urlscan.io logo urlscan.io
SecurityTrails logo

www.register-herald.com Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.register-herald.com/
Submission: On November 25 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 7 countries across 85 domains to perform 449 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.register-herald.com.
TLS certificate: Issued by WR1 on October 14th 2024. Valid for: 3 months.
This is the only time www.register-herald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 192.104.182.209 10668 (LEE-ASN)
51 104.16.133.24 13335 (CLOUDFLAR...)
2 142.251.167.95 15169 (GOOGLE)
1 3.168.102.42 16509 (AMAZON-02)
1 13.224.214.117 16509 (AMAZON-02)
1 35.245.15.98 396982 (GOOGLE-CL...)
7 104.18.21.206 13335 (CLOUDFLAR...)
4 216.17.34.108 10242 (USINTERNET)
2 23.205.8.126 16625 (AKAMAI-AS)
1 1 3.171.139.111 16509 (AMAZON-02)
1 35.85.88.45 16509 (AMAZON-02)
1 142.251.167.153 15169 (GOOGLE)
3 54.82.174.208 14618 (AMAZON-AES)
10 172.253.122.97 15169 (GOOGLE)
4 104.18.24.111 13335 (CLOUDFLAR...)
3 142.251.167.94 15169 (GOOGLE)
15 34.160.152.31 396982 (GOOGLE-CL...)
1 9 3.208.138.144 14618 (AMAZON-AES)
2 18.164.116.119 16509 (AMAZON-02)
1 18.238.55.81 16509 (AMAZON-02)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
4 192.184.68.254 14618 (AMAZON-AES)
9 142.251.167.139 15169 (GOOGLE)
1 108.138.127.68 16509 (AMAZON-02)
5 13.249.86.140 16509 (AMAZON-02)
2 172.253.122.100 15169 (GOOGLE)
3 142.251.16.157 15169 (GOOGLE)
1 142.250.31.156 15169 (GOOGLE)
1 172.253.122.94 15169 (GOOGLE)
1 13.226.34.100 16509 (AMAZON-02)
1 35.163.144.222 16509 (AMAZON-02)
2 108.138.128.51 16509 (AMAZON-02)
19 172.253.62.132 15169 (GOOGLE)
1 130.211.10.17 396982 (GOOGLE-CL...)
4 172.64.144.166 13335 (CLOUDFLAR...)
14 36 13.224.214.46 16509 (AMAZON-02)
1 18.238.43.160 16509 (AMAZON-02)
2 23.62.164.208 16625 (AKAMAI-AS)
2 6 35.244.159.8 396982 (GOOGLE-CL...)
1 1 13.224.214.13 16509 (AMAZON-02)
1 3.168.102.41 16509 (AMAZON-02)
1 98.85.131.250 14618 (AMAZON-AES)
1 172.253.122.156 15169 (GOOGLE)
3 3 35.211.202.130 15169 (GOOGLE)
1 1 142.250.31.155 15169 (GOOGLE)
3 17 3.168.102.109 16509 (AMAZON-02)
2 5 52.223.40.198 16509 (AMAZON-02)
2 2 104.18.26.193 13335 (CLOUDFLAR...)
2 2 52.223.22.214 16509 (AMAZON-02)
1 1 69.173.146.5 26667 (RUBICONPR...)
2 2 69.147.65.251 14196 (YAHOO-CHA)
2 2 34.200.16.169 14618 (AMAZON-AES)
1 1 23.62.168.32 16625 (AKAMAI-AS)
2 3 34.195.206.118 14618 (AMAZON-AES)
1 1 63.251.28.210 26558 (FREEWHEEL)
1 1 80.77.87.163 46636 (NATCOWEB)
1 1 23.105.14.100 30633 (LEASEWEB-...)
1 37.157.6.237 198622 (ADFORM Ad...)
1 1 3.81.174.250 14618 (AMAZON-AES)
4 4 69.194.240.13 26120 (RHYTHMONE)
1 1 69.194.242.12 26120 (RHYTHMONE)
1 1 134.122.16.152 14061 (DIGITALOC...)
5 104.18.27.216 13335 (CLOUDFLAR...)
5 142.251.163.155 15169 (GOOGLE)
8 18.238.4.109 16509 (AMAZON-02)
4 142.251.167.132 15169 (GOOGLE)
6 162.19.138.118 16276 (OVH OVH SAS)
1 52.45.244.46 14618 (AMAZON-AES)
3 141.95.98.64 16276 (OVH OVH SAS)
21 172.253.62.154 15169 (GOOGLE)
1 25 18.164.114.179 16509 (AMAZON-02)
4 34.111.152.239 396982 (GOOGLE-CL...)
1 18.238.4.65 16509 (AMAZON-02)
1 34.120.58.62 396982 (GOOGLE-CL...)
2 54.173.235.4 14618 (AMAZON-AES)
1 172.253.62.157 15169 (GOOGLE)
2 54.69.128.49 16509 (AMAZON-02)
4 44.237.153.54 16509 (AMAZON-02)
2 4 35.244.193.51 396982 (GOOGLE-CL...)
8 172.67.23.234 13335 (CLOUDFLAR...)
1 35.186.247.156 15169 (GOOGLE)
2 34.200.45.67 14618 (AMAZON-AES)
1 34.36.214.49 396982 (GOOGLE-CL...)
6 34.107.140.113 396982 (GOOGLE-CL...)
4 104.18.27.193 13335 (CLOUDFLAR...)
1 23.205.106.187 20940 (AKAMAI-AS...)
5 74.119.117.47 19750 (AS-CRITEO)
6 52.5.4.151 14618 (AMAZON-AES)
2 74.119.117.4 19750 (AS-CRITEO)
2 34.160.128.112 396982 (GOOGLE-CL...)
1 147.182.139.208 14061 (DIGITALOC...)
1 1 23.221.136.32 16625 (AKAMAI-AS)
1 23.218.218.140 20940 (AKAMAI-AS...)
1 18.238.49.30 16509 (AMAZON-02)
1 125.253.89.179 19437 (SS-ASH)
1 34.21.57.33 396982 (GOOGLE-CL...)
1 1 74.214.194.131 19189 (PULSEPOINT)
2 34.236.9.251 ()
449 80
10    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.us-midwest-1.vip.tn-cloud.net
www.register-herald.com
51    104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
2    142.251.167.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
fonts.googleapis.com
1    3.168.102.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-42.jfk52.r.cloudfront.net
cmp.osano.com
1    13.224.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-117.phl50.r.cloudfront.net
cdn-gateflipp.flippback.com
1    35.245.15.98 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.15.245.35.bc.googleusercontent.com
tag.simpli.fi
7    104.18.21.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
4    216.17.34.108 (United States)

ASN10242 (USINTERNET, US)
register-herald-cnhi-pw.newsmemory.com
2    23.205.8.126 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-8-126.deploy.static.akamaitechnologies.com
interactives.ap.org
1    3.171.139.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-111.jfk52.r.cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
1    35.85.88.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-88-45.us-west-2.compute.amazonaws.com
casmp.adperfect.com
1    142.251.167.153 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f153.1e100.net
japfg-trending-content.appspot.com
3    54.82.174.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-208.compute-1.amazonaws.com
static.cnhionline.com
10    172.253.122.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f97.1e100.net
www.googletagmanager.com
4    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
bandborder.com
3    142.251.167.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net
fonts.gstatic.com
15    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
9    3.208.138.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-138-144.compute-1.amazonaws.com
photos.register-herald.com
2    18.164.116.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-119.jfk50.r.cloudfront.net
consent.api.osano.com
1    18.238.55.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-81.jfk52.r.cloudfront.net
p.flipp.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    192.184.68.254 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
9    142.251.167.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f139.1e100.net
www.google-analytics.com
1    108.138.127.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-127-68.jfk50.r.cloudfront.net
static.chartbeat.com
5    13.249.86.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-86-140.jfk52.r.cloudfront.net
cdn.segment.com
2    172.253.122.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f100.1e100.net
analytics.google.com
3    142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
stats.g.doubleclick.net
1    142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
td.doubleclick.net
1    172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net
www.google.ca
1    13.226.34.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-100.ewr53.r.cloudfront.net
rules.quantcount.com
1    35.163.144.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-144-222.us-west-2.compute.amazonaws.com
api.segment.io
2    108.138.128.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-51.jfk50.r.cloudfront.net
cdn-resources.prfct.cc
19    172.253.62.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f132.1e100.net
lh3.googleusercontent.com
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com
1    130.211.10.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.10.211.130.bc.googleusercontent.com
www.justapinch.com
4    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
36    13.224.214.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-46.phl50.r.cloudfront.net
live.primis.tech
rtb.primis.tech
1    18.238.43.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-43-160.jfk52.r.cloudfront.net
c.amazon-adsystem.com
2    23.62.164.208 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-164-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
justapinch-com-d.openx.net
us-u.openx.net
1    13.224.214.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-13.phl50.r.cloudfront.net
live.primis.tech
1    3.168.102.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-41.jfk52.r.cloudfront.net
sync.intentiq.com
1    98.85.131.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-85-131-250.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
pubads.g.doubleclick.net
3    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
cm.g.doubleclick.net
17    3.168.102.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-109.jfk52.r.cloudfront.net
sync.intentiq.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    69.147.65.251 (United States)

ASN14196 (YAHOO-CHA, US)
PTR: e1-bmr.ycpi.cha.yahoo.com
ups.analytics.yahoo.com
2    34.200.16.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-16-169.compute-1.amazonaws.com
mb9eo.publishers.tremorhub.com
1    23.62.168.32 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-168-32.deploy.static.akamaitechnologies.com
cs.media.net
3    34.195.206.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-206-118.compute-1.amazonaws.com
ap.lijit.com
1    63.251.28.210 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    23.105.14.100 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.100.rdns.racklot.com
ssbsync-global.smartadserver.com
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net
1    3.81.174.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-174-250.compute-1.amazonaws.com
match.sharethrough.com
4    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    69.194.242.12 (United States)

ASN26120 (RHYTHMONE, US)
ad.turn.com
1    134.122.16.152 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.kueezrtb.com
5    104.18.27.216 (None, )

ASN13335 (CLOUDFLARENET, US)
sync.ingage.tech
ex.ingage.tech
5    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
pagead2.googlesyndication.com
8    18.238.4.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-109.phl51.r.cloudfront.net
video.primis.tech
4    142.251.167.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f132.1e100.net
tpc.googlesyndication.com
6    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    52.45.244.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-244-46.compute-1.amazonaws.com
id.crwdcntrl.net
3    141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
21    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
securepubads.g.doubleclick.net
25    18.164.114.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-114-179.jfk50.r.cloudfront.net
cdn.smugmug.com
www.smugmug.com
photos.smugmug.com
4    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
1    18.238.4.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-65.phl51.r.cloudfront.net
static.adsafeprotected.com
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
2    54.173.235.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-235-4.compute-1.amazonaws.com
ping.chartbeat.net
1    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
securepubads.g.doubleclick.net
2    54.69.128.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-128-49.us-west-2.compute.amazonaws.com
pb-ing.ccgateway.net
4    44.237.153.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-153-54.us-west-2.compute.amazonaws.com
pb-rtd.ccgateway.net
pb-ing.ccgateway.net
4    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
8    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
2    34.200.45.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-45-67.compute-1.amazonaws.com
stats-new.smugmug.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
6    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
4    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    23.205.106.187 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-205-106-187.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
5    74.119.117.47 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
6    52.5.4.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-4-151.compute-1.amazonaws.com
g2.gumgum.com
2    74.119.117.4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    34.160.128.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
1    147.182.139.208 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
1    23.221.136.32 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-136-32.deploy.static.akamaitechnologies.com
hbx.media.net
1    23.218.218.140 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-218-218-140.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.238.49.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-30.jfk52.r.cloudfront.net
cdn.undertone.com
1    125.253.89.179 (United States)

ASN19437 (SS-ASH, US)
prebid.a-mo.net
1    34.21.57.33 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.57.21.34.bc.googleusercontent.com
ssp.api.tappx.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    34.236.9.251 (None, )

