 GMT
an-x-request-uuid
239b1348-c0fc-4f24-9186-346de4fe9ae8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2814042338364285155
x-proxy-origin
66.203.112.165; 66.203.112.165; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openxjp
e-jp.cmcd1.com/usersync/ Frame 0798 		82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-jp.cmcd1.com/usersync/openxjp?id=83f965de-8667-0cc0-318a-9f6e97531b96
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.64.108 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:14:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 0798
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SALaE0YPgRFTAtJGHAXPQ0ZS0hxTD4RAHwG5NjEc
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SALaE0YPgRFTAtJGHAXPQ0ZS0hxTD4RAHwG5NjEc
Requested by
Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://jp-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=SALaE0YPgRFTAtJGHAXPQ0ZS0hxTD4RAHwG5NjEc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
c.html
j.mrpdata.net/ Frame 0798 		0
0
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/ 		476 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
fca8ff59193e9721c9f4723c28a5adfb21c8656e22e8729010d9b8a318b31e5b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:35:03 GMT
via
1.1 4ec656d2dfbb59cd7fab2ac94a540522.cloudfront.net (CloudFront), 1.1 060fd86e774e2e890f2f6a5bb72fc360.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
52758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
476
last-modified
Wed, 18 Oct 2023 13:50:12 GMT
server
nginx
etag
"b21cda8a933ffc9640bfab97568fc2c6"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
1kDGmVd4aqdti32l98-UqJKH61HwramBhM-S84ChiqyYXmiY7Q2pLw==
expires
Sat, 23 Dec 2023 16:35:03 GMT
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/ 		450 KB
451 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
bdc263034d8a5eca7119c5e0c504cffe86a5e43a3a6cebd568022bfad6e133a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:35:04 GMT
via
1.1 181a665d1a0b3047b4fa647eeabfb330.cloudfront.net (CloudFront), 1.1 060fd86e774e2e890f2f6a5bb72fc360.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
52758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
460600
last-modified
Wed, 18 Oct 2023 13:50:12 GMT
server
nginx
etag
"a988091913202998e32322b059cafd0b"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ISTd6bPnA7BfGNEiebBzJtowS4T32qu6H2G_jPeC8sawID_4lrhX4Q==
expires
Fri, 05 Jan 2024 16:35:04 GMT
ffe0a16f-58d1-4e2f-9366-9d17a2bedc6f
https://www.register-herald.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.register-herald.com/ffe0a16f-58d1-4e2f-9366-9d17a2bedc6f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
liveView.php
live.primis.tech/live/ 		0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpjMmMkNTY1MlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw02Nv4lMDMhMTElLwE2NSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMwAhMC42MDx5LwEjOSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwU4Nwt4YmQjODx1OSZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZxqXI9ODAjJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MDMmMTU2NwI3MmQzqWyxPVNyn2yhZG9TUGkurWVlNwU4Nwt4YmVuYwJwMlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phpzVanXN0ZXIgnGVlYWkxLzNioSUlRaNjo3J0plUlRzucZ2usp2Nbo29fX3Njo3J0plUlRaqyp3QgqzylZ2yhnWEgnGyanC1mY2uio2jgp29wY2VlLWNiYWNbZXMgYXNmo2NcYXRco24gozFgZXMgYWkfLXN0YXRyLXRyYW0yMxZupaRcY2kyXmY0M2JwN2UkLTY4NTQgNWEjOS1vYWVzLWE0MTQ4NwM0YTqzNl5bqG1fJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPWU3MmNvMGE3YTYjOWElZGNyMDt2N2U1YzM2ZDx0MDyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.199.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-199-68.nrt51.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Dec 2023 07:14:22 GMT
content-encoding
gzip
via
1.1 607a31fc07fbffae6850e0b65b77be54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT51-C2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
e6SgwJkRLbpPBr6VlaTShLXeR65fDiucuzuqB34cM07kqdX8G_VA_g==
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/ 		501 KB
502 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
ff09f7233362c3d90192e97403f64e10156c3bb64a18d76790d38c8a713efce4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:35:04 GMT
via
1.1 b64454e3c1123ac098282f1036154740.cloudfront.net (CloudFront), 1.1 060fd86e774e2e890f2f6a5bb72fc360.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
52759
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
512676
last-modified
Wed, 18 Oct 2023 13:50:12 GMT
server
nginx
etag
"65a3c7f704b028ff2c8489c2f5633ada"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
UlF7R1XnN1QgpBEBHQ3g3s8tUvXXEoqyO0mGh2sa4mpzgRzNT2KLBQ==
expires
Fri, 05 Jan 2024 16:35:04 GMT
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/ 		500 KB
501 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
8b66cfb6d235651404e9aa71435d5531af50187691bba82a1a31897c61739f34

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 14:11:55 GMT
via
1.1 b64454e3c1123ac098282f1036154740.cloudfront.net (CloudFront), 1.1 060fd86e774e2e890f2f6a5bb72fc360.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
61347
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
511924
last-modified
Wed, 18 Oct 2023 13:50:12 GMT
server
nginx
etag
"8b8fa014764065ace70fe457f5d7da70"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
Q8g1hkTaY25luBFpSA29HM7ag7AtgEBFjfyvMVvCycnqTGiItGIzNg==
expires
Fri, 05 Jan 2024 14:11:55 GMT
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/ 		493 KB
494 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
a82a66c717541f58e503688bdb5e5d8e654bf6c2aa522b6dba566de7d812421d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:35:04 GMT
via
1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront), 1.1 060fd86e774e2e890f2f6a5bb72fc360.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
52758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
504780
last-modified
Wed, 18 Oct 2023 13:50:12 GMT
server
nginx
etag
"a47cdba292fc80e75565ec5d9c8d1457"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
LqcqBxw_2abVZS1E0CpUdnI9k3lDx-2HkhcqYiF7rKm78cKsDoTm7A==
expires
Fri, 05 Jan 2024 16:35:04 GMT
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/ 		544 KB
545 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
1524b46e4f18b7fb6edd71f0f8532a28c5e0f2a8d5134a3ab6a022494012648b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 16:35:04 GMT
via
1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront), 1.1 060fd86e774e2e890f2f6a5bb72fc360.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
52759
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
557232
last-modified
Wed, 18 Oct 2023 13:50:12 GMT
server
nginx
etag
"a6dcadc02e1ec29377ad06b4ce332561"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
DbAkl7s-glaXqUBSEYOdc1yEzHDEtu1b5M-fyyOuQ9-aG1WEH2Emtw==
expires
Fri, 05 Jan 2024 16:35:04 GMT
w_480_00005.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/ 		517 KB
518 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid652f37158a628346251952.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.202.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-202-81.sfo53.r.cloudfront.net
Software
nginx /
Resource Hash
716204d524460d53d34e2e0e8b2feae351213cb441c1aa651903134ab19bd492

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:29:14 GMT
via
1.1 3b2c32f90b8e4193dda6d9be63628ab2.cloudfront.net (CloudFront), 1.1 060fd86e774e2e890f2f6a5bb72fc360.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3, SFO53-P2
age
117909
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
529032
last-modified
Wed, 18 Oct 2023 13:50:12 GMT
server
nginx
etag
"9d31215cb81feddd259d52aa84ef7637"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ofUGzIxol_iWUmJR5W5_BpSnBXZZ3PaEYksc45b7d-kDKqZf-Wa18Q==
expires
Thu, 04 Jan 2024 22:29:14 GMT
/
adspsp.com/pt/1710310/18/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/18/1/?a=2,a2lqhq5s36s7bczt0p7d,hU7TgKf1dG&aa=01CihRyu.gN&b=&e=&c=https%3A%2F%2Fwww.register-herald.com%2Fsports%2Fhigh_school_sports%2Fwest-virginia-high-school-soccer-coaches-association-names-all-state-team%2Farticle_643bc7e1-6854-5a09-baef-a4148634a7f7.html&d=&f=1.lqhq5ndw.1T3zj.2T5pp.3T94p&g=3Tf1u&u=f0278789:lim1hwav:3i2&v=18g.xc.0.6cz.1.0&m=z&zi=ahm_widg_id_7,register-herald.com,0&z=0,1,2,2:.,,2,148,24n5.0,3pt,00pv&rnd=1703315664855