ASN- ()
tattle.api.osano.com
Apex Domain
Subdomains		 Transfer
51 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 26052
685 KB
45 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1757
video.primis.tech — Cisco Umbrella Rank: 6811
rtb.primis.tech — Cisco Umbrella Rank: 5526
3 MB
28 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
pubads.g.doubleclick.net — Cisco Umbrella Rank: 438
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
473 KB
27 smugmug.com
cdn.smugmug.com — Cisco Umbrella Rank: 69903
www.smugmug.com — Cisco Umbrella Rank: 132669
stats-new.smugmug.com — Cisco Umbrella Rank: 76761
photos.smugmug.com — Cisco Umbrella Rank: 52696
1 MB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com
147 KB
22 pub.network
a.pub.network — Cisco Umbrella Rank: 4296
d.pub.network — Cisco Umbrella Rank: 4761
c.pub.network — Cisco Umbrella Rank: 4319
336 KB
19 register-herald.com
www.register-herald.com
photos.register-herald.com
176 KB
18 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1052
15 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
914 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
8 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1519
960 B
7 openx.net
u.openx.net — Cisco Umbrella Rank: 761
pa.openx.net — Cisco Umbrella Rank: 3484
justapinch-com-d.openx.net — Cisco Umbrella Rank: 73315
us-u.openx.net — Cisco Umbrella Rank: 525
1 KB
6 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591 Failed
10 KB
6 t13.io
s2s.t13.io — Cisco Umbrella Rank: 2939
3 KB
6 ccgateway.net
pb-ing.ccgateway.net — Cisco Umbrella Rank: 4655
pb-rtd.ccgateway.net — Cisco Umbrella Rank: 6405
1 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
5 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 521
htlb.casalemedia.com — Cisco Umbrella Rank: 496
19 KB
6 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
52 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949 Failed
2 KB
5 ingage.tech
sync.ingage.tech — Cisco Umbrella Rank: 4498
ex.ingage.tech — Cisco Umbrella Rank: 3925 Failed
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
3 KB
5 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1935
43 KB
5 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5209
consent.api.osano.com — Cisco Umbrella Rank: 9761
tattle.api.osano.com
98 KB
4 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1453
843 B
4 optimise.net
optimise.net — Cisco Umbrella Rank: 5183
3 KB
4 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1734
277 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1536
pixel.quantserve.com — Cisco Umbrella Rank: 1059
10 KB
4 bandborder.com
bandborder.com — Cisco Umbrella Rank: 181677
30 KB
4 newsmemory.com
register-herald-cnhi-pw.newsmemory.com
205 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
884 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 780
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
1 KB
3 gstatic.com
fonts.gstatic.com
87 KB
3 cnhionline.com
static.cnhionline.com — Cisco Umbrella Rank: 183779
62 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 4765
827 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 793
31 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1656
403 B
2 media.net
cs.media.net — Cisco Umbrella Rank: 1071
hbx.media.net — Cisco Umbrella Rank: 1165
2 KB
2 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6558
720 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
615 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
1019 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 570
2 prfct.cc
cdn-resources.prfct.cc — Cisco Umbrella Rank: 112025
3 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 142
www.google.com Failed
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
api.rlcdn.com Failed
839 B
2 ap.org
interactives.ap.org — Cisco Umbrella Rank: 27373
895 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 665
1 KB
1 tappx.com
ssp.api.tappx.com — Cisco Umbrella Rank: 5296
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 788
1 undertone.com
cdn.undertone.com — Cisco Umbrella Rank: 3272
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1960
296 B
1 cootlogix.com
prebid.cootlogix.com Failed
sync.cootlogix.com — Cisco Umbrella Rank: 2064
1 sentry.io
sentry.io — Cisco Umbrella Rank: 137
326 B
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 128672
103 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 639
480 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2708
834 B
1 kueezrtb.com
sync.kueezrtb.com — Cisco Umbrella Rank: 2103
570 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246
505 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 959
435 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 530
btlr.sharethrough.com Failed
348 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1505
474 B
1 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1817
376 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1018
586 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
551 B
1 adnxs.com
ib.adnxs.com Failed
acdn.adnxs.com — Cisco Umbrella Rank: 643
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
1 KB
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1720
1 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
85 KB
1 justapinch.com
www.justapinch.com — Cisco Umbrella Rank: 70519
22 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1510
181 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1552
633 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
63 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1941
15 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
571 B
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 13081
1 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 44760
2 KB
1 adperfect.com
casmp.adperfect.com — Cisco Umbrella Rank: 163732
4 KB
1 cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
550 B
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5206
2 KB
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 12664
30 KB
0 indexww.com Failed
js-sec.indexww.com Failed
0 concert.io Failed
bids.concert.io Failed
0 loopme.me Failed
csync.loopme.me Failed
449 85
Domain Requested by
51 bloximages.chicago2.vip.townnews.com www.register-herald.com
36 live.primis.tech 15 redirects cmp.osano.com
live.primis.tech
www.register-herald.com
22 securepubads.g.doubleclick.net cmp.osano.com
securepubads.g.doubleclick.net
www.register-herald.com
pagead2.googlesyndication.com
21 cdn.smugmug.com www.register-herald.com
photos.register-herald.com
cdn.smugmug.com
18 sync.intentiq.com 3 redirects cmp.osano.com
www.register-herald.com
14 c.pub.network a.pub.network
13 3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com cmp.osano.com
10 www.googletagmanager.com www.register-herald.com
cmp.osano.com
10 www.register-herald.com www.register-herald.com
9 www.google-analytics.com cmp.osano.com
www.googletagmanager.com
www.google-analytics.com
www.register-herald.com
9 photos.register-herald.com 1 redirects cmp.osano.com
cdn.smugmug.com
8 id.hadron.ad.gt a.pub.network
8 video.primis.tech www.register-herald.com
live.primis.tech
7 a.pub.network www.register-herald.com
cmp.osano.com
6 g2.gumgum.com a.pub.network
6 s2s.t13.io a.pub.network
www.register-herald.com
6 id5-sync.com live.primis.tech
a.pub.network
6 lh3.googleusercontent.com www.register-herald.com
5 bidder.criteo.com a.pub.network
static.criteo.net
5 pb-ing.ccgateway.net a.pub.network
5 pagead2.googlesyndication.com live.primis.tech
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 match.adsrvr.org 2 redirects live.primis.tech
a.pub.network
5 cdn.segment.com cmp.osano.com
cdn.segment.com
4 htlb.casalemedia.com a.pub.network
4 ex.ingage.tech a.pub.network
4 lexicon.33across.com 2 redirects www.register-herald.com
4 optimise.net a.pub.network
4 tpc.googlesyndication.com live.primis.tech
tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 u.openx.net 2 redirects cmp.osano.com
4 cdn.confiant-integrations.net cmp.osano.com
4 bandborder.com cmp.osano.com
bandborder.com
4 register-herald-cnhi-pw.newsmemory.com www.register-herald.com
cmp.osano.com
register-herald-cnhi-pw.newsmemory.com
3 photos.smugmug.com photos.register-herald.com
3 lb.eu-1-id5-sync.com live.primis.tech
a.pub.network
3 sync.1rx.io 3 redirects
3 ap.lijit.com 2 redirects www.americanhometownmedia.com
3 x.bidswitch.net 3 redirects
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 static.cnhionline.com www.register-herald.com
2 tattle.api.osano.com cmp.osano.com
2 api.floors.dev a.pub.network
2 static.criteo.net cmp.osano.com
static.criteo.net
2 stats-new.smugmug.com cdn.smugmug.com
2 ping.chartbeat.net www.register-herald.com
2 mb9eo.publishers.tremorhub.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 ads.pubmatic.com cmp.osano.com
2 pixel.quantserve.com www.register-herald.com
2 cdn-resources.prfct.cc cmp.osano.com
2 analytics.google.com www.googletagmanager.com
2 secure.quantserve.com cmp.osano.com
2 idsync.rlcdn.com 2 redirects
2 consent.api.osano.com cmp.osano.com
2 interactives.ap.org www.register-herald.com
2 fonts.googleapis.com www.register-herald.com
cmp.osano.com
1 bh.contextweb.com 1 redirects
1 us-u.openx.net cmp.osano.com
1 ssp.api.tappx.com cmp.osano.com
1 prebid.a-mo.net cmp.osano.com
1 cdn.undertone.com cmp.osano.com
1 justapinch-com-d.openx.net www.americanhometownmedia.com
1 acdn.adnxs.com cmp.osano.com
1 hbx.media.net 1 redirects
1 sync.cootlogix.com cmp.osano.com
1 qsearch-a.akamaihd.net www.register-herald.com
1 pa.openx.net cmp.osano.com
1 www.smugmug.com 1 redirects
1 sentry.io cdn.smugmug.com
1 pb-rtd.ccgateway.net a.pub.network
1 www.americanhometownmedia.com cmp.osano.com
1 static.adsafeprotected.com www.register-herald.com
1 id.crwdcntrl.net live.primis.tech
1 rtb.primis.tech live.primis.tech
1 sync.ingage.tech www.register-herald.com
1 sync.kueezrtb.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 match.sharethrough.com 1 redirects
1 cm.adform.net www.register-herald.com
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 cs.media.net 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 pubads.g.doubleclick.net live.primis.tech
1 cs-server-s2s.yellowblue.io cmp.osano.com
1 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
1 www.justapinch.com www.register-herald.com
1 api.segment.io cdn.segment.com
1 rules.quantcount.com cmp.osano.com
1 www.google.ca www.register-herald.com
1 td.doubleclick.net cmp.osano.com
1 static.chartbeat.com cmp.osano.com
1 pippio.com www.register-herald.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 d.pub.network www.register-herald.com
1 japfg-trending-content.appspot.com www.register-herald.com
1 casmp.adperfect.com www.register-herald.com
1 d1gzrgn7m19oq9.cloudfront.net 1 redirects
1 tag.simpli.fi www.register-herald.com
1 cdn-gateflipp.flippback.com www.register-herald.com
1 cmp.osano.com www.register-herald.com
0 www.google.com Failed securepubads.g.doubleclick.net
0 js-sec.indexww.com Failed cmp.osano.com
0 bids.concert.io Failed a.pub.network
0 btlr.sharethrough.com Failed a.pub.network
0 prebid.cootlogix.com Failed a.pub.network
0 api.rlcdn.com Failed live.primis.tech
0 ib.adnxs.com Failed www.register-herald.com
0 csync.loopme.me Failed www.register-herald.com
449 114
Subject Issuer Validity Valid
register-herald.com
WR1		 2024-10-14 -
2025-01-12		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2024-03-12 -
2025-04-12		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M02		 2024-09-17 -
2025-10-16		 a year crt.sh
flippback.com
Amazon RSA 2048 M02		 2024-08-18 -
2025-09-16		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
pub.network
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-05 -
2025-04-05		 a year crt.sh
ap.org
GeoTrust RSA CA 2018		 2024-08-05 -
2025-08-07		 a year crt.sh
*.appspot.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
static.cnhionline.com
ZeroSSL RSA Domain Secure Site CA		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
bandborder.com
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
d.pub.network
WR3		 2024-11-08 -
2025-02-06		 3 months crt.sh
ssl.smugmug.com
R11		 2024-10-23 -
2025-01-21		 3 months crt.sh
*.api.osano.com
Amazon RSA 2048 M02		 2024-08-27 -
2025-09-25		 a year crt.sh
flipp.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-28		 a year crt.sh
quantserve.com
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.ca
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2024-11-13 -
2025-12-13		 a year crt.sh
*.adperfect.com
Amazon RSA 2048 M02		 2024-02-14 -
2025-03-14		 a year crt.sh
*.googleusercontent.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2024-04-29 -
2025-05-31		 a year crt.sh
confiant-integrations.net
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M03		 2024-08-24 -
2025-09-22		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M03		 2024-03-26 -
2025-04-24		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-27 -
2025-06-18		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2024-08-01 -
2025-08-11		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
id5-sync.com
E6		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
smugmug.com
Amazon RSA 2048 M02		 2024-09-26 -
2025-10-25		 a year crt.sh
optimise.net
WR3		 2024-11-06 -
2025-02-05		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2024-05-13 -
2025-06-14		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
c.pub.network
WR3		 2024-11-04 -
2025-02-02		 3 months crt.sh
ccgateway.net
Amazon RSA 2048 M03		 2024-10-16 -
2025-11-14		 a year crt.sh
id.hadron.ad.gt
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-03 -
2025-07-22		 a year crt.sh
stats.smugmug.com
Amazon RSA 2048 M03		 2024-02-23 -
2025-03-22		 a year crt.sh
pa.openx.net
WR3		 2024-11-13 -
2025-02-11		 3 months crt.sh
s2s.t13.io
WR3		 2024-11-04 -
2025-02-02		 3 months crt.sh
casalemedia.com
E6		 2024-10-13 -
2025-01-11		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2024-10-17 -
2025-11-15		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
api.floors.dev
WR3		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.cootlogix.com
Starfield Secure Certificate Authority - G2		 2024-10-13 -
2025-10-13		 a year crt.sh
cdn.adnxs.com
R11		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2024-02-11 -
2025-03-12		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M03		 2024-08-10 -
2025-09-08		 a year crt.sh
*.a-mo.net
R10		 2024-09-29 -
2024-12-28		 3 months crt.sh
ssp.api.tappx.com
R10		 2024-10-13 -
2025-01-11		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://www.register-herald.com/
Frame ID: 6848B9B12B4E1D7DFACDC8EEC84290B4
Requests: 299 HTTP requests in this frame

Frame: https://interactives.ap.org/election-results/customers/layouts/organization-layouts/published/45783/20072.html
Frame ID: A580760AC6EF4B635E685EF06131EF68
Requests: 1 HTTP requests in this frame

Frame: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Frame ID: 26EEE38FB7AAF7D0BB6ADF22A093C59F
Requests: 33 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=1091792531.1732543063&gtm=45je4bk0v887101457z8861227858za200zb861227858&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=273716627
Frame ID: 3CC3E088C20E575593745055B9305309
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 933C5BF74242A52CC79E8B02027736EC
Requests: 46 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 9719189FB1879A59BE59E5888F292CFF
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=20455208-c6f7-426f-9261-95ebb7218b36
Frame ID: F27DC89F54A7F300D5121D418A72D61C
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={{gdpr}}&gdpr_consent={{gdpr_consent}}&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D150%26advUuid%3D%7BpartnerId%7D
Frame ID: B295339AB28C45A6A10C5031BB685F0F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/LVEN46HQ.html
Frame ID: E9339187E696EE2256A10102CB911013
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 244192C08AD7177A01469F67FD0FDD2F
Requests: 1 HTTP requests in this frame

Frame: https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com
Frame ID: 7A96A56C66E43953A23772E239B455F6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 8A62C5FFD8753952633AD79CA5A35D0D
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 52E23892FAB190A7099C18949B3B8CCA
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D3450C422E5FA5A860FC3FA980E86FA4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 67BFA723E7D389562B2919FDF1D8606D
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 90858B480C13FC5BC76903875598C4BB
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 99CE549E09FB1E15BC9949887A0BBEE0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AE5369C114EDE6032702E9957CD462C9
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 57A356814DF32A3DE85584CC98C00939
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC6FC1268B1C2283F75D2A9D359C8C5A
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E96495F4E683500DCFD70262A3DE4819
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6899BD6B331137FEB3B796A7EB98ADF5
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 543736F5D11BC95A0B11CA5D624685B2
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA66C35A73B7B72810DA9C81E9102BA0
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7A1E4DEC4CDA0F48572F2093DA29E91
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0688D2D2D808CD0C825F52F899C4A96F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: BF80873755F8B00278C44BFB0BB0687D
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B4188911005208C8BC5A1AA9A852483
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 118CC63CE4BE7077461C175F01A2E2F0
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4BCA8D92B3B2C9730AE6D8E03F4928BA
Requests: 1 HTTP requests in this frame

Frame: https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3AEBDBB3FB95E7CC55FD47C7EA8387F5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjU17RAEi6tKSLFICP0pKivSZXutdCNjSADhrPhoRgeefJHWfrVEZUkDthZJXN2BZqMUYnqjDLzYVnaymOG11cukP_r-llOV01cxylGhN7AbAwZN5PFvMgoCIAfQtF4C0dnJFOSNQtRdfbG0meb7OuuI4I06IDutXf1awwXYOwg-jfZvTdmO-B4EM1I2QJOHuMBD7LfbV3MM8pwMsZhzFCjgRh_13oYdnqTI7mxZDi0l-f-6zyQNbbqbsRvrA5VQ8KngCq6JtMxpeiPwOXwmf1WRke6FNxY7dSFy2MydGRWkkbsEk0qCYAaCD4_YirwIQspkQtfFMVPMpKQEKgoIKXIdDGmt4PZLg86HEngapMiZRsDogo4hiBQmgVPzkWbMK0vgIpMZeHBeXwmfMNzE3qgvPPreHV5MuGf4xtE1ESy3Se2dJOUsxKErFQP5XeuRx1Kqs4rGL-_y-yeg8&sai=AMfl-YRlXIjve2C23VADpfkTjBGlXI3zB-63sn9yFu8IqoJB81eK0Lx9hVWAXIFbaktosfyFrz63zPOlrWy-sWfWwiB15SMZsUJyBZn7hIViJ-wukUIN2NOQHCFh_EM&sig=Cg0ArKJSzNMaIn-QNsl2EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 387E13FE5E91A0B9B15D0CC15EC0E283
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 3C62B7D84EB1B209AF936EA3ABEC2263
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 034A2C33DD962B39B56CCDCFCEF0B664
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: ECC53FA0A7F76838C51BF83A61C6FFFA
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Frame ID: 5E642310679D4F2A13C0C26E965BE73F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

register-herald.com | In Print. Online. Anytime.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

449
Requests

78 %
HTTPS

0 %
IPv6

85
Domains

114
Subdomains

80
IPs

7
Countries

8234 kB
Transfer

19174 kB
Size

176
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.register-herald.com HTTP 301
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
Request Chain 88
  • https://idsync.rlcdn.com/712559.gif?partner_uid=93d4dd02-d69e-4beb-a312-0fd0dccc604e HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDkzZDRkZDAyLWQ2OWUtNGJlYi1hMzEyLTBmZDBkY2NjNjA0ZRAAGg0I1oSSugYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ca7cfdc34f20ea79ef12722b42d2d1a172360739a9710d6489c4175025cb3170791426b5417dce21&_=2
Request Chain 159
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=20455208-c6f7-426f-9261-95ebb7218b36 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=20455208-c6f7-426f-9261-95ebb7218b36
Request Chain 165
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=76583ff2-919f-467a-bbbf-23cce8b35dc2&google_hm=NzY1ODNmZjItOTE5Zi00NjdhLWJiYmYtMjNjY2U4YjM1ZGMy&gdpr_consent=&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEO6Wt4HkBiRtpioTIQuuZ1A&google_cver=1&ssp=sekindo&bsw_param=76583ff2-919f-467a-bbbf-23cce8b35dc2&gdpr_consent=&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=76583ff2-919f-467a-bbbf-23cce8b35dc2 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=76583ff2-919f-467a-bbbf-23cce8b35dc2
Request Chain 166
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=6744825da6b75&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=6744825da6b75&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=803bc1bf-640b-4350-b48a-c314858948a6&csuuid=6744825da6b75&gdpr=0&gdpr_consent=
Request Chain 168
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152&ckls=true&ci=Q089xTIwNi&nc=false&trid=1814361460
Request Chain 169
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=1159805321925012985558 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=1159805321925012985558 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=1159805321925012985558&ckls=true&ci=Q2njsltKQM&nc=false&trid=615286514
Request Chain 170
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=M3X3ESS0-1I-3KWU&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3X3ESS0-1I-3KWU HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3X3ESS0-1I-3KWU&ckls=true&ci=mCvAtYKLF4&nc=false&trid=-750723812
Request Chain 171
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-wmwuMh9E2uIWCxdi3.i9meg3rHB6ZVhH~A HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-wmwuMh9E2uIWCxdi3.i9meg3rHB6ZVhH~A
Request Chain 173
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=0f82447de7ad4ba684e92174035abd69 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0f82447de7ad4ba684e92174035abd69
Request Chain 174
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=6744825da6b75&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3755446787584945000V10&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755446787584945000V10
Request Chain 175
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=JueFALZHDYU1yR7BRmeUTYAN HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JueFALZHDYU1yR7BRmeUTYAN
Request Chain 176
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=b124a91183fd2df8ff27d84ed248b42d&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=b124a91183fd2df8ff27d84ed248b42d
Request Chain 177
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=62dd1df3-1bae-4374-a3d4-c172d32d7575 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=62dd1df3-1bae-4374-a3d4-c172d32d7575
Request Chain 178
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5816107978324444555&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5816107978324444555
Request Chain 180
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=dc2f70f1-9ef2-4c3b-9475-5e5c0c68b255&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=dc2f70f1-9ef2-4c3b-9475-5e5c0c68b255
Request Chain 181
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1732543076764 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005&rndcb=7713406222 HTTP 302
  • https://sync.1rx.io/usersync/turn/8433961793956537802?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005
Request Chain 182
  • https://sync.kueezrtb.com/api/user/pixel/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D151%26advUuid%3D%24%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=151&advUuid=da3a229b-175c-dc4c-1a9e-b1218dd9c244&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=da3a229b-175c-dc4c-1a9e-b1218dd9c244
Request Chain 251
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=y2k6oIedzK21iEjwT7FXp1%2BphDy2kiMy8Fr6e1ODMm8%3D
Request Chain 255
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=EH%2FofNG9tGYmchWfHFUzQFUx8C1jcQGsdgDR6P%2BWZew%3D
Request Chain 267
  • https://www.smugmug.com/include/js/cookiemonster.mg?returnTo=https://photos.register-herald.com HTTP 302
  • https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com
Request Chain 343
  • https://photos.register-herald.com/img/spacer.gif HTTP 301
  • https://cdn.smugmug.com/img/spacer.gif
Request Chain 371
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3755446787584945000V10
Request Chain 442
  • https://bh.contextweb.com/bh/rtset?pid=563220&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpulsepointfsx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=2iPwFrOSAWle&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
Request Chain 443
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=M3X3ESS0-1I-3KWU&us_privacy=1---

449 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.register-herald.com/ 		602 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
0e582c8d9663e8e9639f7bf693f769b2bbab4e531316ae58598fe3e9204c8707
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
217
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
89008
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 13:54:00 GMT
etag
W/107ac140e1f3a3bdd80c550c0016c857
last-modified
Mon, 25 Nov 2024 13:53:55 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.83.2; app19; 5.04s; 8M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.register-herald.com/tncms/xrds/
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"60e609f2-1882c"
age
565851
expires
Thu, 13 Mar 2025 18:06:14 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518e4a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
38456
server
cloudflare
user.js
www.register-herald.com/shared-content/art/tncms/user/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=10
content-encoding
gzip
service-worker-allowed
/
etag
W/"6740ec95-ee3"
age
309
accept-ranges
bytes
content-length
1658
date
Mon, 25 Nov 2024 13:52:28 GMT
last-modified
Fri, 22 Nov 2024 20:41:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5d726a23-9bd8"
age
16948002
expires
Thu, 13 Mar 2025 16:45:09 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518f0a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
12719
server
cloudflare
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671917af-841f"
age
233529
expires
Sun, 02 Nov 2025 05:41:04 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 23 Oct 2024 15:35:11 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518e3a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14189
server
cloudflare
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-2d77"
age
12106591
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518f2a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4260
server
cloudflare
application.0758030105fdd3a70dff03f4da4530e2.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6707d183-1166"
age
2363211
expires
Wed, 15 Oct 2025 19:01:05 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 13:07:15 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518f4a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1636
server
cloudflare
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-9b8"
age
21526478
expires
Thu, 13 Mar 2025 16:48:12 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518eaa246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
910
server
cloudflare
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66920-1ac2e"
age
16928628
expires
Thu, 13 Mar 2025 19:22:21 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:32 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518e1a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
21439
server
cloudflare
font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"653c2da1-7257"
age
23394047
expires
Thu, 31 Oct 2024 06:48:36 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Fri, 27 Oct 2023 21:37:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518e0a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7517
server
cloudflare
layout.4f2008879f13ddd758050a76c1e8672c.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		155 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4f2008879f13ddd758050a76c1e8672c.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c5-26de1"
age
4726952
expires
Wed, 01 Oct 2025 19:01:14 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Mon, 23 Sep 2024 18:47:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518d5a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
34470
server
cloudflare
theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66be51f7-a358"
age
8358851
expires
Wed, 20 Aug 2025 19:02:07 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Thu, 15 Aug 2024 19:07:35 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518d8a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
9533
server
cloudflare
site.css
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/styles/site.css?_dc=1653486271
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d7c9d22bc64bec9e1ab42f298cb72b96daf3e6f0fb3ca309437b3ca962645c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"628e32bf-1728"
age
17059543
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Wed, 25 May 2022 13:44:31 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518dfa246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1525
server
cloudflare
flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		1 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66925-4a3"
age
403807
expires
Thu, 13 Mar 2025 19:26:02 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518daa246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
533
server
cloudflare
jquery-ui.css
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528903338
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5b2136aa-3e62"
age
403807
expires
Sat, 20 Sep 2025 16:55:56 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Wed, 13 Jun 2018 15:22:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518dca246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3038
server
cloudflare
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66925-2021"
age
485117
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518dda246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1823
server
cloudflare
csrf.js
www.register-herald.com/shared-content/art/tncms/api/ 		940 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/api/csrf.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=10
content-encoding
gzip
service-worker-allowed
/
etag
W/"6740ec95-3ac"
age
309
accept-ranges
bytes
content-length
537
date
Mon, 25 Nov 2024 13:52:28 GMT
last-modified
Fri, 22 Nov 2024 20:41:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
access.3e0b8030b6000aa9a609.js
www.register-herald.com/shared-content/art/tncms/api/ 		71 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=10
content-encoding
gzip
service-worker-allowed
/
etag
W/"67214290-11c3d"
age
309
accept-ranges
bytes
content-length
29787
date
Mon, 25 Nov 2024 13:52:28 GMT
last-modified
Tue, 29 Oct 2024 20:16:16 GMT
content-type
application/x-javascript
vary
Accept-Encoding
tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-2503"
age
410476
expires
Thu, 13 Mar 2025 16:48:12 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518e5a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2877
server
cloudflare
tnt.ads.load.462138bd56c8889eca1bfd14028a582d.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.462138bd56c8889eca1bfd14028a582d.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba48dfc33fe7421ce415e24343f993c3bee5554c49dc34d2a65831f9e0db4c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f221db-406"
age
17277844
expires
Wed, 19 Mar 2025 19:01:22 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Mar 2024 21:59:55 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226369a13a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
620
server
cloudflare
tracking.js
www.register-herald.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=10
content-encoding
gzip
service-worker-allowed
/
etag
W/"6740ec95-a3a"
age
309
accept-ranges
bytes
content-length
1157
date
Mon, 25 Nov 2024 13:52:28 GMT
last-modified
Fri, 22 Nov 2024 20:41:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
admanager.js
www.register-herald.com/shared-content/art/tncms-ad-manager/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=10
content-encoding
gzip
service-worker-allowed
/
etag
W/"65ea3d44-9d42"
age
309
accept-ranges
bytes
content-length
12840
date
Mon, 25 Nov 2024 13:52:28 GMT
last-modified
Thu, 07 Mar 2024 22:18:44 GMT
content-type
application/x-javascript
vary
Accept-Encoding
impressions.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		83 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/impressions.js?_dc=1732541720
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e71b9750bed04d835845acb8610e99fdc726b81ee570b0f48e7bb843011fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67447d18-53"
expires
Tue, 25 Nov 2025 13:40:32 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Mon, 25 Nov 2024 13:35:20 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518eba246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
100
server
cloudflare
traffic.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/traffic.js?_dc=1732512918
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af69970e4bdd1dae03743c2e01cc7a78d5b3cc946517170e3ec75f6ce781908b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67440c96-5e4"
age
26544
expires
Tue, 25 Nov 2025 05:40:45 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Mon, 25 Nov 2024 05:35:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518e6a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
826
server
cloudflare
settings.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		3 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/settings.js?_dc=1519930389
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c07323b9f8816039655bc454c1a75563a252381a906f01d97c169659b27e63
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5a984c15-d4c"
age
17516658
expires
Wed, 19 Mar 2025 10:35:02 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Thu, 01 Mar 2018 18:53:09 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518e8a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
585
server
cloudflare
tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-6d1"
age
1504938
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822636aa2da246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
771
server
cloudflare
jquery-ui.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/scripts/jquery-ui.js?_dc=1468945517
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"578e546d-aad1"
age
403807
expires
Fri, 14 Nov 2025 19:04:22 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Tue, 19 Jul 2016 16:25:17 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518eda246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14461
server
cloudflare
biz.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/scripts/biz.js?_dc=1468340463
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4198d9ae65e215bbfba8a14b4e9ed754198d186ba88aed0ca37ea54ecb7701b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"578518ef-1985"
age
17059543
expires
Thu, 13 Mar 2025 16:48:12 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Tue, 12 Jul 2016 16:21:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518efa246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2226
server
cloudflare
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f221dd-cf"
age
17059543
expires
Sat, 22 Mar 2025 08:11:17 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Mar 2024 21:59:57 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e82263518eea246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
176
server
cloudflare
css
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
97210a6f3bb5fd736f839127b138eb7a7786cde64d5983b53743cb6816d7079e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 13:57:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:38 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 12:54:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fontawesome.48f6e778a25162f5c4a6977fb556155b.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		277 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e19e2e-45518"
age
471825
expires
Wed, 17 Sep 2025 19:01:08 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Sep 2024 13:42:06 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822636aa2fa246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
117608
server
cloudflare
osano.js
cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/ 		365 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-42.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
3bf8760acf570d75580480d6a3d0768acc1358049dcdafafbab959d6843b088e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
"58f0212a8fe8f242dd26fa5980ef469d"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
xzDi9G6dBUOWm-u9ZbwlpMWzngUgblu2ITM-JKSyVQZHPg9dPKf0Ig==
date
Mon, 25 Nov 2024 13:57:38 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 15:59:37 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 147304062d7ea2e4f164fa4c19c4bff2.cloudfront.net (CloudFront)
content-length
98690
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P6
server
CloudFront
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-117.phl50.r.cloudfront.net
Software
envoy /
Resource Hash
c6dea994f871c501133932c09479c56010984c5cf98e8d8ed7945d008ee09ee9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-store
content-encoding
gzip
x-envoy-upstream-service-time
8
via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
B1sDkfPyn1Zzi4DL5QZMlwhlsF8ks6Hn2FbGDahJGIA2FRksxFgXGg==
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/javascript
vary
Origin,Origin, Accept-Encoding
server
envoy
x-amz-cf-pop
PHL50-C1
eafa8850-4d78-0136-d0af-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/eafa8850-4d78-0136-d0af-06a9ed4ca31b
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.15.245.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
95ee6fc8810dfcbf054b898101151cb555278f15ff86e64a846cf1209c7184d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-request-id
GAs6vd5HDo9MZQ4wZW1F
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Mon, 25 Nov 2024 13:57:48 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
cls.css
a.pub.network/register-herald-com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/register-herald-com/cls.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8908154ab78aedae0914ded4c76fff4b8310d1b82beeb00dfadb340c77d7e90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=9X94PQ==, md5=hJ3oBFY8dwOkI4E7uQRszg==
cf-cache-status
REVALIDATED
etag
W/"849de804563c7703a423813bb9046cce"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 14:27:38 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
2627
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:38 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 12:54:52 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-guploader-uploadid
AFiumC7qFM0JfbnAORLgNYPUoIyOo_3YoyTCBV5k9APV7yEgTu9u4b5P66OGzgPtuKKhEvoWZ8g4RQ7jtw
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e8226217f98ab51-YYZ
access-control-allow-origin
*
x-goog-generation
1729601692824486
server
cloudflare
pubfig.min.js
a.pub.network/register-herald-com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/register-herald-com/pubfig.min.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a179aff94697df1272b7433e1346f780d35ae375b7cb926f3b16dcd2bfd5cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=FRPsJg==, md5=dlq4yzWkeJmHXbTYW0X6Ug==
cf-cache-status
HIT
etag
W/"765ab8cb35a47899875db4d85b45fa52"
age
231383
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 14:27:41 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43680
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:40:57 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4qAw8HazRK2RQ4vvZgwZT6InkH-SifjJFuOb-EXIHNpW81bYttRBrGepURLsGmJAEQB48
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://d.pub.network/v2/sites/register-herald-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e8226368cbdab51-YYZ
access-control-allow-origin
*
x-goog-generation
1732034456901524
server
cloudflare
/
register-herald-cnhi-pw.newsmemory.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&v=3&service=onstop
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
689c90e3d54cd33dc799dcb8f743d21832ffb124eaacbb96ee5846f88dc533ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Expires
Mon, 25 Nov 2024 15:57:42 UTC
Access-Control-Allow-Origin
*
Content-Length
6113
Keep-Alive
timeout=2, max=300
Date
Mon, 25 Nov 2024 13:57:42 GMT
Content-Type
application/x-javascript
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
tracker.js
www.register-herald.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=10
content-encoding
gzip
service-worker-allowed
/
etag
W/"66f6f794-2200"
age
309
accept-ranges
bytes
content-length
3224
date
Mon, 25 Nov 2024 13:52:28 GMT
last-modified
Fri, 27 Sep 2024 18:21:08 GMT
content-type
application/x-javascript
vary
Accept-Encoding
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95b2add8ced883d3eefbfc4e70b58fbed8de0bc9e5b3772c3c262212cb67564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"627134b3-42ce"
age
5700281
cf-cache-status
HIT
expires
Wed, 03 Sep 2025 10:53:29 GMT
cf-polished
origFmt=png, origSize=17102
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="627134b320195.webp"
vary
Accept
last-modified
Tue, 03 May 2022 13:57:07 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822635591da246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8476
server
cloudflare
/
register-herald-cnhi-pw.newsmemory.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&v=3
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
7300835f748392ab97449486ce54a3ad495032623a35b158618a2ee1d36f8359