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.89.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-89-216.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
2-photo-veteransparade%20005-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-QQ99zF6/0/e589e752/S/ Frame EC5F 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-QQ99zF6/0/e589e752/S/2-photo-veteransparade%20005-S.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
603101fffc7cae341e8a1215a0c35812f7203c687e7005323ec649eceecf4de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 04:13:55 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
wkHUMQ1ETXAwsN2AA5CGMg==
x-smug-ph
0.0284
x-ttfb
0.0655
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=ec58e149, d=i-0f7b69de390c7129d
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
183630
smug-content-length
67279
content-length
67279
x-request-id
eba7e058
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:35:03 GMT
server
nginx
x-smug-d
Wed, 20 Dec 2023 20:13:54 PST
x-response
Buffer
etag
"c241d4310d444d7030b0dd8003908632"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-QQ99zF6/0/e589e752/S/2-photo-veteransparade%20005-S.jpg>; rel="canonical"
x-amz-cf-id
aJHTZAhnDLXcDE5x3WLAzEQASsZVgEjXlFscgRt9kndqzPQNE-XXTg==
expires
Fri, 20 Dec 2024 04:13:54 GMT
2-photo-veteransparade%20001-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-7t43rZs/0/2d52e45c/S/ Frame EC5F 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-7t43rZs/0/2d52e45c/S/2-photo-veteransparade%20001-S.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
3f7c43ddc9f8db390cfd1619f0f31b2446222e2f1c7b4bddd4c16826b6007049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 05:48:34 GMT
strict-transport-security
max-age=31536000
smug-s
1
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
OEmDZhs6Z+vK9d+ERlJULQ==
x-smug-ph
0.0221
x-ttfb
0.0681
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0a6f0d163f9da3e6a
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
age
264351
smug-content-length
62780
content-length
62780
x-request-id
394495e2
x-ua-compatible
IE=edge
x-smug-v
5
last-modified
Tue, 19 Dec 2023 19:34:59 GMT
server
nginx
x-smug-d
Tue, 19 Dec 2023 21:48:34 PST
x-response
Buffer
etag
"384983661b3a67ebcaf5df844652542d"
x-frame-options
DENY
x-ttfb-l
0
content-type
image/jpeg
cache-control
public, max-age=31536000, must-revalidate
x-smug-ct
m
x-robots-tag
index, archive
link
<https://photos.register-herald.com/HomePageSlideshow/Daily-Photos/i-7t43rZs/0/2d52e45c/S/2-photo-veteransparade%20001-S.jpg>; rel="canonical"
x-amz-cf-id
TGEWVDMEyrf6pdkJok1fGeaGHMZk4FswafEDi3dfwSNG9y1oM0PlLA==
expires
Thu, 19 Dec 2024 05:48:33 GMT
spacer.gif
cdn.smugmug.com/img/ Frame EC5F
Redirect Chain
  • https://photos.register-herald.com/img/spacer.gif
  • https://cdn.smugmug.com/img/spacer.gif
43 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.smugmug.com/img/spacer.gif
Protocol
H2
Server
18.67.100.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-100-98.syd62.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://photos.register-herald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:15:32 GMT
strict-transport-security
max-age=31536000
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
content-md5
MlRyYBVx8x4b8AZ0w2jTNQ==
x-ttfb
0.0741
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-amz-cf-pop
SYD62-P1
x-env
a=live, b=www, c=ec58e149, d=i-056aa31eb47ae9caa
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
age
1918733
x-smugmug-values
3/5 - Deliver Awesome
content-length
43
x-request-id
a71d959b
x-ua-compatible
IE=edge
last-modified
Sat, 20 Jul 2013 19:09:23 GMT
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
etag
"325472601571f31e1bf00674c368d335"
x-frame-options
DENY
x-ttfb-l
43
content-type
image/gif
cache-control
public, max-age=31536000
x-s
100.9.11:858287
x-amz-cf-id
9Coh2FOLn81HhtriOp9be3WpV8JZ5YyfPjdzhpi_i0cvdxQ0EwuVnA==
expires
Sat, 30 Nov 2024 02:15:32 GMT

Redirect headers

Date
Sat, 23 Dec 2023 07:14:25 GMT
x-ttfb
0.0093
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-powered-by
SmugMug/1.0
x-env
a=live, b=www, c=e8889be1, d=i-0992a7da968ad84d5
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-smugmug-values
2/5 - Thrill Our Customers
Connection
keep-alive
Content-Length
0
x-request-id
952a4341
x-ua-compatible
IE=edge
Server
nginx
smug-cdn
cloudflare (via photos.register-herald.com)
x-frame-options
DENY
x-ttfb-l
0
Content-Type
text/html; charset=utf-8
location
https://cdn.smugmug.com/img/spacer.gif
cache-control
private, no-store, no-cache, max-age=0
x-s
100.13.136:2940390
expires
Sat, 23 Dec 2023 07:14:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
launch.inform.com
URL
https://launch.inform.com/2/js/embed.js
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3&t=pixel
Domain
j.mrpdata.net
URL
https://j.mrpdata.net/c.html?ex=OpenX

Verdicts & Comments Add Verdict or Comment

482 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 function| BigInt object| documentPictureInPicture object| dataLayer object| TNCMS function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset function| pageLoaded number| TNCMS_DotConnect_Tile object| TNCMS_Used_Ad boolean| TNCMS_PAGE_LOADED object| oReq object| aTemp string| sTemp string| regionType function| bizmarquee object| promo_design_config function| Osano function| __uspapi object| flippxp function| admiral object| googletag object| AdBridg function| TNStats_Tracker object| TNTracker string| adType object| _informq object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| pbjs string| exp_string number| window_x object| apstag object| sifi_att_42656 string| href object| _aps boolean| apstagLOADED object| google_tag_manager string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external object| _snup function| ahmsll_release boolean| ahmsll number| ahmsllfail object| _qevents object| _sf_async_config function| ta_popupCallback function| handleMessageFromNative object| cswidgetoverR string| aReferrer string| aNewReferrer object| analytics function| 4dm1r11545242527 object| gaGlobal object| gaplugins object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| pSUPERFLY_mab object| _cbq object| pSUPERFLY string| ahm_tvx_placeId string| ahm_tcx_siteId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sParent boolean| ahm_tvx_oldLoaded number| ahm_spx object| sPlayer string| ahm_tdx_sURL object| sRotd string| myPropertyId object| clientSettings object| confiant string| sUserId object| apscustom object| Criteo object| ahmpb function| quantserve function| __qc object| ezt object| _qoptions function| hideFbBlock function| hideFbBlockMob function| loginButtonLink function| subscribeButtonLink function| gamesButtonLink function| cookiePref object| gaData object| gptAdSlots object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent252 function| dmpReactionData function| stick_in_parent function| tntDmpReactiveLotame function| tntDmpReactiveSegment object| shown_timestamp undefined| hashSet undefined| urlHash undefined| data undefined| param undefined| dmpData object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| _cb_shared object| litHtmlVersions function| initActiveTab object| activeTab object| ahm_config object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart number| google_unique_id string| encoded_unit object| vfQ function| ta_getPaywallDomain function| ta_isMachineIdValid function| ta_createCookie function| ta_createCookieInDomain function| ta_readCookie function| ta_eraseCookie function| ta_eraseCookieInDomain function| ta_checkCookie function| ta_setValue function| ta_getValue function| ta_getCookiesByMatch function| ta_catchEscKey function| ta_releaseEscKey function| ta_onStop function| ta_showContent function| ta_resetInterrupted function| ta_resetInterruptedTimeout function| ta_loaded number| ta_interrupted object| ahmpbChunk string| ta_mac_id number| keepSubDomainInCookiesDomain undefined| ta_mac_id_cookie object| ta_mscript string| paywallScriptSrc string| ta_rnd object| body object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 string| ta_MACHINE_ID string| ta_sessionString string| ta_postMessageLog boolean| ta_supportStorages object| ta_configJSON object| ta_rulesJSON object| ta_productTypesJSON object| ta_subscriptionTypesJSON