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
37dc703a049847d0cb446ea6104f3e65
Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Expires
Mon, 25 Nov 2024 15:57:43 UTC
Access-Control-Allow-Origin
*
Content-Length
4415
Keep-Alive
timeout=2, max=299
Date
Mon, 25 Nov 2024 13:57:42 GMT
Last-Modified
Thu, 17 Aug 2023 14:18:11 UTC
Content-Type
application/x-javascript
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png?resize=400%2C44
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"bdf93259bcd79bd4c05d76c1031b2fce"
age
478529
cf-cache-status
HIT
expires
Thu, 13 Nov 2025 22:48:25 GMT
cf-polished
origFmt=png, origSize=10751
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="627134b320195.webp"
vary
Accept
last-modified
Tue, 03 May 2022 13:57:07 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822635591ea246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5364
server
cloudflare
resizeClient.js
interactives.ap.org/election-results/assets/microsite/ 		621 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://interactives.ap.org/election-results/assets/microsite/resizeClient.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.8.126 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-8-126.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
187e36835b2bd991ca93ea63a3b3aa77d6fcf579ea1d30e78829c4cd4f3581dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Vary
Accept-Encoding
x-amz-replication-status
FAILED
Content-Encoding
gzip
ETag
"e35127c8f7e3d7745729c5a7f3e85784"
x-amz-version-id
0Zf8UDEYGXrHOqNcQUqrc6j3KNhfQoWY
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
362
X-Amz-Cf-Id
J_M3Mujlt-qXZ60Y0kFNYhbbXnxq_4q9IqDlkMRzT3qDchkseIeWLw==
Date
Mon, 25 Nov 2024 13:57:42 GMT
Content-Type
application/javascript
Last-Modified
Mon, 18 Nov 2024 16:03:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P5
x-amz-server-side-encryption
AES256
0f9cad1c-66dc-11eb-aee9-cb350c093c6a.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/0f9cad1c-66dc-11eb-aee9-cb350c093c6a.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55889ef6b0be911566f841cdf9e12e9d769a3d5324e34e1d9c3c9442218dae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"601bda4a-eb40"
age
403807
cf-cache-status
HIT
expires
Fri, 07 Nov 2025 21:49:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=60224
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="0f9cad1c-66dc-11eb-aee9-cb350c093c6a.webp"
vary
Accept
last-modified
Thu, 04 Feb 2021 11:28:10 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226359953a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
32776
server
cloudflare
06b04adc-7cae-11eb-b31c-1bc033198f1e.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/06b04adc-7cae-11eb-b31c-1bc033198f1e.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c64f44304b93bb203e30ce68d3518197832e3b2f0d17418731d9380857ffb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"604075fc-f94f"
age
403807
cf-cache-status
HIT
expires
Thu, 20 Nov 2025 21:25:45 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=63823
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="06b04adc-7cae-11eb-b31c-1bc033198f1e.webp"
vary
Accept
last-modified
Thu, 04 Mar 2021 05:54:04 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226359955a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
42572
server
cloudflare
retailadvertiser
casmp.adperfect.com/widget/
Redirect Chain
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.register-herald.com
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
35.85.88.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-85-88-45.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ca46c7d904699d5673e1e9cf73ea6bb7c99b224a74fe06f9e43bd213faf52b95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=3600
content-encoding
gzip
expires
Mon, 25 Nov 2024 14:57:43 GMT
content-length
3328
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache

Redirect headers

Cache-Control
max-age=3600
Location
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
Age
358
Connection
keep-alive
Via
1.1 5f9847e2035814141303960526e10e26.cloudfront.net (CloudFront)
Expires
Mon, 25 Nov 2024 14:51:43 GMT
X-Cache
Hit from cloudfront
Content-Length
0
X-Amz-Cf-Id
e_fm9QMd3RgF8GqAs8E_wcIMTXP4osldjIXimCgQ-FqymTvAl6nr1Q==
Date
Mon, 25 Nov 2024 13:51:43 GMT
Content-Type
text/html; charset=UTF-8
X-Amz-Cf-Pop
JFK52-P8
Server
Apache
widgey-dug.php
japfg-trending-content.appspot.com/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10223&v=1&q=3&i=1
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.153 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f153.1e100.net
Software
nginx /
Resource Hash
428cf196c17a3bc4dfc9a382737abbcf4537437c594bd4ce382b9ae566a686ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
date
Mon, 25 Nov 2024 13:57:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
63d974bdca729.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/a/4c/a4c1e2c4-a1a2-11ed-8a11-e30cd8b6a389/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/a/4c/a4c1e2c4-a1a2-11ed-8a11-e30cd8b6a389/63d974bdca729.image.jpg?resize=400%2C320
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80799ebf2ac1a977b8926bb1b45767c640045522b15676c5a66b34faaa1ac31
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ca0a06b8afb8ef142e5ca6e5788cd32c"
age
5725228
cf-cache-status
HIT
expires
Thu, 13 Mar 2025 16:45:20 GMT
cf-polished
origSize=27407, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Tue, 31 Jan 2023 20:06:21 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226368a09a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
27199
server
cloudflare
registerherald.js
static.cnhionline.com/cnhi/data/premiumads/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/premiumads/registerherald.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
48fd8b2824c2aaa6805d06553d9920e45a2c4ee96d72ac5809b0603d6eaa1ef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
"e80b50c6-478-627b169eb8000"
Connection
close
Accept-Ranges
bytes
Content-Length
1144
Date
Mon, 25 Nov 2024 13:57:57 GMT
Last-Modified
Mon, 25 Nov 2024 00:00:00 GMT
Content-Type
text/javascript
Server
Apache/2.2.34 (Amazon)
registerherald.js
static.cnhionline.com/cnhi/data/bizmarquee/ 		441 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/bizmarquee/registerherald.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
be40e3da703faed33bd3e9c8977a3d814f53c17df10838fd4b257c7e9f6d074f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
"f00672ae-1b9-627b169eb8000"
Connection
close
Accept-Ranges
bytes
Content-Length
441
Date
Mon, 25 Nov 2024 13:57:57 GMT
Last-Modified
Mon, 25 Nov 2024 00:00:00 GMT
Content-Type
text/javascript
Server
Apache/2.2.34 (Amazon)
5879-RTJ-Summer-Packages-300x250.gif
static.cnhionline.com/ksherman/images/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/ksherman/images/5879-RTJ-Summer-Packages-300x250.gif
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
"805b540-edcd-5fd785f418f52"
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Origin
http://template1.cnhionline.com
Content-Length
60877
Date
Mon, 25 Nov 2024 13:57:57 GMT
Last-Modified
Tue, 06 Jun 2023 16:18:39 GMT
Content-Type
image/gif
Server
Apache/2.2.34 (Amazon)
tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671917b1-3662"
age
485117
expires
Thu, 06 Nov 2025 12:26:26 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 23 Oct 2024 15:35:13 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226368a0ba246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5096
server
cloudflare
tnt.poll.e40d6bdcc6bcd404603444a2cc667ea0.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.e40d6bdcc6bcd404603444a2cc667ea0.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1895ad7b11c8904ba4f8c86b5221539f3cf6a8cf729a0a1e3e590623c9da896b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66abbcfc-fbf"
age
403807
expires
Fri, 01 Aug 2025 18:01:36 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Thu, 01 Aug 2024 16:51:08 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226369a0ca246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1672
server
cloudflare
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-1010"
age
1504938
expires
Thu, 13 Mar 2025 18:07:32 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226369a0da246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1501
server
cloudflare
tnt.regions.e7df22f20c42105cce5864da9e346f48.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.e7df22f20c42105cce5864da9e346f48.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66be51f3-1041"
age
8358851
expires
Wed, 20 Aug 2025 19:02:07 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 19:07:31 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226369a0fa246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1560
server
cloudflare
dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-5a6"
age
13140376
expires
Thu, 13 Mar 2025 18:07:32 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226369a10a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
554
server
cloudflare
promo_popup.251d9baed77bb7d7e50212b336162059.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/promo_popup.251d9baed77bb7d7e50212b336162059.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6564a921-5e8"
age
23398503
expires
Thu, 28 Nov 2024 07:20:01 GMT
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/x-javascript
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226369a12a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
659
server
cloudflare
gtm.js
www.googletagmanager.com/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
33c61ff90acba12eb8453d684fce1663208d1bd7cf6aa5da1daa4920f42b371b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 13:57:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79655
x-xss-protection
0
server
Google Tag Manager
/
www.register-herald.com/_services/v1/client_ip_info/ 		79 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/_services/v1/client_ip_info/
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
379e688d706aea684715d979daa3469bd5dee93b314d28c31fd76a99abb75ba1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=3600
content-length
79
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
application/json
299212e6-fa1d-4b70-9772-18d8398d4bb7
https://www.register-herald.com/ Frame 		0
0
hwggUy-8zXVKjZI2E0wUar3MPBzZdax8V8xbh44lQOv3IKJxHBD4W_wdvLc56wLDDaDvNtpmA
bandborder.com/v2/0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/hwggUy-8zXVKjZI2E0wUar3MPBzZdax8V8xbh44lQOv3IKJxHBD4W_wdvLc56wLDDaDvNtpmA
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6175b90081cead91934049fee413677a53112b75f20b84128723247d4878d1d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"c75c2b7a9a05ef2421587caa0adf7150750200896685635cfcd8c5d36bf4ac79"
x-buildname
hoothoot
x-hostname
fen-hoothoot-us-central1-spot-442h
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e822640ed1c36a5-YYZ
accept-ranges
bytes
content-length
3881
x-buildnumber
1553448542
server
cloudflare
tracker.gif
www.register-herald.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.register-herald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=173254306152145045016001200719787479720&tnms_dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&tnms_upage=1&tnms_do=www.register-herald.com&tnms_uri=/&tnms_ref=&rt=1732543061523
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
MISS
cache-control
no-cache, no-store
etag
"48f79fed-0"
age
0
accept-ranges
bytes
content-length
0
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/gif
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
bandborder.com/v2/0/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e24cb32c39ad12af30d92d576a6c1e69234bec6e4eae27ecd92a27399da7eaf6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"9901c02fa7b8c86c3a7d2898e2bf04b9440f0d48ecfe5a0fd6c3e7597f54a120"
x-buildname
hoothoot
x-hostname
fen-hoothoot-us-central1-spot-442h
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e822640ed1e36a5-YYZ
x-buildnumber
1553448542
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://fonts.googleapis.com/

Response headers

age
196893
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 23 Nov 2025 07:16:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 07:16:08 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
20072.html
interactives.ap.org/election-results/customers/layouts/organization-layouts/published/45783/ Frame A580 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://interactives.ap.org/election-results/customers/layouts/organization-layouts/published/45783/20072.html
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.8.126 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-8-126.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
561
Content-Type
text/html
Date
Mon, 25 Nov 2024 13:57:41 GMT
ETag
"c16f7bffdd5326820c2f55ec7a9bf7e2"
Last-Modified
Mon, 28 Oct 2024 19:11:33 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Amz-Cf-Id
Tl5aQDN6eOobIX42h3SZBO6Y3u0o8qnVUbPs3n30VxjLfaqXjH_ZKA==
X-Amz-Cf-Pop
JFK52-P5
x-amz-replication-status
FAILED
x-amz-server-side-encryption
AES256
x-amz-version-id
fFfUtTMyAyfOJ1fsW_UD1xjaSyESdSj9
configs
d.pub.network/v2/sites/register-herald-com/ 		75 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/register-herald-com/configs?env=PROD
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
728b65af071a5bf1fd59ed126009f3a78f6544664483f097f1676198d0e0c99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
gtm.js
www.googletagmanager.com/ 		239 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJDQXD
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
55b70df34ffcfa5ecc48aa975a17bb91ed3e1e1623e35e585c4972788790cb8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 13:57:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85859
x-xss-protection
0
server
Google Tag Manager
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://fonts.googleapis.com/

Response headers

age
242738
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 18:32:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 18:32:03 GMT
last-modified
Tue, 02 May 2023 15:52:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33116
x-xss-protection
0
server
sffe
673e562ed41d7.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/4f/64ffa990-a787-11ef-85ba-e7a93cfb381e/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/4f/64ffa990-a787-11ef-85ba-e7a93cfb381e/673e562ed41d7.image.jpg?resize=101%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20899d4215c29fdb483a29920675ecc094a9184c153d839f55dcbca59952ed3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"b72f682554e7243ba6e487f49b4c6c60"
age
81189
cf-cache-status
HIT
expires
Mon, 24 Nov 2025 14:54:59 GMT
cf-polished
origSize=6010, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Wed, 20 Nov 2024 21:35:42 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226374ab9a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5506
server
cloudflare
673e500e879c0.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/b/e3/be36207e-a783-11ef-8cb3-9fdad3355b1b/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/b/e3/be36207e-a783-11ef-8cb3-9fdad3355b1b/673e500e879c0.image.jpg?resize=164%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce019fdf5ef58bd9f7f0f8c041682db9b1ea6efccddfdd26817f13bf600e4cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"7b7b1536fd1a88d2795558df19754e14"
age
158575
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 14:08:31 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=6349
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="673e500e879c0.webp"
vary
Accept
last-modified
Wed, 20 Nov 2024 21:09:34 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226374abba246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5444
server
cloudflare
slideshow
photos.register-herald.com/frame/ Frame 26EE 		41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
e0145c4ef32c0d2abc3daa1169286fe49461cf16ee6c881099398cd0ab5f868f