boolean| ta_showWelcomePopup boolean| ta_showWelcomePopupJustOnHomepage boolean| ta_showFirstPopup boolean| ta_showPeriodPopup number| ta_periodToShow string| ta_showCustomPopup boolean| ta_showLatestPopup boolean| ta_showPaywallPopup number| ta_protectArticle number| ta_truncateArticleInAdvance boolean| ta_isFreeProduct number| ta_validateRequestStatus boolean| ta_firstPageIsNotFree string| ta_productType boolean| ta_userLoggedIn boolean| ta_isFromAllowedIp string| ta_userSubscriptions string| sKValue string| pSKValue string| challenge undefined| ta_MIN_THRESHOLDS undefined| ta_focus boolean| ta_shouldReopenAccountPopup boolean| ta_willReopenAccountPopup boolean| ta_delayCheckUserRefresh string| ta_externalLoginDomain string| NO_COOKIES_POPUP_TRACK_NAME string| PRIVATE_MODE_POPUP_TRACK_NAME string| WELCOME_POPUP_TRACK_NAME string| FIRST_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PRODUCTS_LEFT_POPUP_TRACK_NAME string| ONE_PRODUCT_LEFT_POPUP_TRACK_NAME string| NO_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PAYWALL_POPUP_TRACK_NAME string| ACCOUNT_POPUP_TRACK_NAME string| CLICK_EVENT_TRACK_NAME string| OPEN_EVENT_TRACK_NAME string| CLOSE_EVENT_TRACK_NAME string| LOGIN_EVENT_TRACK_NAME string| LOGIN_SUCCESS_EVENT_TRACK_NAME string| LOGIN_FAILED_EVENT_TRACK_NAME string| LOGOUT_EVENT_TRACK_NAME string| FORGOT_PASSWORD_EVENT_TRACK_NAME string| LOGIN_LINK_TRACK_NAME string| LOGOUT_LINK_TRACK_NAME string| FORGOT_PASSWORD_LINK_TRACK_NAME string| TOKEN_AUTOLOGIN_NAME string| CHANGE_PASSWORD_EVENT_TRACK_NAME string| CHANGE_PASSWORD_LINK_TRACK_NAME number| passInMd5 string| pubkey_e string| pubkey_m function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| RSAKeyPair function| twoDigit function| encryptedString function| decryptedString number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod string| hex_chr function| ta_rhex function| ta_str2blks_MD5 function| ta_add function| ta_rol function| ta_cmn function| ta_ff function| ta_gg function| ta_hh function| ta_ii function| ta_calcMD5 function| retry function| isIE10OrLater function| detectPrivateMode function| ta_isIE function| ta_isIE7 function| ta_isIE8 function| ta_isIE11 function| ta_setClass function| ta_appendClass function| ta_getComputedStyle function| ta_truncateArticle function| ta_getPreservedImages function| ta_removePreservedImages function| ta_elementThresholdExempt function| ta_fillThreshold function| ta_articleTextCount function| ta_setElementsDisplay function| ta_hideElements function| ta_showElements function| ta_hideArticlePreview function| ta_hideProtectedMedia function| ta_showProtectedMedia function| ta_refundArticle function| ta_allowEscapeKeyIfBlocked function| ta_setClickAction function| ta_setForgotPasswordClickAction function| ta_setChangePasswordClickAction function| ta_isUserLoggedIn function| ta_checkUser function| ta_checkSubscription function| ta_openEedition function| ta_getTrackingParams function| ta_openCookiesNotEnabledPopup function| ta_showCookiesNotEnabledPopup function| ta_hideCookiesNotEnabledPopup function| ta_openPrivateModePopup function| ta_showPrivateModePopup function| ta_hidePrivateModePopup function| ta_openWelcomePopup function| ta_openPaymentAlertPopup function| ta_showPaymentAlertPopup function| ta_openProductsLeftPopup function| ta_openPagesLeftPopup function| ta_showPagesLeftPopup function| ta_showPaywall function| ta_showPopup function| ta_hidePopup function| ta_hidePaymentAlertPopup function| ta_hidePagesLeftPopup function| ta_hidePaywall function| hideAllPopups function| ta_pageReload function| ta_resetUserStatus function| ta_logout function| ta_callAfterLogoutCallback function| ta_stripToken function| ta_appendURLParam function| ta_removeQueryToFragment function| ta_getCallBackHome function| ta_appendBackground function| ta_appendInvisible function| ta_getLoginTable function| ta_fixIFrameHeight function| ta_getForgotPasswordTable function| ta_getChangePasswordTable function| ta_removeWrongLoginText function| ta_appendCookiesNotEnabledPopup function| ta_appendPrivateModePopup function| ta_appendPagesLeftPopup function| ta_appendPaywall function| ta_appendPaymentAlertPopup function| ta_loadNMUrlInIFrame function| ta_getExternalLoginLink function| ta_getExternalLogoutLink function| ta_openExternalLoginLink function| ta_openExternalLogoutLink function| ta_showLoginFormInPopup function| ta_refreshButtonsActions function| ta_showLogoutLinkInPaymentAlertPopup function| ta_showForgotPasswordFormInPopup function| ta_showChangePasswordFormInPopup function| ta_accountOptions function| ta_account function| ta_showAccountPopup function| ta_showSingleCreditButton function| ta_showPeriodCreditButton function| ta_createCORSRequest function| ta_hideForgotPasswordSubmitButton function| ta_showForgotPasswordSubmitButton function| ta_forgotPassword function| ta_forgotPasswordRequest function| ta_hideChangePasswordSubmitButton function| ta_showChangePasswordSubmitButton function| ta_changePassword function| ta_changePasswordRequest function| ta_hideLoginSubmitButton function| ta_showLoginSubmitButton function| ta_login object| lastLoginPopupTrackName function| ta_makeLoginRequest function| ta_checkToken function| ta_sendPostMessageLog function| ta_reloadWithoutToken function| ta_loginSuccess function| ta_makeLogoutRequest function| ta_makeAutoLogoutRequest function| ta_makeUserValidateRequest function| ta_makePagesRequest function| ta_validateContent function| ta_validateContentWithProductType function| ta_isHomepage function| ta_readMetaTag function| ta_getProductType function| ta_getMAX_THRESHOLDS function| ta_getMIN_THRESHOLDS function| ta_getFirstTimeNotFree function| ta_isAlreadyVisited function| ta_appendPageURL function| ta_isLocalStorageSupported function| ta_updateAccountButtonText function| ta_paywallSetup function| ta_storeLocally function| ta_getLocalValue function| ta_removeLocalValue function| ta_paywallRefresh function| ta_makeDoubleDelegate function| ta_openPaywall object| popups_style string| text string| text_in_article_default string| text_in_article undefined| popups_corners_fix undefined| popups_ie7_fix undefined| popups_shadow_fix boolean| ta_isPrivate function| ta_externalLoginIFrameOnLoad function| getIFrameByEvent object| externalIFrame object| ta_ga4_tracking_ids function| ta_gtag string| params object| vfConfig string| link object| aRegionType object| sPositionCookie string| domain object| GoogleGcLKhOms object| google_image_requests number| ahm_stacktime

242 Cookies

Domain/Path Name / Value
.cmcd1.com/usersync Name: ckuid
Value: 3d0b5853-841c-4d3e-8d22-60089f8c5aa1
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDmFg
.register-herald.com/ Name: osano_consentmanager_uuid
Value: 7d57aee9-1c57-4b92-a2c0-2da66eb09f8a
.register-herald.com/ Name: osano_consentmanager
Value: hyvICTXB8kdKdh1HjoDCQ5da4Y_Nc0foRevQM6oTlT63qzT8dEERJ6eKKejQkw0sJPzFFJrL1t_eL9F3B89wnC3yNTwLcGSYtsizCJ7gVfO4UMXnHafWkpfRS0syDbvjhUObwk771iwTLXu6sfhDFg9bzSbFEahLtFH_2m_DTCBPAOV_N1tALSS9m2RUW_opVuef9THRR-X7pkB73sCX9pHMCdGrS5ZXQI1Pb_08ULwsMZb29XrdtYeFZ-2eLQzyjJchUKgJ2Bcv60f4tGVmDe-W6VfjUXl5nftoBA==
.simpli.fi/ Name: suid
Value: 30DE9C28ED4445DCA5305FC1768B4A1C
www.register-herald.com/ Name: flipp-uid
Value: ddeaf6d0-76f8-40d3-866e-b08af67e5dab
.register-herald.com/ Name: _ga_D4QVJDNBRB
Value: GS1.1.1703315651.1.0.1703315651.0.0.0
.register-herald.com/ Name: ajs_anonymous_id
Value: a0e4ca24-cf8e-49c1-a0da-d166c2874bfd
.p.flipp.com/ Name: gid
Value: "Ph427gAHmQWKUie0ER1+eQ=="
.register-herald.com/ Name: adbrgn
Value: AUNSW
.register-herald.com/ Name: _adb
Value: a2lqhq5s36s7bczt0p7d
.pippio.com/ Name: did
Value: sMXmU8lqOBzC5bsC
.pippio.com/ Name: didts
Value: 1703315651
.pippio.com/ Name: nnls
Value:
.register-herald.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1703315651.1.0.1703315651.60.0.0
.photos.register-herald.com/ Name: Sreferrer
Value: https%3A%2F%2Fwww.register-herald.com%2F
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 4ed68c3c-4ed0-0c83-3578-c42cc8d063bf|1703315651
.pippio.com/ Name: pxrc
Value: CMORmqwGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: c6ce206e-8869-49ae-8e5d-54ece5f5db49
.linksynergy.com/ Name: icts
Value: 2023-12-23T07:14:12Z
.primis.tech/ Name: csuuid
Value: 658688c408959
.register-herald.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.register-herald.com/ Name: _ga
Value: GA1.2.478712700.1703315651
.register-herald.com/ Name: _gid
Value: GA1.2.1487238193.1703315652
.register-herald.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.register-herald.com/ Name: _dc_gtm_UA-3850501-28
Value: 1
.register-herald.com/ Name: _dc_gtm_UA-2313981-1
Value: 1
.register-herald.com/ Name: _gat
Value: 1
.quantserve.com/ Name: mc
Value: 658688c4-50cb2-f8e09-8fea6
.register-herald.com/ Name: __qca
Value: P0-663990173-1703315651826
.register-herald.com/ Name: _cb
Value: BePkhB-YLbXCBq5VZ
.register-herald.com/ Name: _chartbeat2
Value: .1703315652777.1703315652777.1.Cjwd5DDYSA5lCujOU_1a3I3DX17PT.1
.register-herald.com/ Name: _cb_svref
Value: external
.register-herald.com/ Name: usprivacy
Value: 1---
.photos.register-herald.com/ Name: _sp_ses.1e80
Value: *
.photos.register-herald.com/ Name: _sp_id.1e80
Value: 7c56408f-635f-4a1f-8982-35c71fb9ca99.1703315653.1.1703315653.1703315653.96b791c7-b90e-4960-8778-2d118190ece1
.photos.register-herald.com/ Name: SMSESS
Value: 468a9e43c5c9c906b43467626e8943bf
www.register-herald.com/ Name: csparkW_ga_39CWM68PTE
Value: GS1.1.1703315653.1.0.1703315653.0.0.0
www.register-herald.com/ Name: csparkW_ga
Value: GA1.1.1944768880.1703315653
.register-herald.com/ Name: _ga_JD3VHQYLPF
Value: GS1.2.1703315653.1.0.1703315653.0.0.0
.register-herald.com/ Name: ta_MACHINE_ID
Value: 3b1f52a7c56ec8e9ce7cfde1b29b68e7
.register-herald.com/ Name: __gads
Value: ID=decfed6a6e349cb6:T=1703315652:RT=1703315652:S=ALNI_MYMdIwXFkvOAqp9OeqaGWnFyJ_4Yw
.register-herald.com/ Name: __gpi
Value: UID=00000cbe70d8c956:T=1703315652:RT=1703315652:S=ALNI_MYKOWOp_3O338KDjXfWTPn5g8J-6g
.amazon-adsystem.com/ Name: ad-id
Value: A6Xoh3FoD09RkXM1S6yQUkE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUn5kdre5RkKNgLgke9zq6b0wbaSajBYh-A9nhvv94aret4TktNXUcp-JUBV7f8
.casalemedia.com/ Name: CMID
Value: ZYaIxbSizXj-SopHFCEksgAA
.casalemedia.com/ Name: CMPS
Value: 4778
.casalemedia.com/ Name: CMPRO
Value: 4778
.adsrvr.org/ Name: TDID
Value: 8c822726-6357-40ad-8c01-822eca9a1a3b
.viafoura.co/ Name: VfSess
Value: 3189s332nnok0a7d6rgi81ppcu
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
.ladsp.com/ Name: cr
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|8c822726-6357-40ad-8c01-822eca9a1a3b|1703315654111935
.smaato.net/ Name: SCM
Value: 22a65bdba9
.smaato.net/ Name: SCMaps
Value: 22a65bdba9
.ladsp.com/ Name: smn_uid
Value: 9Fz_KyxXDnxZGu26khjpNRA9TOjL5P0
.ladsp.com/ Name: lum
Value: CLiMmazJMRIFCAMQ0AU
.smugmug.com/ Name: sstrack
Value: 82e92850-21f0-4c59-93d1-c99b59d3811c
.sharethrough.com/ Name: stx_user_id
Value: 493c18da-c5c5-41d3-9fbb-fb7ce35c3eba
.360yield.com/ Name: tuuid
Value: 53df9add-94ad-429c-928a-569fae49ff0d
.360yield.com/ Name: tuuid_lu
Value: 1703315654
.bidr.io/ Name: bitoIsSecure
Value: ok
.smugmug.com/ Name: SMSESS
Value: 468a9e43c5c9c906b43467626e8943bf
.mediago.io/ Name: __mguid_
Value: f5ef61ca4d6d64612kqekh00lqhq5ud8
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 235B4D78-F1FB-4418-B2CA-57F5903AA12B
.bidr.io/ Name: bito
Value: AAFumE7LDRIAABRW-aEkOg
.register-herald.com/ Name: _awl
Value: 2.1703315654.5-35d014dce81e9533bf226579beb69b89-6763652d617369612d6561737431-0
.blismedia.com/ Name: b
Value: 658688C6CC5D1B081BE7F77EBLIS
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAzMzE1NjU0fQ
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: eoHK786CH6
.intentiq.com/ Name: intentIQCDate
Value: 1703315654517
.rubiconproject.com/ Name: khaos
Value: LQHQ5UJ7-P-DGP6
www.register-herald.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.tapad.com/ Name: TapAd_TS
Value: 1703315654663
.tapad.com/ Name: TapAd_DID
Value: ef5b9e8a-4a93-4966-b307-a876b6db9aec
.media.net/ Name: visitor-id
Value: 3463172542890107000V10
.media.net/ Name: data-pri
Value: 658688c408959~~34
.intentiq.com/ Name: ASDT
Value: 0
.bidswitch.net/ Name: tuuid
Value: 1cbb3f31-9496-4c8a-b2cb-468e7116abe7
.bidswitch.net/ Name: c
Value: 1703315654
.bidswitch.net/ Name: tuuid_lu
Value: 1703315654
www.register-herald.com/ Name: ta_cookiesTest
Value: 1
www.register-herald.com/ Name: ta_vl
Value: 1
www.register-herald.com/ Name: ta_interrupted
Value: 0
.www.register-herald.com/ Name: _vfa
Value: www%2Eregister-herald%2Ecom.00000000-0000-4000-8000-41a361c60353.809ac5aa-9a12-49fc-8465-cce714570806.1703315653.1703315653.1703315653.1
.www.register-herald.com/ Name: _vfz
Value: www%2Eregister-herald%2Ecom.00000000-0000-4000-8000-41a361c60353.1703315653.1.medium=direct|source=|sharer_uuid=|terms=
.www.register-herald.com/ Name: _vfb
Value: www%2Eregister-herald%2Ecom.00000000-0000-4000-8000-41a361c60353.2.10.1703315653....
.liadm.com/ Name: lidid
Value: 1bbc552b-ec45-4c76-b37c-231cd654e7ff
.r-ad.ne.jp/ Name: r_ad_token
Value: 57y7EE01WBDCM006SvaB
.ads.stickyadstv.com/ Name: UID
Value: e995cf37d55b6f1cf9b7e8965bca298e
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZYaIxbSizXj_SopHFCEksgAAEqoAAAAB
.adotmob.com/ Name: uid
Value: 09f3220400a81592ddec8867
.adotmob.com/ Name: uuid
Value: 09f3220400a81592ddec8867
.adotmob.com/ Name: partners
Value: IX%3A1703315654863
.semasio.net/ Name: SEUNCY
Value: FAF90D04556F16F
.3lift.com/ Name: tluid
Value: 4250019921879004143228
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8575
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYaIxwAJAt7ZKwBU
.mathtag.com/ Name: uuid
Value: f0c66586-88c7-4400-8f7a-1d57c011903f
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8c822726-6357-40ad-8c01-822eca9a1a3b&KRTB&22918-8c822726-6357-40ad-8c01-822eca9a1a3b&KRTB&22926-8c822726-6357-40ad-8c01-822eca9a1a3b&KRTB&23031-8c822726-6357-40ad-8c01-822eca9a1a3b
.lijit.com/ Name: ljt_reader
Value: H3iyDLZHYN4Hns6tTJSsiFZZ
.company-target.com/ Name: tuuid
Value: bbb12f36-e420-4e2a-aa43-36e5523f3dd9
.company-target.com/ Name: tuuid_lu
Value: 1703315655|ix:0
.adnxs.com/ Name: uuid2
Value: 2814042338364285155
.turn.com/ Name: uid
Value: 2766854501026029548
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 4fda41424d0a31faece89dbf4e8e32b8
.w55c.net/ Name: wfivefivec
Value: Hx6ZzeAB1RgWd95
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHoYPhG1KP2aiWD5vCI0bl8&KRTB&23025-CAESEHoYPhG1KP2aiWD5vCI0bl8&KRTB&23386-CAESEHoYPhG1KP2aiWD5vCI0bl8
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f0c66586-88c7-4400-8f7a-1d57c011903f
g.adspeed.net/ Name: impuniraw
Value: 1008850-1703402055
.sitescout.com/ Name: ssi
Value: 34020ad8-a3b0-491c-8321-40503298dd37#1703315655201
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d10263b5-e10f-58e5-7238-7c64b5bd9209.KynL6733sDNULQR6ZEg2HOrNU7qMw7BsPEGOW9hcWcE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d10263b5-e10f-58e5-7238-7c64b5bd9209.KynL6733sDNULQR6ZEg2HOrNU7qMw7BsPEGOW9hcWcE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0QJjteEPWOVyOHxktb2SCULLcKU.l%2F6%2FdIv3ILdKYxbmYdEtpCAayK8rBwhofrTetJDR%2B08
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0QJjteEPWOVyOHxktb2SCULLcKU.l%2F6%2FdIv3ILdKYxbmYdEtpCAayK8rBwhofrTetJDR%2B08
.yahoo.com/ Name: A3
Value: d=AQABBMaIhmUCEIvpFD0yIrXN8O3wT0Ym13sFEgEBAQHah2WQZdww0iMA_eMAAA&S=AQAAArfLFIbEahxxgijWY0WuTMc
.creativecdn.com/ Name: ts
Value: 1703315655
.creativecdn.com/ Name: u
Value: 501aBBmRCfc6ky4mcUFs
.creativecdn.com/ Name: g
Value: 501aBBmRCfc6ky4mcUFs_1703315655232
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINf-de3yIkJUyaxkBzOxDYJ2XhL841pNGHDANMz8cn-5EHwYBCDHkZqsBjABOgQ8w7t9QgT_lJZS.jIB1r7D1KlvA1qx4An5zRVYuZTkHd%2FYhdGmVtKnyWEo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINf-de3yIkJUyaxkBzOxDYJ2XhL841pNGHDANMz8cn-5EHwYBCDHkZqsBjABOgQ8w7t9QgT_lJZS.jIB1r7D1KlvA1qx4An5zRVYuZTkHd%2FYhdGmVtKnyWEo
.sitescout.com/ Name: _ssuma
Value: eyIxNyI6MTcwMzMxNTY1NTQ3MX0
.csync.loopme.me/ Name: viewer_token
Value: 3eb5d6d9-0fbf-42aa-b548-96201153baec
.zemanta.com/ Name: zuid
Value: XpnL6tOMGcjER13OMMAn
.rezync.com/ Name: zync-uuid
Value: ca86ab71-1ff7-4760-8875-a4aba5bb3c67:1703315655.5649836
.tremorhub.com/ Name: tvid
Value: 6973a68ce8454db9aa5e3733793c2879
.admanmedia.com/ Name: admtr
Value: f8547d09-4918-4aac-9462-5b28974d48b1
.admanmedia.com/ Name: ac_r
Value: CS116
.tremorhub.com/ Name: tvssa
Value: 1703315655754
.connatix.com/ Name: cnx_userId
Value: 96c354f6e33041c4b949471863a523b6
.smartadserver.com/ Name: pid
Value: 5770507232381317882
.viafoura.co/ Name: vfDeviceId
Value: feecd611-9da4-44ae-ab47-b48f4bbd00e6