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Nov 2024 13:57:57 GMT
Server
nginx
Transfer-Encoding
chunked
cache-control
private, no-store, no-cache, max-age=0
content-encoding
gzip
expires
Mon, 25 Nov 2024 13:57:56 GMT
link
<https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-config-069300e7b97b546dfcf7a0a69c919489.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://api.smugmug.com>; rel="preconnect", <https://photos.smugmug.com>; rel="preconnect", <//videos.smugmug.com>; rel="dns-prefetch", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/widget_bundle-d444c68ccac9c24df76b208da45a8d91.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/gallery_bundle-4c94933ce49008d0f1dcb556c7f627ae.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js>; rel="preload"; as="script"; crossorigin
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-env
a=live, b=www, c=ec58e149, d=i-0c082db45bc47bafe
x-powered-by
SmugMug/1.0
x-request-id
cc9775fa
x-s
100.11.146:4145361
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
3/5 - Deliver Awesome
x-ttfb
0.0434
x-ttfb-l
15922
x-ua-compatible
IE=edge
6740e30f6dadf.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/e9/5e9aac40-765a-11ed-889e-6760cb3f2026/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/e9/5e9aac40-765a-11ed-889e-6760cb3f2026/6740e30f6dadf.preview.jpg?resize=154%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bb0f82681ca4b17ba49278bc70052a3723e2ada4bcc9a0598dcd1f60409c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"5da1d7cd25d07056de923e8c3f1a62d9"
age
204743
cf-cache-status
HIT
expires
Sat, 22 Nov 2025 20:01:27 GMT
cf-polished
origSize=8544, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Fri, 22 Nov 2024 20:01:19 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226378ae8a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8080
server
cloudflare
65dcdd970b59d.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/47/d4771f1a-b391-11ed-8ff3-eb9dbfb8ffc4/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/47/d4771f1a-b391-11ed-8ff3-eb9dbfb8ffc4/65dcdd970b59d.preview.jpg?resize=153%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc0358f1c76ca7437e0adfd927c5367f5827201112ec227c5bb9baa8436c5ed
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"fe72b0f7d790d2c8469620c9c013d35b"
age
19308
cf-cache-status
HIT
expires
Thu, 13 Mar 2025 15:43:02 GMT
cf-polished
degrade=85, origSize=10040, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Mon, 26 Feb 2024 18:51:04 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226378ae9a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7304
server
cloudflare
66b0c7d7c72d7.preview.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/cc/dccd4c8a-0f53-11ed-a23b-07939f478bf8/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/cc/dccd4c8a-0f53-11ed-a23b-07939f478bf8/66b0c7d7c72d7.preview.png?resize=155%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6511b9f6283c0284e354451a62b50b637fb55f63c4cb7b88d312e6e0e1899423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"599a8084be3c85c54c2a5274516a58c1"
age
352967
cf-cache-status
HIT
expires
Fri, 10 Oct 2025 17:28:50 GMT
cf-polished
origFmt=png, origSize=62571
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="66b0c7d7c72d7.webp"
vary
Accept
last-modified
Mon, 05 Aug 2024 12:38:48 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226378aeaa246-YYZ
access-control-allow-origin
*
server
cloudflare
65c137e735c6e.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/2/41/2418507c-a184-11ed-961d-efb9bc4aaef4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/2/41/2418507c-a184-11ed-961d-efb9bc4aaef4/65c137e735c6e.preview.jpg?resize=131%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2544873c9cde050a91b86eb99a2305aeeb5ba62a4a5a0e9d994e8c2fbacb366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"6876d423442a0eb809dfb4be86700d0a"
age
352967
cf-cache-status
HIT
expires
Wed, 19 Nov 2025 20:44:46 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=7088
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="65c137e735c6e.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 19:32:57 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226378aeca246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
6310
server
cloudflare
66def154edf28.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/e/b3/eb3a484a-2321-11ed-b083-73cbab17e1c9/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/e/b3/eb3a484a-2321-11ed-b083-73cbab17e1c9/66def154edf28.preview.jpg?resize=152%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5de348f617ee894c9c9851cf7ac48e9f6525e05a30d5415f7690a3e9afeb9b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"8d88527d450aa1954f1c8775cdb4be7c"
age
352965
cf-cache-status
HIT
expires
Tue, 09 Sep 2025 13:00:14 GMT
cf-polished
degrade=85, origSize=7325, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Mon, 09 Sep 2024 13:00:05 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226378aeda246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7048
server
cloudflare
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-119.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 25 Nov 2024 13:57:57 GMT
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-apigw-id
BzlP4HepoAMEY6g=
x-amz-cf-id
792XHe0qJjOvByE36YCnO1sZmYM2B0g0SgNJHdc6w4pMarAaUce1tA==
x-amz-cf-pop
JFK50-P6
x-amzn-requestid
0671f582-b3a8-4b82-ac25-c83e49dd326c
x-cache
Miss from cloudfront
record
consent.api.osano.com/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-119.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-amz-apigw-id
BzlP4FZBoAMECpg=
x-amzn-trace-id
Root=1-67448265-7f051d5f4388ecdf6ddb4c8b
access-control-allow-methods
POST,OPTIONS
x-amzn-requestid
0cac5d1e-0d72-4eb9-8705-e80cfceb8ebf
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
XK_B4FHZvsJr2T8tTYS2M_9MSL_WqpuxHiut5sOjNdE5EzUYIYNV_A==
date
Mon, 25 Nov 2024 13:57:57 GMT
x-amz-cf-pop
JFK50-P6
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png?resize=400%2C44
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"bdf93259bcd79bd4c05d76c1031b2fce"
age
478529
cf-cache-status
HIT
expires
Thu, 13 Nov 2025 22:48:25 GMT
cf-polished
origFmt=png, origSize=10751
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="627134b320195.webp"
vary
Accept
last-modified
Tue, 03 May 2022 13:57:07 GMT
x-vcache
MISS
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822635591ea246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5364
server
cloudflare
6740e7352b122.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/30/030098ce-a90f-11ef-b610-430dea8aa376/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/30/030098ce-a90f-11ef-b610-430dea8aa376/6740e7352b122.image.jpg?crop=1600%2C900%2C0%2C83&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52138849c09f70a1abd11ace9368267e599b99ac7d2a085f659b71efd74854d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ab87d39e21f638cf6c45ca1c22124bdd"
age
56103
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 02:19:00 GMT
cf-polished
degrade=85, origSize=30128, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Fri, 22 Nov 2024 20:19:01 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822637bb17a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
27520
server
cloudflare
673e258fdc7ae.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/a0/6a074028-a76a-11ef-a108-73b02461a352/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/a0/6a074028-a76a-11ef-a108-73b02461a352/673e258fdc7ae.image.jpg?crop=1755%2C987%2C0%2C96&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f706e0e18946e3f7169ac9c06dac7fbb0c686a0683ba9da18ae64919e644e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"f9a084ce3defa39184798c2e366ba364"
age
56103
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 02:17:44 GMT
cf-polished
degrade=85, origSize=28787, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Wed, 20 Nov 2024 18:08:16 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822637bb1aa246-YYZ
access-control-allow-origin
*
server
cloudflare
673fac5517931.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/4d/54d76e32-a853-11ef-a109-bfafd9ebc10c/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/4d/54d76e32-a853-11ef-a109-bfafd9ebc10c/673fac5517931.image.jpg?crop=1752%2C986%2C0%2C98&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8ec8afff835f923f221ffcdc2d917a9a26d87366f8f6566fabc484e56c944b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"670e3bf9bd4a485d4ee5c20017c6f8b7"
age
56103
cf-cache-status
HIT
expires
Sat, 22 Nov 2025 22:31:26 GMT
cf-polished
degrade=85, origSize=23202, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Thu, 21 Nov 2024 21:55:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822637bb1ba246-YYZ
access-control-allow-origin
*
server
cloudflare
673fb98c48200.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/81/0819283a-a85b-11ef-968e-27a14dd2836d/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/81/0819283a-a85b-11ef-968e-27a14dd2836d/673fb98c48200.preview.jpg?crop=800%2C450%2C0%2C54&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7489f0c635545a67cfbe23ed9463eceae16a3a45b168c3de04faa3e72b52ed8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"1e2b8544e34a5c18b2bd5360930e4987"
age
56103
cf-cache-status
HIT
expires
Sat, 22 Nov 2025 01:50:22 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=12166
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="673fb98c48200.webp"
vary
Accept
last-modified
Thu, 21 Nov 2024 22:51:58 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822637bb1da246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
10898
server
cloudflare
673bb66e67051.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/f/fd/ffd1131a-a5f6-11ef-ab36-97622b16457f/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/f/fd/ffd1131a-a5f6-11ef-ab36-97622b16457f/673bb66e67051.image.jpg?crop=1600%2C900%2C0%2C83&resize=750%2C422&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a2e11ca7eec8c417502083be1f1ab4739d7e88b9cf694fc7ad5a69195603c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ab15727f849fbe65bb845a5ad42a0683"
age
19308
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 22:07:40 GMT
cf-polished
degrade=85, origSize=78479, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Mon, 18 Nov 2024 21:49:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822637bb1ea246-YYZ
access-control-allow-origin
*
server
cloudflare
f1fb5d28-66de-11eb-b28d-872fffa55169.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/f1fb5d28-66de-11eb-b28d-872fffa55169.jpg?resize=300%2C159
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b14ed7784563efe04b1b2fb32f2955b1801d3eee2ab02bfcff3352ce5174d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"87534526e9d823d5e9146e2f2927c629"
age
19308
cf-cache-status
HIT
expires
Sat, 20 Sep 2025 10:20:15 GMT
cf-polished
origSize=12532, status=webp_bigger
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/jpeg
last-modified
Thu, 04 Feb 2021 11:48:49 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e822637cb20a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
11761
server
cloudflare
5ddb142e-32d6-11e8-924a-17d36ace6eee.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/5ddb142e-32d6-11e8-924a-17d36ace6eee.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302abe4269895e6318fa84b97d3f2ab3664bf26efdb824039ebc530a87ec9560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"5abc156b-259e"
age
17975700
cf-cache-status
HIT
expires
Fri, 11 Apr 2025 23:20:41 GMT
cf-polished
origFmt=png, origSize=9630
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="5ddb142e-32d6-11e8-924a-17d36ace6eee.webp"
vary
Accept
last-modified
Wed, 28 Mar 2018 22:21:31 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226389c11a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4892
server
cloudflare
673e59a20abca.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/7/36/736988be-a789-11ef-bd6d-b72133c9a5cf/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/7/36/736988be-a789-11ef-bd6d-b72133c9a5cf/673e59a20abca.image.jpg?resize=150%2C124
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f439ccdf94fcc068976d8f7449406fdf70fef61a68993a29b1bccbe169545f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"cd9f82af4832757a5ef5646557801ac4"
age
79916
cf-cache-status
HIT
expires
Mon, 24 Nov 2025 15:13:07 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=3867
date
Mon, 25 Nov 2024 13:57:41 GMT
content-type
image/webp
content-disposition
inline; filename="673e59a20abca.webp"
vary
Accept
last-modified
Wed, 20 Nov 2024 21:50:26 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e8226389c12a246-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3132
server
cloudflare
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-81.jfk52.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

x-envoy-upstream-service-time
6
access-control-allow-credentials
true
via
1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-cache
Miss from cloudfront
x-amz-cf-id
x4sC0TZE3zsgGbJRE5ZwzIZw4rnkOS2ylGEsGuQSxzp7HMHUhLPojw==
date
Mon, 25 Nov 2024 13:57:42 GMT
x-amz-cf-pop
JFK52-P4
vary
Origin
server
istio-envoy
sync
pippio.com/api/
Redirect Chain
  • https://idsync.rlcdn.com/712559.gif?partner_uid=93d4dd02-d69e-4beb-a312-0fd0dccc604e
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDkzZDRkZDAyLWQ2OWUtNGJlYi1hMzEyLTBmZDBkY2NjNjA0ZRAAGg0I1oSSugYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ca7cfdc34f20ea79ef12722b42d2d1a172360739a9710d6489c4175025cb3170791426b5417dce21&_=2
42 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=ca7cfdc34f20ea79ef12722b42d2d1a172360739a9710d6489c4175025cb3170791426b5417dce21&_=2
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=ca7cfdc34f20ea79ef12722b42d2d1a172360739a9710d6489c4175025cb3170791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 25 Nov 2024 13:57:43 GMT
d2984a93-a25e-430d-b5d6-d294643bb8ba
https://www.register-herald.com/ Frame 		0
0
3c19a4ca-d7d3-426c-a928-94100deb83a7
https://www.register-herald.com/ Frame 		0
0
5f3b1c0d-9c35-4563-81d4-b5cf4a1c3100
https://www.register-herald.com/ Frame 		0
0
gtm.js
www.googletagmanager.com/ 		219 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He4bk0v72758733za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
434dc4e3b0932d1c5a071c2a11bfd8836507fca8c8e0d296da3a0bd1643a8144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 13:57:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78274
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		305 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4bk0v72758733za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3eb9e800c34e51341ba2225b5dbd9553ca1cc2b6bd21e56c225a0b12d17fbdf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 13:57:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
88019
x-xss-protection
0
server
Google Tag Manager
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"mLYq618hJoRcW1Crupr2OQ=="
expires
Mon, 02 Dec 2024 13:57:43 GMT
accept-ranges
bytes
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
application/javascript
vary
Accept-Encoding
545ff71c-5293-44e0-994e-aec609247824
https://www.register-herald.com/ Frame 		0
0
06254738-42b3-4d37-8d1d-f913420ddc21
https://www.register-herald.com/ Frame 		0
0
967791ae-fa06-4031-a110-c133eddf7096
https://www.register-herald.com/ Frame 		0
0
6158c61d-09e2-44b2-834a-89d11bd3e446
https://www.register-herald.com/ Frame 		0
0
abe05761-20d0-45bb-9c93-de115995755b
https://www.register-herald.com/ Frame 		0
0
ddcd1810-781c-4cf9-ae5b-b33ded3f3cf1
https://www.register-herald.com/ Frame 		0
0
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D4QVJDNBRB&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8ce720b1232d318bff1d4a135d73d24f9ede705aefee9d5cefb6e0ca33629ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 13:57:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109633
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7YYJFLQXWS&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0093f277ed1defd462bf111a42834d6f496b11ccbdc9c725947bcc1a0b490371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 13:57:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109633
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
1527
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 15:32:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:32:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.127.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-127-68.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"665fad8c-9895"
age
10066
cross-origin-resource-policy
cross-origin
via
1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
expires
Tue, 26 Nov 2024 11:09:57 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
oOy_GwW4tLJ-5XshuEIUSP1mzQmgTaWV1t5ZGxi1rq-jj0CJqExCtA==
date
Mon, 25 Nov 2024 11:09:57 GMT
content-type
application/x-javascript
last-modified
Wed, 05 Jun 2024 00:13:00 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		308 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b7b891c46c15c2e5050863d8df48fd7681da0f5f08e93091cf4f21b7ca8da882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 13:57:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106450
x-xss-protection
0
server
Google Tag Manager
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		106 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
cknvhRie0d.5LSRvFhB35AONaxh2m0FR
etag
W/"ca62e8a5580d4550920a84f5b7875661"
age
80
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
628Ay8WsKNu3S9lsb8zxoroHwigCx3C1iQ7zLZajGVhVGMVFAL0TFg==
date
Mon, 25 Nov 2024 13:56:24 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Tue, 19 Nov 2024 19:35:36 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 7d0657ff87fb72111ec5925ada0e3d80.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7YYJFLQXWS&gtm=45je4bk0v9105969367z871530764za200zb71530764&_p=1732543061525&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1091792531.1732543063&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732543062&sct=1&seg=0&dl=https%3A%2F%2Fwww.register-herald.com%2F&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5996
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7YYJFLQXWS&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:44 GMT
content-type
text/plain
server
Golfe2
ed291c96-62f3-425c-8d10-08389240fb14
https://www.register-herald.com/ Frame 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4bk0v887101457z8861227858za200zb861227858&_p=1732543061525&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1091792531.1732543063&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&dl=https%3A%2F%2Fwww.register-herald.com%2F&sid=1732543062&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.register-herald.com%2F&epn.townnews_crm_group_id=13&ep.generator=BLOX&ep.generator_version=1.83.2&tfd=6055
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:44 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
561 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1091792531.1732543063&gtm=45je4bk0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 3CC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=1091792531.1732543063&gtm=45je4bk0v887101457z8861227858za200zb861227858&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=273716627
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=1091792531.1732543063&gtm=45je4bk0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1985640257
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 25 Nov 2024 13:57:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D4QVJDNBRB&gtm=45je4bk0v9101195585z871530764za200zb71530764&_p=1732543061525&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1091792531.1732543063&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732543063&sct=1&seg=0&dl=https%3A%2F%2Fwww.register-herald.com%2F&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&en=page_view&_fv=1&_ss=1&tfd=6127
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4QVJDNBRB&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:44 GMT
content-type
text/plain
server
Golfe2
/
register-herald-cnhi-pw.newsmemory.com/ 		193 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=37dc703a049847d0cb446ea6104f3e65&v=3&r=599
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
0764d7cc1d17ec277c8fdf2adbfcdde490ec9162afbe82665f5955b5bcd406a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Transfer-Encoding
chunked
Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Expires
Mon, 25 Nov 2024 15:57:43 UTC
Access-Control-Allow-Origin
*
Keep-Alive
timeout=2, max=298
Date
Mon, 25 Nov 2024 13:57:43 GMT
Last-Modified
Thu, 17 Aug 2023 14:18:11 UTC
Content-Type
application/x-javascript
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
rules-p-eb6rW8CarLDWY.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-eb6rW8CarLDWY.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-100.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"ea52eb301590b357d6e197d77eac3ab0"
age
1996
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
mP4bJyv31nlGYjaCGwWWo0wM4nTvbohsy6hdLV2T1kOP_pvACDsHPA==
date
Mon, 25 Nov 2024 13:24:29 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 13 Oct 2022 16:26:57 GMT
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 4667374d732461e741437d79cda68ba0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
160
x-amz-cf-pop
EWR53-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46311b08c6775f4a3598bec2532b2767d4c9ef866b8af6399e6cfa57079c4c38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
J6xG0q7LpAN08sdn9Kl4P8QPe085plre
etag
W/"9a459088a5d6405a19f4614acfb211d0"
age
6404
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
hsd7WSQV-wKNTM9ZLGiH-XW-gy0vCRL3zmlx8Xk2rIuIeaegtukpVQ==
date
Mon, 25 Nov 2024 12:11:00 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Tue, 19 Nov 2024 19:35:38 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 a086f9674a01c7542c440ffacd39476a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
tsub-middleware.bundle.c0f5511a001f780f591f.js
cdn.segment.com/analytics-next/bundles/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id
Vi.Yd9Ms0_IN3OjbGlsA.1p3ArQ5RR1f
age
4022771
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
WmUWXdO7-fXIQAjMoxe1wQNxj3INxfbDNQxbjM-pOh72NS964VPQMg==
date
Thu, 10 Oct 2024 00:31:33 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 16:14:51 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 7d0657ff87fb72111ec5925ada0e3d80.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
GiR62Ux0OW4CfaeO_9tu7jJVzc8iU6.K
age
5878892
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
0c0SlV7ATXZm5a6qy0juviKMtaAMfto4rHgAVLOvffSW3GsKAlQ6nw==
date
Wed, 18 Sep 2024 12:56:12 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 17 Sep 2024 21:59:48 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 7d0657ff87fb72111ec5925ada0e3d80.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
IKXrUoItkKbxZQ20ut9b8FhMghJH_Xd7
age
11320346
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
EFQrhFsnHkBtPsdsr582qAyMvdYxGyxufo83B3TcJ65YlzjzEvjXfw==
date
Wed, 17 Jul 2024 13:25:18 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Jul 2024 17:27:04 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 7d0657ff87fb72111ec5925ada0e3d80.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
p
api.segment.io/v1/ 		21 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.144.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-144-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.register-herald.com
content-length
21
date
Mon, 25 Nov 2024 13:57:44 GMT
content-type
application/json
vary
Origin
0f9e5fd7-b81e-4d55-8604-d1badaf18bab
https://www.register-herald.com/ Frame 		0
0
js
www.googletagmanager.com/gtag/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PM75X7XFT4&l=dataLayer&cx=c&gtm=45He4bk0v72758733za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bc6f4cf1c358a014ce748e0001f7ac8f7e76ef32b2e329a41cb43a608280f121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 13:57:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96059
x-xss-protection
0
server
Google Tag Manager
/
register-herald-cnhi-pw.newsmemory.com/ 		88 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&service=autologout&ta_MACHINE_ID=37dc703a049847d0cb446ea6104f3e65&r=1732543063842
Requested by
Host: register-herald-cnhi-pw.newsmemory.com
URL: https://register-herald-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=37dc703a049847d0cb446ea6104f3e65&v=3&r=599
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Content-Length
88
Keep-Alive
timeout=2, max=300
Date
Mon, 25 Nov 2024 13:57:44 GMT
Content-Type
text/html
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
advertiserwidget.css
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/css/ 		522 B
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/css/advertiserwidget.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-51.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"b325bb01ffc184ad1cb95dcd96959b45"
age
411326
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
522
x-amz-cf-id
JS7k9BSb49thqtNitto9T0frdxj9kpWxw9ecxuZssCxXP9cx1Q8mNQ==
date
Wed, 20 Nov 2024 19:42:20 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 16:06:56 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
advertiserwidget.js
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/js/advertiserwidget.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-51.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cc23a6e123ece3f599d95ffefb91725b6dfe5b0a58e305f2ff68e32de0617a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://www.register-herald.com/