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRSFE1VUo3LVAtREdQNiIsImV4cGlyZXMiOiIyMDI0LTAzLTIyVDA3OjE0OjE1WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEyLTIzVDA3OjE0OjE1WiJ9
.w55c.net/ Name: matchopenx
Value: 5
.linkedin.com/ Name: bcookie
Value: "v=2&48237dd6-c677-4cd2-8fff-3e1783854296"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2721:u=1:x=1:i=1703315655:t=1703402055:v=2:sig=AQFs4KB1GXsDTQFRnQ6lW2JFWRLDIkNU"
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0szA0tjQ1MDQ1NhHiM9TVdarITU_NDfBIcncHAErqcN8lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjIwtDAyMbU0szA0tjQ1MDQ1NhHiM9TVdarITU_NDfBIcncHAErqcN8lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwQ3AMAgDwE_XoQoC27TbQKQM0sl7913aXeyRm58jS3FZlWCdPY2Z2NTrWhEOAjeYTwV_XPP3OjoAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsWKrRFLmMKw4RsskX0Z8a7z8-XvBPmb9lWbaXtEPftKAPkd73VIZ7Q628tL4gwWgyjp4kDuokskvNwDdBL7_XT5vq8T9bAmgQNLosYL2xNCEJGvSallFxmiSjWOSQmehD7KTiG6w-3xSXP.ZYaIyA.tKNvYZ05CANKRYjWB_vwNuKSKAE
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: c38d362d-f3ae-4cbf-838e-5cdd968a249b
.prebid.a-mo.net/ Name: sd_amuid2
Value: c38d362d-f3ae-4cbf-838e-5cdd968a249b
.ipredictive.com/ Name: cu
Value: 58eb11ef-6549-470c-9285-c7ace176824f|1703315656503
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004%22%7D
.register-herald.com/ Name: _gat_UA-3850501-28
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1703376000%3A248%7C1703894400%3A164%7C1704499200%3A201_245_226_197
.simpli.fi/ Name: uid_syncd_secure
Value: true
.rlcdn.com/ Name: rlas3
Value: jPYaTiCaImGrGXlChCDJ2dtptoJpZpmNYmdZfxDQDLM=
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~2frj:18z8~2frj"
.smaato.net/ Name: SCMs
Value: 22a65bdba9
.smaato.net/ Name: SCM1001136
Value: 22a65bdba9
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2766854501026029548&KRTB&23150-2766854501026029548&KRTB&23527-2766854501026029548
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey&KRTB&19420-nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey&KRTB&22979-nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey&KRTB&23462-nwisipEF94iECKTfyw-52pFYpIWEBfLZyAsPu-Ey
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2814042338364285155&KRTB&23339-2814042338364285155
.tremorhub.com/ Name: tv_UISF
Value: 30DE9C28ED4445DCA5305FC1768B4A1C
.rlcdn.com/ Name: pxrc
Value: CMORmqwGEgUI6AcQABIFCOhHEAASBgi66gEQBRIGCMLqARAGEgYIuOsBEAY=
.adnxs.com/ Name: anj
Value: dTM7k!M4.gCxrEQF']wIg2Hb>KkuS?!A#FT.TOK`YT5U?QgGsAcwAoTkzZ'aeTkc8jEc.ljGdVih1YN!gjmOCiIq'WoQ^5>kLd><*f=k`E6(1s/j@az!c0X_9gYbi#-Dn*#6cs19c2=B@'s>T)[[4y
.bluekai.com/ Name: bku
Value: blx991Z/CZPPaMLQ
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE1yHWD8xp/THDx6BexNHWBOBE1yBDje1EztmW/6xEae9y9o6xry
.rubiconproject.com/ Name: audit
Value: 1|5IGSeIgbh2wy38XwXoRJ3+xNZRb98fcoX0nDjBDOYd76DZ3dTM5nwVJRyhFR7VcbUF7qpPa2zhciZ07GJqnMnkAB1LOiaydkvspVenLgrnoUpYWVrKDp+E3OYGmoobl7
.agkn.com/ Name: ab
Value: 0001%3ARMVSqqCHD%2FnmPEdW9cs1PLzmlF6qzU%2Fk
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 12tcq35qfnlf
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12tcq35qfnlf
.lijit.com/ Name: _ljtrtb_2
Value: 30DE9C28ED4445DCA5305FC1768B4A1C
www.register-herald.com/ Name: _lr_retry_request
Value: true
www.register-herald.com/ Name: _lr_env_src_ats
Value: false
.criteo.com/ Name: uid
Value: 7894b9d3-47c2-4fb7-bb15-1b245fdcb95a
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
www.register-herald.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%228c822726-6357-40ad-8c01-822eca9a1a3b%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-23T07%3A14%3A18%22%7D
www.register-herald.com/ Name: pbjs-unifiedid_last
Value: Sat%2C%2023%20Dec%202023%2007%3A14%3A18%20GMT
.pro-market.net/ Name: anHistory
Value: "6msf0boq87fq+2+!#7%.&!#ezf"
.adform.net/ Name: uid
Value: 7327025687900932889
.aralego.com/ Name: sspid
Value: 5212190e-59e5-3047-a7a7-4e620206c88a
.pubmatic.com/ Name: SyncRTB3
Value: 1704153600%3A63%7C1708473600%3A69%7C1704499200%3A5_99_247_209_165_231_56_264_22_214_96_13_220_233_254_238_8_21_107_179_234_71_176_46_7_54_3%7C1703894400%3A2_223_15%7C1704585600%3A35
.agkn.com/ Name: u
Value: C|0AAAAAAAALRlFSgAAAAAA
.register-herald.com/ Name: cto_bundle
Value: q13CXl9nWE1wTzByOHloVWFiSXUwSHVZN3AxWGYlMkJMSWpUWElCUEdQWFMwMzhwYjZxTkJ2dFpVRER1U29YVjliQXgxeDZDcmFrMDh4NVlQZENNSHNtbWlpbGcyUFolMkI4MDJGaWtSUUJNTnNPS0NZeU1nd2lOb2hMMDEwR3B0SnBNcmdEeUoyNUFOOERvOHljVzYlMkJIZG1DcSUyQlNwZiUyRjZRTEM3TEJTSXU2TjQ0S0FtUnRzJTNE
.exelator.com/ Name: EE
Value: "7dfd06586b04428de59a2f1840d16680"
.bfmio.com/ Name: __141_cid
Value: 30DE9C28ED4445DCA5305FC1768B4A1C
.bfmio.com/ Name: __io_cid
Value: 8114cf124474c3a3aedf058dcfe6c055071887f9
.ctnsnet.com/ Name: cid_902b8317da3c47f18aa4c40104b2310e
Value: 1
.ctnsnet.com/ Name: cid_8cb031b0954848aaaaf47f16c883878a
Value: 1
.w55c.net/ Name: matchpubmatic
Value: 5
.dotomi.com/ Name: DotomiTest
Value: 656e707d4e8f22c2
.pro-market.net/ Name: anProfile
Value: "6msf0boq87fq+1+1f=1+1g=1+1j=1+rs=s+rt=42CB70A5+s2=(s63yrt)+vm=24-30DE9C28ED4445DCA5305FC1768B4A1C:53-CAESEJ1S_uYN5p-uv1jA3-s316Q"
.go.sonobi.com/ Name: __uis
Value: 2fc7f361-968a-4b22-b6b8-f4e230c04636
.go.sonobi.com/ Name: _usd_register-herald.com
Value: 8bba087d-29ea-4d3d-bd21-d1209d1127aa
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB3A
Value: s3575|ZYaIz
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-8cb031b0954848aaaaf47f16c883878a&KRTB&23328-8cb031b0954848aaaaf47f16c883878a&KRTB&23427-8cb031b0954848aaaaf47f16c883878a&KRTB&23445-8cb031b0954848aaaaf47f16c883878a
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-2018245968139501534
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE8JS3FwMzUwizJwMTEyCIl1dQy0SjN0MLEIMXQzMzCYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FzOgwAehIp%252Bg%253D%253D"
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:Hx6ZzeAB1RgWd95&KRTB&23421-uid:Hx6ZzeAB1RgWd95
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-0QJjteEPWOVyOHxktb2SCULLcKU&KRTB&23334-0QJjteEPWOVyOHxktb2SCULLcKU&KRTB&23417-0QJjteEPWOVyOHxktb2SCULLcKU&KRTB&23426-0QJjteEPWOVyOHxktb2SCULLcKU
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMElLSTQxNDEySTFINDZMS0xNTrWwTElKM0m1SDU2SrJgAILUto5TIBoKAHNSC9s%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIbes4BaSgAAAbdAI%2B"
.register-herald.com/ Name: panoramaId_expiry
Value: 1703920458546
.register-herald.com/ Name: _cc_id
Value: 4fda41424d0a31faece89dbf4e8e32b8
.register-herald.com/ Name: panoramaId
Value: 63a685b4889bec4d990c6467ed0c16d53938ae1d8b9612303980185b1205de9b
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7327025687900932889&KRTB&23263-7327025687900932889&KRTB&23481-7327025687900932889
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMWTsVZmXQNgM6dcsPAAAAAAA&KRTB&22713-AAAMWTsVZmXQNgM6dcsPAAAAAAA&KRTB&22715-AAAMWTsVZmXQNgM6dcsPAAAAAAA&KRTB&23519-AAAMWTsVZmXQNgM6dcsPAAAAAAA
.c.appier.net/ Name: _auid
Value: 6ryyaeTHAASF3Oa3yoiGZQ
.adgrx.com/ Name: ADGRX_UID
Value: e358ef80-a162-11ee-83f2-8b28e3594203
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-6ryyaeTHAASF3Oa3yoiGZQ
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004&KRTB&17107-RX-2787b8f0-2615-4a39-af16-3f6c452051a9-004
.tribalfusion.com/ Name: ANON_ID
Value: acntXLr2PKdFuYnRXqnA7SaxGbf5nGZdfIH4KD54ZdZdvIk8DkQxSxFy6CFNIMYjjK4L4HSu7mJumsSvNN4cl083PhbkrtR
.adx.opera.com/ Name: UID
Value: OPU3ff20361085447bc8d97a6ba5406ecb5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-e358ef80-a162-11ee-83f2-8b28e3594203&KRTB&23275-e358ef80-a162-11ee-83f2-8b28e3594203
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU3ff20361085447bc8d97a6ba5406ecb5&KRTB&23485-OPU3ff20361085447bc8d97a6ba5406ecb5&KRTB&23524-OPU3ff20361085447bc8d97a6ba5406ecb5
.pubmatic.com/ Name: PugT
Value: 1703302410
.pubmatic.com/ Name: SPugT
Value: 1703315660
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: id5
Value: 00e7dda6-e628-718a-a2d4-43a07a98e094#1703315660687#1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 156595:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1703337261342
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIqoOE0ZnkwTwQBRIbCgxzaGFyZXRocm91Z2gSCwiqjtzUmeTBPBAFEhcKCHB1Ym1hdGljEgsIoPSM1ZnkwTwQBRIUCgV0YXBhZBILCJTtqdiZ5ME8EAUSFgoHcnViaWNvbhILCKzYi9mZ5ME8EAUSFwoIbGl2ZXJhbXASCwiwrJvzmeTBPBAFGAEgASgCMgsI5LGcxLDkwTwQBTgBWgZzb25vYmlgAg..
.openx.net/ Name: pd
Value: v2|1703315653.1.7|lYvOjEiuhI.iavywMsnwJkSuIrAjIvwpMvGlQvAkqlUvxvHsPtd.v6vvvCvzvqwew5uDvXve
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13MsQ2AMAwFUTEAVcQYQbEc-xu2sSNlIEpKSkompAsS5SvunmkmFGYSFWOUI6G5qQcoU-_IFVqyGSR79XCJ4KbYRySraN2M9UzfSQv4-vlehpXEthcNrJg6egAAAA
.lijit.com/ Name: ljtrtb
Value: eJyrVjJSslIyNnBxtXQ2snB1MTExMXVxdjQ1NjB1czY0N7NwMnE0dFaqBQC5owk4
.lijit.com/ Name: _ljtrtb_76
Value: f1946da5-0de3-0979-2812-ba62d4466f10
.quantserve.com/ Name: d
Value: EO4BGAHdKvijCJiTCuu4EA
.brand-display.com/ Name: _knxq_
Value: 9d1f2264-dbff-25cf-1bdf0f53.1703315654.1.1703315661.1703315654
.contextweb.com/ Name: V
Value: lKZ8FDkv20Td
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d5b732642917e5c1
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUekZDdm9V
.intentiq.com/ Name: IQPData
Value: 1120628901#1703315661901#0#1703315654757
.uncn.jp/ Name: t
Value: v_1300640c-15c2-40bc-a2cd-6782d9423208
.go.sonobi.com/ Name: __uir_td
Value: 132202795663470014
.go.sonobi.com/ Name: __uin_td
Value: 8c822726-6357-40ad-8c01-822eca9a1a3b
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ope|7LJ.0.2fc7f361-968a-4b22-b6b8-f4e230c04636|4is.0.CAESEAMKk0PmgtMFG4gwc1nTzyc

8 Console Messages

Source Level URL
Text
network error URL: https://launch.inform.com/2/js/embed.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://register-herald.com/content/tncms/ads/_popup/1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.register-herald.com/sports/high_school_sports/west-virginia-high-school-soccer-coaches-association-names-all-state-team/article_643bc7e1-6854-5a09-baef-a4148634a7f7.html
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://j.mrpdata.net/c.html?ex=OpenX
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

94551bb9885a7e2e969f0be094618f7d.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.as.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
adserver.paywallproject.com
adspsp.com
ampcid.google.com
ampcid.google.com.au
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
api.intentiq.com
api.rlcdn.com
api.segment.io
api.viafoura.co
apsoutheast-match.deepintent.com
b1sync.zemanta.com
bandborder.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bids.concert.io
bk.r-ad.ne.jp
bloximages.chicago2.vip.townnews.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cdn-gateflipp.flippback.com
cdn-p.cityspark.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.segment.com
cdn.smugmug.com
cdn.viafoura.net
cdn59755463.blazingcdn.net
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cmp.osano.com
cms.quantserve.com
cnhi-d.openx.net
config.aps.amazon-adsystem.com
consent.api.osano.com
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.media.net
cs.nex8.net
csync.loopme.me
d.agkn.com
dis.criteo.com
dmp.brand-display.com
dps.jp.cinarra.com
ds.uncn.jp
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e-jp.cmcd1.com
eb2.3lift.com
eus.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
g.adspeed.net
geo.adspsp.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.simpli.fi
i.viafoura.co
i.w55c.net
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
j.mrpdata.net
japfg-trending-content.appspot.com
jp-u.openx.net
js-sec.indexww.com
justapinch-com-d.openx.net
launch.inform.com
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
loadm.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
mb9eo.publishers.tremorhub.com
notifications.viafoura.co
openx2-match.dotomi.com
p.flipp.com
p.rfihub.com
pagead2.googlesyndication.com
pbid.pro-market.net
photos.register-herald.com
photos.smugmug.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prod.adspsp.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
register-herald-cnhi-pw.newsmemory.com
register-herald.com
rtb.jp2.as.criteo.com
rtb.openx.net
rtb.primis.tech
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
simplifi.partners.tremorhub.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.cnhionline.com
static.criteo.net
stats-new.smugmug.com
stats.g.doubleclick.net
sync-axelmark-dsp.focas.jp
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tag.simpli.fi
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video.primis.tech
www.americanhometownmedia.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.register-herald.com
www.smugmug.com
x.bidswitch.net
api.rlcdn.com
cm-supply-web.gammaplatform.com
cs.nex8.net
j.mrpdata.net
launch.inform.com
match.rundsp.com
103.229.10.180
103.43.89.4
104.16.133.24
104.18.24.173
104.18.38.76
104.21.57.34
104.99.59.16
107.178.240.89
107.178.254.65
107.21.52.231
107.23.71.155
119.9.108.191
122.248.253.6
124.146.153.168
13.107.42.14
13.213.147.200
13.224.181.50
13.224.181.67
13.224.181.82
13.227.74.68
13.228.126.19
13.35.147.57
13.35.147.96
131.153.206.103
141.95.33.120
142.250.204.1
142.250.204.14
142.250.204.2
142.250.204.20
142.250.204.3
142.250.66.206
142.250.67.1
142.250.67.14
142.250.67.2
142.250.76.100
142.251.221.66
142.251.221.74
151.101.1.108
151.101.129.229
151.101.130.49
152.199.39.108
162.19.138.119
172.104.64.149
172.105.176.240
172.217.167.66
172.217.167.67
172.217.167.72
172.217.24.34
172.217.24.46
172.253.118.155
172.64.144.166
172.64.146.152
172.64.151.101
18.138.18.111
18.139.210.126
18.155.202.81
18.176.234.133
18.179.74.69
18.238.192.123
18.238.192.23
18.244.214.125
18.67.100.98
18.67.107.130
18.67.111.2
18.67.111.25
18.67.111.63
18.67.111.66
18.67.111.97
18.67.114.43
18.67.89.160
18.67.92.138
18.67.93.126
18.67.93.51
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.184.8.90
185.84.60.23
188.240.13.2
192.104.182.209
192.96.203.13
195.5.165.20
198.8.71.130
207.65.33.76
207.65.33.78
207.65.33.82
207.65.33.83
209.191.163.152
209.191.163.209
216.17.34.108
216.200.232.249
220.150.223.50
23.106.127.164
23.106.127.170
23.106.127.52
23.202.168.221
23.204.65.234
23.215.59.10
23.215.59.229
34.110.179.148
34.111.113.62
34.111.147.92
34.117.126.186
34.120.58.62
34.124.133.154
34.126.167.117
34.160.19.107
34.96.105.8
34.96.71.22
34.98.64.218
34.98.67.3
35.186.193.173
35.186.253.211
35.208.249.213
35.213.12.39
35.213.64.108
35.214.194.156
35.244.154.8
37.157.5.133
38.91.45.7
44.229.89.216
44.240.52.117
45.137.176.88
50.116.239.135
50.31.142.223
52.0.156.250
52.1.61.41
52.201.84.54
52.203.158.103
52.21.185.227
52.223.2.229
52.223.40.198
52.4.171.27
52.46.128.147
52.63.198.172
52.7.58.147
52.74.118.249
52.74.215.70
52.74.26.171
52.76.144.130
54.212.6.185
54.224.142.7
54.239.33.158
54.248.125.194
54.254.123.235
54.255.29.160
54.82.174.208
54.92.19.245
54.92.251.225
54.95.230.145
69.173.158.64
72.34.250.75
72.34.250.78
74.118.186.107
74.214.196.131
8.43.72.98
80.77.87.162
82.145.213.8
89.207.22.76
98.98.134.241
99.86.199.68
007dbd112f2196eb29626c03f5073581e659fd241bc768de5a3fe694e9bdda88
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0355fcf8d980ee5ebc0c7b23851ab5399b48cf235cfa6094b27247e16d99104b
0428bafe5e2cc1adc696cf77955d355cd0f60837cd5c4eaa200f15e5e73f5b9d
04a7667084971cb60ab659dd3892db7c9dfd47bf56bf3d159912d2c4153ddfbf
054b26da2819c3f1d77e6559a3fea2268aac8907aaa3ea3db1ce10831cba8ead
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7
066d7393fb942f95062d13f9884b864256bbdd7340f8a49f472e01a465e51a61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dab1aec38a24a4278e4107e18b2500f118e6a7897d41135c111aa9e6680ab4