Response headers

x-amz-cf-pop
JFK50-P4
content-encoding
gzip
etag
W/"6d6a4ec73953baed0275f2517593a5f8"
age
411326
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
G2nXv-N92Cpe_jHMKnNKzyyaR-4d0ft40r88hR1qo_oCvLfrxDE4lw==
date
Wed, 20 Nov 2024 19:42:20 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 16 Oct 2024 16:06:57 GMT
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/ 		3 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=490301710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1252009170&gjid=373747657&cid=1091792531.1732543063&tid=UA-3850501-28&_gid=735156526.1732543064&_slc=1&gtm=45He4bk0n71MJDQXDv71530764za200&cd2=1732543062235.1voznuyf&cd3=2024-11-25T05%3A57%3A42.235-08%3A00&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1526292841
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:44 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3850501-28&cid=1091792531.1732543063&jid=1252009170&gjid=373747657&_gid=735156526.1732543064&_u=YCDAgEABAAAAAGAAI~&z=816179416
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:44 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=490301710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAGAAI~&jid=1135228625&gjid=1890660081&cid=1091792531.1732543063&tid=UA-2313981-1&_gid=735156526.1732543064&_slc=1&gtm=45He4bk0n71MJDQXDv71530764za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1207919445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:44 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2313981-1&cid=1091792531.1732543063&jid=1135228625&gjid=1890660081&_gid=735156526.1732543064&_u=YCDAgEABAAAAAGAAI~&z=391847240
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:44 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/ 		35 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=490301710&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section&ea=Load&el=homepage&ev=1&_u=YCDAgEABAAAAAGAAI~&jid=&gjid=&cid=1091792531.1732543063&tid=UA-3850501-28&_gid=735156526.1732543064&gtm=45He4bk0n71MJDQXDv71530764za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1945391947
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
85559
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 24 Nov 2024 14:11:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
pixel;r=429436530;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.register-herald.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732543064674;tzo=480;ogl=type.website%2Curl.https%3A%...
pixel.quantserve.com/ 		35 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=429436530;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.register-herald.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732543064674;tzo=480;ogl=type.website%2Curl.https%3A%2F%2Fwww%252Eregister-herald%252Ecom%2F%2Cimage.https%3A%2F%2Fbloximages%252Echicago2%252Evip%252Etownnews%252Ecom%2Fregister-herald%252Ecom%2Fcontent%2Ftncms%2Fc%2Cimage%3Awidth.200%2Cimage%3Aheight.200%2Ctitle.register-herald%252Ecom%20%7C%20In%20Print%252E%20Online%252E%20Anytime%252E%2Csite_name.Beckley%20Register-Herald;ses=ebc5704b-d174-4df2-856b-fc86f3ee9aa9;d=register-herald.com;uht=2;fpan=1;fpa=P0-2072807851-1732543064678;pbc=;gdpr=0;us_privacy=1---;mdl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Mon, 25 Nov 2024 13:57:44 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type
image/gif
3jRcW6H_vG4A4ttJ6IlPnl4f_ZvcL7JRs1ixJ7AtVyXY_CV-xDtDebIKEbE6U_amXWYN55XbOVxSeVYi_alF7PzDziXrnmBqNUeIZFk=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/3jRcW6H_vG4A4ttJ6IlPnl4f_ZvcL7JRs1ixJ7AtVyXY_CV-xDtDebIKEbE6U_amXWYN55XbOVxSeVYi_alF7PzDziXrnmBqNUeIZFk=s42-p-rj-l68-e365
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
9e5cd0b67505ba3e1e301b171128e772daae859a213a59e33727d6e8dce9a11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
3492
x-content-type-options
nosniff
expires
Sun, 23 Feb 2025 12:59:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 12:59:36 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1135
x-xss-protection
0
server
fife
bgNrvQv2tackL0_vMN8_GwhwqiS-al1_XmOEMdxbTENkZcQg-edQ3mQSc3ppY8kpeayXGGcZztXBCoyIRyJrC1-5kSBe5dD1i7zc_Mw=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/bgNrvQv2tackL0_vMN8_GwhwqiS-al1_XmOEMdxbTENkZcQg-edQ3mQSc3ppY8kpeayXGGcZztXBCoyIRyJrC1-5kSBe5dD1i7zc_Mw=s42-p-rj-l68-e365
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
a592cfa47cff944d696180a4c0fa9962916c8df41c90b8206b0f8b642461a069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
1657
x-content-type-options
nosniff
expires
Sun, 23 Feb 2025 13:30:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:30:11 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
973
x-xss-protection
0
server
fife
vJ3cODeCzuqipEkvTtE6pXnhomuFUmhogMCLdq7ayiPjldFx73LSGkZcyK1kHHV-ONVZhaWGNTH4tC1SL1Qa1nMptrVgJXV6YX2NQdyf=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		885 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/vJ3cODeCzuqipEkvTtE6pXnhomuFUmhogMCLdq7ayiPjldFx73LSGkZcyK1kHHV-ONVZhaWGNTH4tC1SL1Qa1nMptrVgJXV6YX2NQdyf=s42-p-rj-l68-e365
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
f0102cb9a6e9af74148d61e73746b5b6aae509593724a4cda28a7c9ad1ad58c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
2480
x-content-type-options
nosniff
expires
Sun, 23 Feb 2025 13:16:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:16:28 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
885
x-xss-protection
0
server
fife
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-who
gcloud-web-2
cache-control
max-age=31536000,public
age
202135
via
1.1 google
expires
Sun, 23 Nov 2025 05:48:53 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22292
date
Sat, 23 Nov 2024 05:48:53 GMT
last-modified
Thu, 14 Nov 2024 13:56:30 GMT
content-type
image/png
server
nginx
b6JYiTqO4lIn6nk6nYifNdoUTuRzIVrzuk1cAcLh-GCgDdDMrm3i3BAyAvWYARbiOVGE-mWfTXq6tVl7AISmtDpvAX4X6g=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/b6JYiTqO4lIn6nk6nYifNdoUTuRzIVrzuk1cAcLh-GCgDdDMrm3i3BAyAvWYARbiOVGE-mWfTXq6tVl7AISmtDpvAX4X6g=w300-h170-p-rj-l75
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
0fc71cda8439726545be4794bc2c16ed5df27c185baee8b7f281ca257f2dac2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
241
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 13:53:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:53:47 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
15564
x-xss-protection
0
server
fife
HBSVU44RqJwDICFZgafmoIKGs9aVoXSJVLxtMpjAsEVtG3qR0zYLvhd4sGUTurTreIs2qMw01VxBRCpRu7m3t8EBpxKv=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/HBSVU44RqJwDICFZgafmoIKGs9aVoXSJVLxtMpjAsEVtG3qR0zYLvhd4sGUTurTreIs2qMw01VxBRCpRu7m3t8EBpxKv=w300-h170-p-rj-l75
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
253b7cdcc65cd837d1281ec2b677e0ae88e5cc98f009779a8d1fca001c55dc96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
2513
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 13:15:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:15:55 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
17950
x-xss-protection
0
server
fife
S-7Z2MTty0EFwbAgPAZAdTTlafYdXsWRPRE-wEE4EKxJllxyYdEY-g0m-wSCU3FfDzKRWTQLHpA1fatRm9QN9gA-zq2IqyIC_V2NiIWTZb1V=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/S-7Z2MTty0EFwbAgPAZAdTTlafYdXsWRPRE-wEE4EKxJllxyYdEY-g0m-wSCU3FfDzKRWTQLHpA1fatRm9QN9gA-zq2IqyIC_V2NiIWTZb1V=w300-h170-p-rj-l75
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
fife /
Resource Hash
fc80843ae4d14c53ef114d830c48869c1854c665d786cbcb28575f64e346ff35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
2340
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 13:18:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:18:48 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
15681
x-xss-protection
0
server
fife
65a7e4b2-336d-4778-880f-e4cfb740f3e3
https://www.register-herald.com/ Frame 		0
0
c2cd7aa5-5370-478a-ba70-73983986869d
https://www.register-herald.com/ Frame 		0
0
gtm.js
www.googletagmanager.com/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
cc4fcec4bf797b9b83493fa3bedff1bed1153d5282c9f00550bd9bbfab0d6ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 13:57:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81471
x-xss-protection
0
server
Google Tag Manager
config.js
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 		171 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5bfa2f97538e449ecc5f15b8c8fa7d206314d62fdfd92d7fabe28d3bc6e9cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"5d1faea179b6586a1b0673104c191df6"
age
575
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 13:31:22 GMT
vary
Accept-Encoding
x-amz-id-2
igfJ+7juRBybUW8al16zu6zfMRNuPSF/U53jPt2RNH6vRoI/tfCfyMhr3xELZFSu5+gPuGFJQX0F6m6cwgXOJPI8nj9ztg0q
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
Y5FH0CK4GVF4J3MP
cf-ray
8e822668ecdaac31-YYZ
accept-ranges
bytes
content-length
37033
server
cloudflare
x-amz-server-side-encryption
AES256
f27fa630-888e-4304-8b86-e5c87e8b6e98
https://www.register-herald.com/ Frame 		0
0
5d7a38f7-a083-4588-9d3a-0ba1c2882f44
https://www.register-herald.com/ Frame 		0
0
liveView.php
live.primis.tech/live/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
43904a7d56116ee8c6bd5b0a6f1d55c3cc18f374be0b810aa48afe552c79a8a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-amz-cf-id
mI9yQjTBFDtUiiYyjhSmPEgYfsdh9QSMgNs2QEXk6SH1FihYjYaFPw==
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 39a169e5169cc741a7c793f95d144134.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
PHL50-C1
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410281039/ 		297 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410281039/wrap.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c9169c2b7794bd05638c48d359e14f040e1129328b45836d4266ff6050ab3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"79984221516a05bb1ece450d155f0386"
age
1653197
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 28 Oct 2024 16:01:55 GMT
vary
Accept-Encoding
x-amz-id-2
0H3Ewif5W6vKEgiX5EKMbq0ZSAiio0SXOguVYainvSkRnYGlhV8l1CTazqbZMcs1UG4UA9wfWHk=
cache-control
public, max-age=31536000
x-amz-request-id
TF9MMA3TA4HA0SSF
cf-ray
8e8226696d29ac31-YYZ
accept-ranges
bytes
content-length
108040
server
cloudflare
x-amz-server-side-encryption
AES256
liveView.php
live.primis.tech/live/ Frame 933C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
558b0a8e2d822c10c1fa4c2ccba08c6759b7514368f7fc975154f006a3639159

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-amz-cf-id
s0bpoNEeocUBpuFu7jBvcX0yicji4EVrIimuzHMBU5FWgqGboEZOPw==
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 39a169e5169cc741a7c793f95d144134.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
PHL50-C1
deflate.min.js
live.primis.tech/main/js/ Frame 933C 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"64db4a53-3217"
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
RDm36dILokropt2MLVHg8N-Z3r6-td9qt2caUjM7Mtdc-ZzFR_Czxg==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
server
nginx
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
vary
Accept-Encoding
omweb-v1-5.js
live.primis.tech/content/omid/static/ Frame 933C 		44 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1-5.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
f7bc1865c10215913cd38a869630fd07c008811bb39ecdfc5b9d76a74a31b6b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66dd6341-b17f"
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
IRPNqN6VLGD-rHLnS88TnmctcEMC8ZsrPIN2tNjAypK8y4HdfwW8tg==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
server
nginx
last-modified
Sun, 08 Sep 2024 08:41:37 GMT
vary
Accept-Encoding
omid-session-client-v1-5.js
live.primis.tech/content/omid/static/ Frame 933C 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1-5.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
d7c25086a2305f99b43116f3935095d346eea4e1fc781bab31e81b6b9320032b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66dd6341-110bd"
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
LilW7tTipdtBY-O_g6UzxopSrx2StTake-YEbkLRxFDvHsYHo4V7Ig==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
server
nginx
last-modified
Sun, 08 Sep 2024 08:41:37 GMT
vary
Accept-Encoding
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 933C 		258 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"623b1723-409bc"
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
expires
Tue, 25 Nov 2025 13:57:49 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
dauqDBCTqnWO7m3B6JuPFP4WO3mlnfe26T34fdQw6UARTNi3PFahYA==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
server
nginx
last-modified
Wed, 23 Mar 2022 12:48:35 GMT
vary
Accept-Encoding
pal.js
live.primis.tech/content/pal/ Frame 933C 		181 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/pal/pal.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e8b425b0454dfdeaacc90a822297f5386f87aa23cdb769f6843bfdc48d87a2bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66cd7c4d-2d42f"
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
jABMASsAY-hNNK_MQebLv-5WM1tc9Qsb0UFlr7PE7Re8qKYlRV1v4w==
date
Mon, 25 Nov 2024 13:57:48 GMT
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
server
nginx
last-modified
Tue, 27 Aug 2024 07:12:13 GMT
vary
Accept-Encoding
prebidVid.7.16.0_29.min.js
live.primis.tech/content/prebid/ Frame 933C 		553 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
ea67ff6b5b7b47547079d888267aa933d278920933bf8d0b767dbbadb9a25be7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"66795624-8a3a8"
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
expires
Tue, 25 Nov 2025 13:57:49 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
I3oOL73BnhPfUWoUp3-uKPxVcbpOXHlklJ3Cr7af-1i-mxLzBsgTWw==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
server
nginx
last-modified
Mon, 24 Jun 2024 11:19:00 GMT
vary
Accept-Encoding
liveVideo.php
live.primis.tech/live/ Frame 933C 		612 KB
243 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31357D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=154.47.17.41&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732543069&csuuid=6744825da6b75&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6547&geoLong=-79.3623&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732543069499&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732543069&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
f0e29d5d3bf284f8502ebd9f0a9b1173315ded13d187ac563297a7ea58024b74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
9nWYf0lYNLkc09NR9pKlRfNK7n4t-hnp1LJuit2bbFDizVKeWPNbpA==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/html; charset=UTF-8
x-amz-cf-pop
PHL50-C1
server
nginx
vary
Accept-Encoding
primisslate.css
live.primis.tech/content/video/css/ 		19 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
c06615f65bbd0fd24a7fc98664ebe6cc69c165be8bf47181a45c4b5876e5471e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66f3c359-4c94"
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
gITFZHWkHIhjiOg6Z6oleOpRU3fcKHW9fepYIOobxQsQmLyrRexj2g==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/css
x-amz-cf-pop
PHL50-C1
server
nginx
last-modified
Wed, 25 Sep 2024 08:01:29 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 933C 		345 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31357D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=154.47.17.41&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732543069&csuuid=6744825da6b75&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6547&geoLong=-79.3623&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.43.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-43-160.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"812ceba01127f3bf5aede260eaddcd29"
age
1928
via
1.1 23bb75571f07e0a7a182023119364d7e.cloudfront.net (CloudFront), 1.1 ef47ae4ce1b368bee741646b5277e5cc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
0S5KJ1fQYWawKcvh-Kx7nZsURh2UpFERvH35eYRUsboX6suRVfnPjQ==
date
Mon, 25 Nov 2024 13:25:43 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:07 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P7, JFK52-P3
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/ 		838 B
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
8f9fce2d1efeb7ff84b096edcbd306fbeed42a83f2717b4d6e6a0502ce5ea160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 13:57:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 13:57:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9719 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=38148
content-encoding
gzip
content-length
6694
content-type
text/html
date
Mon, 25 Nov 2024 13:57:50 GMT
expires
Tue, 26 Nov 2024 00:33:38 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame F27D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=20455208-c6f7-426f-9261-95ebb7218b36
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=20455208-c6f7-426f-9261-95ebb7218b36
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=20455208-c6f7-426f-9261-95ebb7218b36
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-41.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 25 Nov 2024 13:57:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 15c2cf85eb6b1f3e4b8c8d0befbed77a.cloudfront.net (CloudFront)
x-amz-cf-id
EmO1J3r3xAzPetMlTNuWD1nVnhIncoZCxpojNZ1kOekbAloOcolf0A==
x-amz-cf-pop
JFK52-P6
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 13:57:50 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=20455208-c6f7-426f-9261-95ebb7218b36
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
x-amz-cf-id
2E-1Lb86Nl5RRO-xVqwZTs_5ZSF_NBe7-5UIyaylqfUohVXGhr_UFA==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
sync-iframe
cs-server-s2s.yellowblue.io/ Frame B295 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={{gdpr}}&gdpr_consent={{gdpr_consent}}&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D150%26advUuid%3D%7BpartnerId%7D
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
98.85.131.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-85-131-250.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.register-herald.com/
content-type
text/html
date
Mon, 25 Nov 2024 13:57:50 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
integrator.json
pubads.g.doubleclick.net/adsid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/adsid/integrator.json?aos=https%3A%2F%2Fwww.register-herald.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-afma-token-requester-type
Access-Control-Request-Method
GET
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-afma-token-requester-type
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 13:57:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
liveView.php
live.primis.tech/live/ Frame 933C 		89 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YmEjN2ZxNwt2Mmt2MmAjNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV014TURxoVcEWTROnx00TzcNq01EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrx15TXceNU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM016STFPVFE0TzcBS2ZRLz5xoaZSRC1YRxcZXl1UYycfQxp4OUFfozqnVU13TzRjOV9dZ2VbSEU5ZEUzqzyxX2NioaRyoaRsnWQ9NwAlMmU2JaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsZHVlYXRco249MmUzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD00MTI4OTE0ODpkMDMjMmY0NmA5Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmU3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42NTQ3Jzqyo0kiozp9LTp5LwM2MwMzqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0ODI1ZGE2Ywp1JzNvqXN0ZXI9MTpmMwU0MmA3MDE0Mt==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31357D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=154.47.17.41&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732543069&csuuid=6744825da6b75&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6547&geoLong=-79.3623&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
5d1806b1c3601ef9865da40a9aa8a53e968bba66e6ba2015710e33996461fcf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
j30GksmoNx_XsqyT3Yp3ctt6Mve-2pcpoq5kYSQtIWCMOVDxZza-5g==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
10941
x-amz-cf-pop
PHL50-C1
server
nginx
liveView.php
live.primis.tech/live/ 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpmMwU0MmA2OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmEmMTJEMmImNTVGMmEmNTqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmMmMkN0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNxM2OTZFNmU3ODqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MTU0LwQ3LwE3LwQkJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4WDEkJTNCJTIjTGyhqXtyMwB4ODZsNwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTMkLwAhMC4jJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NmQ0ODI1ZGE2Ywp1JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MmI1NDMjNmAjOTxzqWyxPVNyn2yhZG9TUGkurWVlNwp0NDtlNWRxNzMkOSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phpzVanXN0ZXIgnGVlYWkxLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD04OGNzOTEmMwMkY2M2ZTE1M2EmMDuuYmElNmtjMwM2Mt==
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
zYj2klL03-SYK_AZqqKSA0LVlZYMwp2xcX87p9GPGuoTgy3lC57qxg==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
PHL50-C1
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 933C 		35 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.22235.space.105129,adsize.400x225
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
date
Mon, 25 Nov 2024 13:57:50 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["oBrTqu7GvhS3RAjzZbAFBA=="],"pcode":["p-1ZHFxK2kGG5Cz"]},{"label":["bguBNbUeX1i0CBFEb/hMkw=="],"pcode":["p-1ZHFxK2kGG5Cz"]}],"trigger_data":"1"}]}
content-type
image/gif
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=76583ff2-919f-467a-bbbf-23cce8b35dc2&google_hm=NzY1ODNmZjItOTE5Zi00NjdhLWJiYmYtMjNjY2U4YjM1ZGMy...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEO6Wt4HkBiRtpioTIQuuZ1A&google_cver=1&ssp=sekindo&bsw_param=76583ff2-919f-467a-bbbf-23cce8b35dc2&gdpr_consent=&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=76583ff2-919f-467a-bbbf-23cce8b35dc2
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=76583ff2-919f-467a-bbbf-23cce8b35dc2
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=76583ff2-919f-467a-bbbf-23cce8b35dc2
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
OoCaQLxvKSIe9iY3cDEGH8CXDkQvyKScHJfBw3IzWnnMm8-qfS1x1g==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=76583ff2-919f-467a-bbbf-23cce8b35dc2
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
fNtjxi0WOwka4xX9KbiD86E1z1SwPCU-qZea3wLv53Tkd_utymRqBg==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
liveCS.php
live.primis.tech/live/ Frame 933C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=6744825da6b75&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=6744825da6b75&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=803bc1bf-640b-4350-b48a-c314858948a6&csuuid=6744825da6b75&gdpr=0&gdpr_consent=
0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=803bc1bf-640b-4350-b48a-c314858948a6&csuuid=6744825da6b75&gdpr=0&gdpr_consent=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
VQzZVtEchyMpIAdmnQtZmZCt4v-TSLmSnEtJZQfFQvCx3IgapxqcYA==
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
PHL50-C1

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=803bc1bf-640b-4350-b48a-c314858948a6&csuuid=6744825da6b75&gdpr=0&gdpr_consent=
content-length
337
date
Mon, 25 Nov 2024 13:57:50 GMT
server
Kestrel
/
csync.loopme.me/ Frame 933C 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152&ckls=true&ci=Q089xTIwNi&nc=false&trid=1814361460
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152&ckls=true&ci=Q089xTIwNi&nc=false&trid=1814361460
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 1b4fcdcf534aed5a7a4dae6e1d54fc52.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
E12CVTlUTF7xzeO2rq6-34dCFmHhgo2_uMCduC5dyBqO4OMpBkw5Og==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0SCXkt3uW0AAEAhAmWx9gAA%26152&ckls=true&ci=Q089xTIwNi&nc=false&trid=1814361460
pragma
no-cache
via
1.1 1b4fcdcf534aed5a7a4dae6e1d54fc52.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
1GbaTFk3ypgWtzccfOFdgCsQzyWZBoZY9aGSVeVeTbXBqTeYTsrwFw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=1159805321925012985558
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=1159805321925012985558
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=1159805321925012985558&ckls=true&ci=Q2njsltKQM&nc=false&trid=615286514
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=1159805321925012985558&ckls=true&ci=Q2njsltKQM&nc=false&trid=615286514
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 1b4fcdcf534aed5a7a4dae6e1d54fc52.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
vyKpZYnMOQahCrMZrUrepE-DPNhlaiAWr0trfkmbpEiOd9OPAuC8DQ==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=1159805321925012985558&ckls=true&ci=Q2njsltKQM&nc=false&trid=615286514
pragma
no-cache
via
1.1 1b4fcdcf534aed5a7a4dae6e1d54fc52.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
F9-n2vLbF3YdzWXN5EiF1JrhkMll6es5YQxM4V0YiRBayzx6INwHIA==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=M3X3ESS0-1I-3KWU&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3X3ESS0-1I-3KWU
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3X3ESS0-1I-3KWU&ckls=true&ci=mCvAtYKLF4&nc=false&trid=-750723812
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3X3ESS0-1I-3KWU&ckls=true&ci=mCvAtYKLF4&nc=false&trid=-750723812
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 1b4fcdcf534aed5a7a4dae6e1d54fc52.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
rYssAC9f436-FbnXYPFTh4EKxmNrpIscf583Oeyq5cSeJW4FejrQ_g==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3X3ESS0-1I-3KWU&ckls=true&ci=mCvAtYKLF4&nc=false&trid=-750723812
pragma
no-cache
via
1.1 1b4fcdcf534aed5a7a4dae6e1d54fc52.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
uRTFGh_I-1xi4oixCv_71pHpQjPTXYa6FZivmq7JhzphB3aCfsbEVg==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-wmwuMh9E2uIWCxdi3.i9meg3rHB6ZVhH~A
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-wmwuMh9E2uIWCxdi3.i9meg3rHB6ZVhH~A
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-wmwuMh9E2uIWCxdi3.i9meg3rHB6ZVhH~A
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
n6NZHM4nsTjs7VGK4kTZelNvVzPn7ZLwhL-vYpS6HA7rvTX68zPSbg==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-wmwuMh9E2uIWCxdi3.i9meg3rHB6ZVhH~A
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
cTmv2z-98yW7WoaWECd-FPzCr8VHIAa1vLvM2jorapDUHl2b9yxTOw==
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
getuid
ib.adnxs.com/ Frame 933C 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=0f82447de7ad4ba684e92174035abd69
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0f82447de7ad4ba684e92174035abd69
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0f82447de7ad4ba684e92174035abd69
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
iE-xkEHnR5a0LvWa_LZVsl9FGmk4ceyRvZ-89Meha_Zd5e2FsthwTA==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0f82447de7ad4ba684e92174035abd69
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
jz4m7ZF9Y89wsoS0PRSAqgNWd7xkaFCp1QV3CTVoWlo2iTRIOz4Q8g==
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=6744825da6b75&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3755446787584945000V10&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755446787584945000V10
43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755446787584945000V10
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
glXCo25QkU3cDUImNoNMdGBHqEmJ-7j0pcYOCjQBHxB73AzKiKI5QA==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755446787584945000V10
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
F4sdoY9wBN16sy2yNx0NuJXmT-i9-tq-XzZ21eQg_tE3hl2eauMcPA==
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=JueFALZHDYU1yR7BRmeUTYAN
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JueFALZHDYU1yR7BRmeUTYAN
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JueFALZHDYU1yR7BRmeUTYAN
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
u5L7CBhKHsNPYprjxMoDiowBP97yvCOThw8yW5Y07tZ7n6_QYLKI7A==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JueFALZHDYU1yR7BRmeUTYAN
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
dLrPzBxaMcQhC_kuxXqZrLfgflLypjOeKzEz8DZOWqKdMm0vM8jizA==
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=b124a91183fd2df8ff27d84ed248b42d&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=b124a91183fd2df8ff27d84ed248b42d
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=b124a91183fd2df8ff27d84ed248b42d
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
XB8X1BSDdBj2_b2PxsjvISharAjQXX_nJeo5ZLyxPW3Ztol8OJBpag==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=b124a91183fd2df8ff27d84ed248b42d
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
j72YLoIC88FmT62ALwi7p5h2pE1spp6khP-S6-lMqVJpt6y4kD7-vQ==
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=62dd1df3-1bae-4374-a3d4-c172d32d7575
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=62dd1df3-1bae-4374-a3d4-c172d32d7575
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=62dd1df3-1bae-4374-a3d4-c172d32d7575
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
Qk7phVnYqyy9rWqypggg0nBPSNl2G4loVTAkKtnrVeoScBMNzL783A==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=62dd1df3-1bae-4374-a3d4-c172d32d7575
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
MWHs20SMBusu4gc_r1Keb1GJV2pOMu403uKFWT-_QssCwau9Ls1w_Q==
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D%26gdpr%...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5816107978324444555&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5816107978324444555
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5816107978324444555
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
lFfs9Z9bw_vnPLhVzqq4OeDZNeAZ1HUi1RgPWf4VvYhgYiYjOsMbxg==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5816107978324444555
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
wTs5RSzAYcS3jFx9qvKPYhw9BMiVSaPK-MeJnXPes_7mJEnS3K8AdA==
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
cookie
cm.adform.net/ Frame 933C 		35 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=dc2f70f1-9ef2-4c3b-9475-5e5c0c68b255&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=dc2f70f1-9ef2-4c3b-9475-5e5c0c68b255
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=dc2f70f1-9ef2-4c3b-9475-5e5c0c68b255
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
JlQe4WxXTQ3krJ72tS-rvfQ-dfDW74fsDY-xcaBN2Nd8K-72c0dGgw==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=dc2f70f1-9ef2-4c3b-9475-5e5c0c68b255
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
gxN5hs_5To3_cohfIt6uVgMXuu-94CPGS53Vued3sHPn44UD5QM6SQ==
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1732543076764
  • https://ad.turn.com/r/cs?pid=45&id=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005&rndcb=7713406222
  • https://sync.1rx.io/usersync/turn/8433961793956537802?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-2a...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:53 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
6KjSu8-H9_cvqF6y7wU6dFbutClyC1x-FjajHULx6rRefe9LMFnOOw==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
EofmpMgzxuzer2Ij_Mib6BDHXAiVFmEtahhnl9uIVP81Y9ajMXoU1A==
date
Mon, 25 Nov 2024 13:57:52 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 933C
Redirect Chain
  • https://sync.kueezrtb.com/api/user/pixel/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D151%26advUuid%3D%24%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=151&advUuid=da3a229b-175c-dc4c-1a9e-b1218dd9c244&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=da3a229b-175c-dc4c-1a9e-b1218dd9c244
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=da3a229b-175c-dc4c-1a9e-b1218dd9c244
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
3.168.102.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-109.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ce2e89e44d58ce842c3a3f58083fd886.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
image/gif
x-amz-cf-pop
JFK52-P6
x-amz-cf-id
o8vCiO_amzGG89lPjieuUgcb9PR7n0mdtJUzR71Pn3gAld3fR-sHNA==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=da3a229b-175c-dc4c-1a9e-b1218dd9c244
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
XvqGmMCHc6OOJYEbOt2vTexxtu88oZ-2mehaWq7G8FVi1iawrocqcw==
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
PHL50-C1
server
nginx
r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D154%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
sync.ingage.tech/ Frame 933C 		42 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ingage.tech/r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D154%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8e82268a4b94aacd-YYZ
expires
0
access-control-allow-origin
sync.ingage.tech
content-length
42
date
Mon, 25 Nov 2024 13:57:54 GMT
content-type
image/gif
server
cloudflare
integrator.json
pubads.g.doubleclick.net/adsid/ Frame 933C 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 933C 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?tid=pal&tv=1.0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
87595df705a75dd3e8f9846b17872a78bedba5d1b6c9978ac63b2a450b68bc7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
9045
date
Mon, 25 Nov 2024 13:57:50 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
vid5df325c107fd6863863006.jpg
video.primis.tech/uploads/cn12/video/users/converted/22235/video_5df2c67d5a683172725343/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.jpg?cbuster=1666108075
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
7eda0362241e856b49d35ad100cf46a98f0a939ecde278b923e8e33c527e6c41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"55e447d3eb928efb87b702998e057795"
age
8167
expires
Tue, 26 Nov 2024 11:41:43 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KG3YHAGtzI9PK8afuCHR90AOrpHxD2OcqS0Ehvwry3530aLQ5xxTmQ==
date
Mon, 25 Nov 2024 13:08:22 GMT
content-type
image/jpeg
last-modified
Wed, 18 Aug 2021 17:25:55 GMT
vary
Accept-Encoding
cache-control
max-age=86400
via
1.1 4a21175361a1e842a337986b5f7399aa.cloudfront.net (CloudFront), 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
13341
x-amz-cf-pop
IAD50-C2, PHL51-P1
server
nginx
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://fonts.googleapis.com/