07441d4f0dc44133a5255c564c00ca2ae552dcf5d5f08208bfe9c740548befab
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a901f87053b72c46a61546634eac69df7a1b99c6a654f0576d8d6c554593b4c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b191a61fab467a5bcd49179e283d990ea6ea8362aceeaa127f40051d2128a99
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c7423a6f212d19b86954579c93ceeaac2c8e8c38145708f206d19cbbf8ad124
0d689506793986be07750932d72d64ebbdcd831a9d22a7e2ec84487532f3b3dc
0e0f3dfb7e41d5c5f8344b98d5278bfe1d083527c978230838a5530c252cbd4a
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f28210eefe5bbf7dc28db544d12cf2c8800df04e9cac92a563a2f96b91d8277
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10a122379f29f0d321825275b79e654bb5638906cd652941dfea2b9d7f14660f
11d472c1418326b359eae17020c7b20c89d38e9fa428e905cb5673a6a1e8cd62
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
12dd3943fd0a91908040616b08b029d2865f2d0a6843874f6fef92e6bbf2136b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13a3d63f766a04d1b7bc24c1a3a3696225912b028db642a4473da2537c8c1fe9
1524b46e4f18b7fb6edd71f0f8532a28c5e0f2a8d5134a3ab6a022494012648b
153da7872f5f5ca8018a5c63d080c0e7585a6cc1d18b854a0409894d4840fac6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
19e71b9750bed04d835845acb8610e99fdc726b81ee570b0f48e7bb843011fc4
1b61248f73280d8acdfacf5d5b904bcec38cfb95e7f05c0b55113a4cdae34554
1cf62aa1786697a0b6dd2cdd8381ba9d0dce4c0e3d59c7275abe088cabc96387
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1dd295aed62a84467e229c6dcdbb4fecd4dfe18a06fa0581b1fddeda2cd044ff
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20be563783d954378502e12eefbffbc1177859da7a39fdc6c36c6270de57ba22
20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8
238208a4ba0394c585753f2493bc21a3c5e9855413361033009bba393e3c9b8a
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
259375496f67e58d9dc4c96ec60ffe53a431d4159eca6f6abf32f2bd21745994
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
296b0fc5bac2f4b01c82cf1e32949b3a9bdf9ab3ac70055b38d62ff86a008102
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2e1ffff02bf49daaaccce97d786db71c3baccef6a577565ba66023b27d9ee21e
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2efcf7faa01f245785a42edd419ba726a87d07ebd26e4f7309473772899a684e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302abe4269895e6318fa84b97d3f2ab3664bf26efdb824039ebc530a87ec9560
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b557bf3bd8a6a3b2c92478023a5a67f1a1a2b1da9f9c4dcff620c3e30385b6
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
339af7757e7d0b0e4dbe710ba687e72fbb6371a8911a5cae6d0ab5c7bc149590
34729eea1d3a08549f5adff84fd00dda80a970a7e901e1eea37853abdf3ed10a
35b9a959bfb6bafc0c41b87b90cd33752834b92d8e4bd17040d04fcd51ad9671
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3895ebeedf32ed25a1fb2328a2a9d936e2ab4721a487f26598d9b627bd81071c
3b8b8fd24883988625fb9c121f4bce7c0759eb375d23a451e292d665475b45f5
3ba9a07cb4d783c069ce0ae2d5ba581612abbec9104f5198d7b24d4b1db8b0b8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7c9d22bc64bec9e1ab42f298cb72b96daf3e6f0fb3ca309437b3ca962645c4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7c43ddc9f8db390cfd1619f0f31b2446222e2f1c7b4bddd4c16826b6007049
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
4176afdb4de951e527de41e62d7f04bdb6ede641633dd24bbc412be5d089037b
4198d9ae65e215bbfba8a14b4e9ed754198d186ba88aed0ca37ea54ecb7701b7
4201c50877f79b56b72321b09af458eb6fd625f394b0303c26611093ec6e7c4a
421946ad55afbff6d34f3f8f1e31f11f6ef9c712101fa0fac71db64288857949
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46da1ac9767431baa494d3650d97fd01d65c925950f7d41da9b4f1ca8cd4f0df
46fe7b96e6e317b73b25850f93d5558903e29160e3d4daee4a7cbc2549d4f74c
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
4895102f9972ac7ddb17c1d46e591cc919dafc2e150fe3f8973802cad94f6d8b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4a8539eefbfc8f3c0d8a1a287b6edb6083378a308c717498606c751ed1401ad5
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcd690a7fe1dd55141cc031d0d3db6970a78143b7a00a998fe70338be963ba9
4d829f9168e9642c503e765fbb11219baab92278bf89f3bf2a097bdb79d4e4f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
507362f936c032885f298fb1432630b4d40262a986629f6872d1426ed05a33a0
5216f2de1c18fc2b3fe9f9074b4a0a4f341e33475648b62a5d94696ad0ef4c99
52878b5aaf6a34d1a0a17e6163c67c72ea59b5419ec553f8f9b5ed3f06c7df58
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879
539bdee30c2d40b4dbff1302cd2951cfd6ca20c3988d27af25f84b5cbe66b5fe
539f473bb2fa343b219763abd4fc6d2987918673dde4040ce7130acabfabb6de
53c9220e49ec12e3a773395daddef3dca162730b15278dedfbd175608dbb64f8
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5725b411f283e0e88cbc5b829cad2caf7b78da6771a47b0aee9a55bae0e87639
57cfdf8a8eb59a88cd9551a3aa445f58a534f9cb64d1a12c4e5097dde0031064
5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8
59cd4b7728a07d9d637220b0927acb83d20b46dfa07d85f59a6cf060519d8d4e
5acd8e88826c4f0e51b83fa3ccb5f35fa81c737c3bd01ac68131de2687bbf111
5e09d37e49935c8d7ae5b8aea9e4273f3ff02b864355e368f0f8558f220b9f31
5f53687b3497bf7b4d269bac64d2100637eb1f9639d9630447516b24390747e7
5f9c05a1676cfba3705f6e689ad0b807cdeccdb5614f134cac85aa81574d5b51
5fc4c44dd4dd3c0cb300be345201f2b6f2d48825811794f50dd0e0ac2baad170
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603101fffc7cae341e8a1215a0c35812f7203c687e7005323ec649eceecf4de3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
632d8dd9ec8cd77742080da2893b43a55ffc1c4ada82518adc2d7c86bedc8c67
64c07323b9f8816039655bc454c1a75563a252381a906f01d97c169659b27e63
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
65466b754c0015575ba02d9e010ef0beb512688f09f5aaa7ab4736db67cc9c1b
66e7656dc57ecf05b433ebae0948744b817616f643cc85099147f0cf89f21bba
68333be71b25015bb3506ff566dee7f3da971778a1a4451933c0b84b7b10bbc0
689c90e3d54cd33dc799dcb8f743d21832ffb124eaacbb96ee5846f88dc533ba
69c9e74ee4fc0b5580882e62532ba29af29cb23b9fbb4a57d363b9e7e49ac55d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c656742fe739c35281189b7a606fc45fd7410f98b7b1112616988a1f7f8467e
6d889b5aa8c7222a8815cb082d472a5a5826f46c0570e721b1e2aac09910330c
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d
6e28a763d0ad37579ec0d3f68769ef32ac83525ef57a75a46103a6759561dd33
707e10ec7e658aaec9328c3fc145ca4555966e3ae1eb555bad8a2ce737c3c9cb
70e3df7233ed07e9af27640a3fac893d0157119c63a36603391150523857fe12
70fe0964e3e9607986ac8357c221236c12fc9ce359208618b1c22c5ccad56273
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
716204d524460d53d34e2e0e8b2feae351213cb441c1aa651903134ab19bd492
71ab471c226952284e51dac8df3ac9d02b910a5de381e7af381382e301381491
71c01ed8d44711e5595e581ced6547780ba3378b7c741ed600c9284fcd069399
7353d0c3d4f50bf7eca4c3eb24124bb20e74e1d95b76a84649164e1835f0f7fe
73c92a4f447c5ff051221b14fe5d7a66375d592d6d55096b763f0ea7e68b580d
775d0c39e71211731a20ae7ea1622bfca5a2e5b03d645d1286cfde987bcfb14f
780bc4164bc6926b544c9116ee57616a28718234fad902fe43afa27420193577
78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7a4526cb39025408f18863bb357ed08947e1f952c5e5c17506d25cb1435f3e10
7b6d2e3fd22f701b8f400e4bf591a1dd83a5217ee7d2d9b7ed4165959a376418
7bca9726da087a0a6fdf65de46981d17f81cfad010f87113779cc829ca0f261d
7c0eacb9c54f75fa7f86298bca0c878de7269ee9fbf6c8ef7c6b57d3dfd542b7
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dfcc9cfdbe4b83c43d71ea2109e68a52ba09b8802b9075d88c06766f6e1562e
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
80a90dca41c8088d0956725d2b2feb6db4464c81d43ea068d0025413934a456e
818a7b9136912ddc3941b19619f1360f99fd44e6c7d231f969ece0095649d719
822a389486116e997177a1d5fbe5a61c8bb6007d8fa3a19398083e5a774e8425
82751019365a81df9a2ed6f9d1735b175664b0e48c7ac2b3050d4fbc2ce00f13
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d49e7e236d7955b241cefcb55edb2c64a5dc48d5c462fc8fe5ffe6b5142da3
89b64a549d518b819fbd2042ec56d22960ec33a5035a947f4dcd771a1456d1ef
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8b66cfb6d235651404e9aa71435d5531af50187691bba82a1a31897c61739f34
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d883504a7aff773c3293930b3c2598b97a5071332cbd306843082fc8c8aee3c
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
8e9afacdb63121a4ff51e5343eee5067b3b5ba0b6cc828ef45374764b92b765a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fb721a95314b392269801a586acec95660718e70a65c65fccd05bc0e815b11d
91e17fc814c840447a1775993f9cf26bdde9490d4510f3693535947ea8e9eda8
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
92dd54fcb92e5631748dee0ef6af5079fa30f246b01a41d3c35abe10c080ae1c
92f3ce484e494ebeaaae88dbad81595e54f245f10833242715677693c4af8351
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
9520a7f431e43309b389650953584d8233c55efaea0531982002acd393df3c89
95d8ea2c9c955069d092eaa001a14cb4dccb86d25a1f16d8abf89346836634ae
95ee6fc8810dfcbf054b898101151cb555278f15ff86e64a846cf1209c7184d0
98a4956d6e98d6da7d533dd35557e1006a1426cc3fff76203d44b6bf1a7d9a27
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9bbc75a0a2b151cd0d0695a5e2096cb0655302daecb12241849319087b419f46
9d26c6f724bc6ac59ccfbd85ceff3ed8454be67845dde1474ff85f2c849b0fdb
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
9eec7ce21de4b10ed581ed0aa1341b90337de0d2082b842d4c73784768c80bff
9ff6c684c54408783115f056632f1c528fee3e8148a03f6094597f37a3cca2d3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a29e2bfa919aaa6d30bf418143db83b041bc03f6b0030448126042a3cc59d0de
a315ba79603a29db5541ae07ff57c80bf576fdfdf43b6506f46cca00968cd6e9
a460ff736cf024b7c896b059ce807a0d8d8e6388fcc7a74367f8f6ef25af536c
a47cc5b959d172b397b812de84ce4321c99c4583a1f9769e6d31d40fa0fbdafe
a78a3948ad7bb1d7f64ab2064a1f98bd756369db7fb5ae2662e3a8adc4877e77
a7c0c166506a7d3dbb3d6eebd1f7fef83ff748b80265f923d8777263acd4803a
a82a66c717541f58e503688bdb5e5d8e654bf6c2aa522b6dba566de7d812421d
a99b144c967bae8ab8dfb42e979fd76d0aacc189daa44e7c915528b7c0dc7891
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aaa2d79e5d4827223111a72b2c3d6f123fce5b7a17ee16812d0add434cac49a8
ab01cfa50aee4bc6c1a157bf5204316b8cc12256a47e8619dc6d9b660b5f81bc
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad7b17f2334f453e6e0353225c2037eef9f8afd66fdad8262c91437e14ee6cdd
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
aea63270c63a351ac4af2a765eb47fa8ffc6f79c27836ae83af0cd2cc180631a
afc65d9aeb877dae9824ff89b925bb8240b668930b4f318dc94ebd314192b07d
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2842463148746cb02e2ab1b421e6eb3848536c3bd345a223e3a9f7fadca1db7
b2d9deaece78cb2ba2f912e3c098bed480c59ba7e9855060b6a7fdc934cb0320
b334cd50bd8b17c39eafe048e4005893aabeac05b3775ab6a856b67ebfd9b4b2
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b53f9d82baff6b435bf332c2436778a3164b85c1c9a41efe9c533dcf2a25ec75
b588ea72dd5c4473914a375fe8b8fedadd07c9bda7adf15988b2f7778b155925
b6d9a34c91bcb65fc4c08271a299444722cec66420409ad095a61aeb57085674
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b8741418c84bcd0f2e5b02e90e81cf5457ef331cbcf3a4eae5b2b5ec54d88733
b95b2add8ced883d3eefbfc4e70b58fbed8de0bc9e5b3772c3c262212cb67564
bac8ee57b7086f2eac3c07d0852d819ba937a57c16304f9065dfdafbf141d795
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bdc263034d8a5eca7119c5e0c504cffe86a5e43a3a6cebd568022bfad6e133a5
be243adef96f6c4e57c8761546a6ffe1cec8a2b7eb279ceea14e4dc9b20e4905
be40e3da703faed33bd3e9c8977a3d814f53c17df10838fd4b257c7e9f6d074f
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c321d73fc9c85f137ab8ff3c6de6f40253e9b6cba52c2b50a70912ca315168fe
c691e1709d704eba06caf96f64486db5fa0908b04d38815d7cc50e350e4d0154
c6a1bec9809b12d5a667f4b3e5e21ad8d11b7f94113196cfd1b3107ce1e1d640
c6d480141181a6783a60e44be281bbe67612a4db4e64564bf95ca154c559af71
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0eeeb06bf15479f20e8f3d2131df6c8545d06d5b97ac211090cb6c40d98158
ce407f7b6547f294980588909a8d544edd7904f293bdda3c8d5ce86383842cf9
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfafda767cb2da7d5331e3525cfe3b02b78671536afd9eb7effa2b108232a954
d13fa5c201c6be934debd26a6b6b539ce8ef8c7eeb9930f1c538cb956907d541
d1d2e46b99e3b4c1436e37d07687545c02c35abf3cb73408752b9172da709df9
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
d42092f9d6707cf4d96d134bd38e5c8903f90783a625c419c7a78dda1f6bcd6e
d459671dad1bdec30c17c8f532bcf4482b7d1f3813aeedbe635230d5f3003cf5
d4d1971a0126f302295df4788b3c43020cbcd3f27e38fb37dbe9cfd3241b04ae
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d57839eea92c7dfb83adca8a7498d6c01be43afeefcffc89ce6f0c17e8439e5a
d793f7b358e51a0efdf4f1ec14c40fa77e952ffd31108e8ea70fdb143bda673d
d89e0d10987f50644c012ac99774361319d3fd168f2d42fd06a9693fe2a2d6fc
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7babc65bec979df4829ba70ac57755fdaea3134f93524cb5de016b5f591f37
ddedfcd34ffa6bc3ce06bf5ee76ac251f77cf36da59ef61842d52c595cd03033
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e04ea830baaeb56a3e9bc4620d3a80f17308cb505c0affb856ce26ddd9e08dab
e16e7e02ddcb64645a20673667dbaa4db3d8969828673aa94fd27080c7272c81
e1fe0a3e5557f09902b036d83d09e45c5a8fba7a7c5556561a67b4ac329de9d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e4887f66fbb37871cf75115b09309a4684bbfc3a150220d493a22b071a15992f
e495cf67a02f9ad05bf3383f48c0a421c799d957dc6f645ea7d5f19698eecb34
e6bc4d791420dcc8261c13f735ced73d2cb3f7a888edb1cdedd52496c3e83a4f
e6f3fde3109dcc27badac7692fa65424702b953e0b14b66322227fe888f3642d
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e80799ebf2ac1a977b8926bb1b45767c640045522b15676c5a66b34faaa1ac31
e8b138927bc6dfe8f0c9fcc7b125177e4c442662226023ec28e01671ed333586
eb8bcc9fb29ef5e98bc24b59fb082a9cac95238417344ec640516af8a766b585
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec47167093f1afaab6f0d45d6b6143c8d9bb67e4505cebf20d1502c45d4ebbd6
ec8db98b4b25ecc3804750f0861b38eba9800d9ae893205ea67a3b44db2f2008
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8a21d27892ede8a112053582948a52543396d8f99c30c06483a3bf86dec45d
f631edaf540eea64f3b5382b263e6475001339064c3880ecc0a7d95d09103c90
f65f95d81e79f5aac1a8ba556a504baa07ca44df2fc5fd74b5d425f23fc4ef4e
f77a61fde66a46bbe5aa005b8fe48f1796301acea2b33e08c3e5aa184a52e556
f79866b2509ceca8b2010ffc589856f39dde3f7b2bebf8ff9fd331df2d44e67a
fa03c760e72d6370db11e021f0fca23644566ba0a3b19021bb248296c6bbc9db
fb6d5fb8691f75ab78b4a30ccfd0a625b3d7c00b2488ae86ab92ac9057119eda
fca8ff59193e9721c9f4723c28a5adfb21c8656e22e8729010d9b8a318b31e5b
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
ff09f7233362c3d90192e97403f64e10156c3bb64a18d76790d38c8a713efce4
ff3c803cfd295d79144ff2e5d3baeacb6b4e84ac721be1d71128a5339f14317f