Response headers

age
210855
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 23 Nov 2025 03:23:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 03:23:35 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
liveView.php
live.primis.tech/live/ Frame 933C 		112 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YmEjN2ZxNwt2Mmt2MmAjNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV014TURxoVcEWTROnx00TzcNq01EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrx15TXceNU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM016STFPVFE0TzcBS2ZRLz5xoaZSRC1YRxcZXl1UYycfQxp4OUFfozqnVU13TzRjOV9dZ2VbSEU5ZEUzqzyxX2NioaRyoaRsnWQ9NwAlMmU2JaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsZHVlYXRco249MmUzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD00MTI4OTE0ODpkMDMjMmY0NmA5Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmU3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42NTQ3Jzqyo0kiozp9LTp5LwM2MwMzqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0ODI1ZGE2Ywp1JzNvqXN0ZXI9MTpmMwU0MmA3MDE4OQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31357D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=154.47.17.41&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732543069&csuuid=6744825da6b75&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6547&geoLong=-79.3623&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
3679bef18c46a0dece77cbd2f546a75275afbf6ce8e793123e477c269d361560

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
lhyTyPvdZ4eV--BFf-hzaxlhLDB6cZbuX5SNk1umSXLzGsuzperBDA==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
13827
x-amz-cf-pop
PHL50-C1
server
nginx
liveView.php
live.primis.tech/live/ Frame 933C 		87 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YmEjN2ZxNwt2Mmt2MmAjNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV014TURxoVcEWTROnx00TzcNq01EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrx15TXceNU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM016STFPVFE0TzcBS2ZRLz5xoaZSRC1YRxcZXl1UYycfQxp4OUFfozqnVU13TzRjOV9dZ2VbSEU5ZEUzqzyxX2NioaRyoaRsnWQ9NwAlMmU2JaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsZHVlYXRco249MmUzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD00MTI4OTE0ODpkMDMjMmY0NmA5Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmU3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42NTQ3Jzqyo0kiozp9LTp5LwM2MwMzqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0ODI1ZGE2Ywp1JzNvqXN0ZXI9MTpmMwU0MmA3MDE4OQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31357D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=154.47.17.41&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732543069&csuuid=6744825da6b75&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6547&geoLong=-79.3623&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
ae6d05d8b42ac0823f2c6cce3c90be01e14c422dba16bfb3b707ec6a8cfd10c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
xME_YLRQO_i9yCQJvalbFw3Kzek7y1vk0j_AGyjxKrnWPeUqzPQ3VQ==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
10671
x-amz-cf-pop
PHL50-C1
server
nginx
liveView.php
live.primis.tech/live/ Frame 933C 		89 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YmEjN2ZxNwt2Mmt2MmAjNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV014TURxoVcEWTROnx00TzcNq01EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrx15TXceNU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM016STFPVFE0TzcBS2ZRLz5xoaZSRC1YRxcZXl1UYycfQxp4OUFfozqnVU13TzRjOV9dZ2VbSEU5ZEUzqzyxX2NioaRyoaRsnWQ9NwAlMmU2JaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsZHVlYXRco249MmUzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD00MTI4OTE0ODpkMDMjMmY0NmA5Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmU3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42NTQ3Jzqyo0kiozp9LTp5LwM2MwMzqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0ODI1ZGE2Ywp1JzNvqXN0ZXI9MTpmMwU0MmA3MDE5MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31357D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=154.47.17.41&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732543069&csuuid=6744825da6b75&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6547&geoLong=-79.3623&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
7b703a452205328916cc90baac38151b01f36c21b74e2bbef2de62fa32c1a307

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
Y87aJUaUA4IVqOlzh-Zv2Yaxz9o9ZdWr_bkz40FzZOXqMLugwST2Xw==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
10943
x-amz-cf-pop
PHL50-C1
server
nginx
liveView.php
live.primis.tech/live/ Frame 933C 		121 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTIyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YmEjN2ZxNwt2Mmt2MmAjNv5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrUjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV014TURxoVcEWTROnx00TzcNq01EWXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrx15TXceNU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM016STFPVFE0TzcBS2ZRLz5xoaZSRC1YRxcZXl1UYycfQxp4OUFfozqnVU13TzRjOV9dZ2VbSEU5ZEUzqzyxX2NioaRyoaRsnWQ9NwAlMmU2JaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK01yYXN1pzUeSW5apzVxnWVhqHMzqzyxX2NioaRyoaRsZHVlYXRco249MmUzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD00MTI4OTE0ODpkMDMjMmY0NmA5Jat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmU3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42NTQ3Jzqyo0kiozp9LTp5LwM2MwMzqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0ODI1ZGE2Ywp1JzNvqXN0ZXI9MTpmMwU0MmA3MDE5MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31357D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=154.47.17.41&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732543069&csuuid=6744825da6b75&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6547&geoLong=-79.3623&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
c2d94f97927f2485fd03702dce415d8c7b11b94e57b9dfdef27704a8fadd266f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
0NAd-xyGYko2esqUsChXirAXeujCs1DsAhYqkRHCCPCbTPwk6uCh7Q==
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
13482
x-amz-cf-pop
PHL50-C1
server
nginx
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 933C 		0
0
xdEizrWJ.js
tpc.googlesyndication.com/sodar/ Frame 933C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/xdEizrWJ.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
2529
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 14:05:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:15:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
15273
x-xss-protection
0
server
sffe
liveInternalSsp.php
rtb.primis.tech/live/ Frame 933C 		51 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgXG9m2wjS%2FmSZhXhBk3%2BjDS8TpeR5zenZczyi7x1GgtWbMooPxxOST%2F%2BfZMzSjSRtlCUmF2AMnKWVVye9qeWlsBKraowhPS7urhKq1e9iHpia%2F90JXJpxOlNJTooecKu6rzcKCAZkXzWfyYpRyhJLaNWJwv2TV%2FV%2FV%2F1sSHcta4TaMtgJzEjOXZUNx%2FyCVwC0bXE8xRYbkurlnXD1R7YsNh0W1J%2BPBqnSIScYCPI9SXB%2ByUKrJp6YmhsVZFI0kRk%2FnA1DljzgbqMUa%2BNp1rkBKx9CnoFA7vrpNlUa%2FFITE3kPYflnnzQlr2DankSRzq6kXLSt7h8lX1FwvOJFzS9FqxHOnUO5JFa10BCA%2B3qNS1h0hxFs8jSaTQ6D4l9pUcLL0TNJfumKduzKWVUnmVeLMjHr31Dqmwn9AzFO59DgDrye%2FxTSFJ24U9%2BCIos%2F8W%2FHOsFAf2jcxs0jCz6D4T%2Fu12yRcPt3we4QKD%2F1iqDlAy7xl%2BrsXl9FBXZK7dBn%2BkOO73JrZCI7oOc4wzXmNlRrbkxdvpFCgv5Fhy1Dmje8bVnd1OvSQTvGYv4bwCSvbhvWFjvGzwoJuIIbeUxDGp%2BdLEyNeV4jVyDkpjds1WcyyXuOKMPyYIFLyCZWaC8FUqq2msIS35QqIjiEd5Lpb%2FwkKx9J%2FNwqWHdF1JRsI4G24wQihxnqmGD8NuPiO%2FtjJgVSl71V4Ub8j6WcZag3SIHzryD2Lw1PCyz3oCkPzOQZNsXXGNPs%2BAcR%2BdxckRGxIpqkITgJMhMJW5xy%2BRIR3SVoGlhme3BECqOv8ijU35EflVi5KI5u3xetorDfOd%2FKWBr%2BhNKNmbh1VyrVbR5BOBlOXD9BQRRdf4Es2A1M84gEAZB%2FVcfK2d6adKKYJFZrmwU8xI1CRaU2TdKRO0fGf1HvDbZhuArwbr8MRhPECXA8Ry4EeWj0epFVukfY%2F1krn9NWtcdsczz%2Bjz0Dy%2BCbzy9xf7kpIgncyolw1SR1oN9kk1LXdvtyFAZHEV3X9nS94zNa8Ld5Ham7cTfZLQgE5czSXIt9fbOkdFMyfBLFq6YyxKWzJs7iBBUa3wyI4LgThAnKBv3kmvWaQFuF9mQRvU7brhNteLheKHFExz%2BUFuqZtbWknPeEKNab9Xe5BCOFOsWj0R8fOz8SJnrlThhCRCBqY8TWSMbmAOciTg4fZ8tdnFJpx3QNngkSO4A%2FPW0mzFMZSf%2BdR1mrqGEsua4kjX1WYeknYJl2cuZKndWXvwEKAzXC46oZbNNKASOUKHvEVCFtgKvvFfiZoAYK2d7yCrniaO3UleDteHySPE3mXCdJY4FyxkPSHJbCySjmNMakutox3y8ixIIIPhrfxnovLCyl6LBBcX0LwdbNdM5CClXUbbmEq4%2Fjv91LTIUBlEBE%2BJVQ7q00%2FHB1XH4INPYbHAiyJaJ3drFISTZPgRs2yGrz2snpEVkCY25VxTy1ktIlgG5HWmVPGECpnVqXYwoMVNCMwXEzqJbDjF5xyJUYCnXkTzpbcqBUMY%2FwuTYdG94%2FhEpG7v%2FB01IGRqnnQRrfbmOv4EZJBwBHSuKwoAEOF8gX2RIaBLXNwjazgz1Yk4X0utRUQ8bG86IxS0IguzOkQNutJ8BWCLPJe4o%2BXXk%2FSY6XBxxP1AuGVcv5jmG55eSBlX7t29ey3B%2BT2%2BXsDloX4e4vJcqVROI8K8e8D47ZM8DfuxEbB3f3YNZbaCBeatinbYDLy8DoAXp80z2PksLnGADXqwkqzv%2BaMeMs6zyv%2BL%2BUeiJSF7%2Bp3aww4qw99gshbI4sUEGAOfCjven6raeKy2%2BQSWQGxMaz2PcDn4qaN6Ci68DVtrl3435qAns3d2IaQ2C6ualfiLFehEueZfJkjFVkTL%2FlCq%2BnvGnL9WUPK6H0%2B8NKiI2V8MIwrr41cj4eMQe0pdhPyTDLilMeIpR9RSfBDPvdLa7OPtTj6zUs7td%2BILCdhlNYvLHW%2BS4DIqmH7xWavFbG%2FguYwe%2BE79mmBQ2l2e0mBoXNKETE6eoiBhM9WG2H7N2Z7QTOKLyOplO%2BNj59CBm3uFv1gihA2LrB2KEwVdVHtFwBdQNvk%2F5uEGhWs0pQK8R9RYuyJQGFTpafOSspp%2Bkzt2MaxOXkTPC9LSJ6eOZIhC9aBt%2FXM9jgduVv1V0eE4HQXhwYepoBYPSOiQwKt8c36MLAzIuqhK%2BXqggAXpr3WsctrXbpcgSFaFNUkSKd6U1cBZfcBHo8YFS986EkbygA%2FcvfN0D%2FCMk3MtJNJzMdjn4IINegw%2B%2FsoiOKnpwhYRox3PbjC29wFvD4pSSmUHPnMAhB7Tu6h3B%2Ff9Ah%2F37MQv3hK5bF7ff9gDBmmr32u0M1rY5vEQ51jHUM5axH%2FEXiGxZBkU4pl%2BtGI%2BC8FeR50pizLHFVAbPBCh%2FPqeiHiTswHuAJNhjDIg8QIy0r%2FwjKRAcOHRA5eEG4N0Sn5q8RRAckXkEvYoMrPmTBk2pvFOMuwjAsFfE%2BsfRCQ%2BLmIr0XAoOrJx28OY0f0TOA9%2B2NOaAFQrPGtQ0dfmg2Sh4Qnr7JrDg6SgYvkejs8m7BZp2vBjte%2FqxDuFyZsWDjSktfRrmCYNUxwfEri3HjKBtfOHVtfD8%2BmE01l78wDBovszjwszjw%2Fw9gI%2FdO7qu6Od7soWL7triefqmpRuRY08NIdG2QDlPkJxoCD0W47juGQaDnNBKOHRboSsfovVo5q2QxuLvinCRdXqfrl%2FDfUQwY2mrWpXAMWUrJN6jCmDgw4uaCwvY3i9mkZjNH4gItO%2F5bHA7H9noLaz68tHhwm3vUtqP7RD60974aj5r9qtefXzTnA0XysU8sKPbzKBdM4DTJUVC05eSJbc5e3D7oA0Vo5q8PvgovivKK0vUAF9lAv0gQ6rp87ZEodggr9%2FO0D9aWOkSEu8%2B45v0Qog8o7A2N00ti7%2FFR2fSWeY7%2ByJ4bnCSEHWKUcdJXiXNwFe%2B82pseALj9xP0mG368AhFQ96hvw0pq%2BEFtmyb4JqS6QTfMt9eU9pB7Zsx%2F8P4g8H4xz3j43grpNiHrH9UB9L543le%2FsiC%2BFip1QlhLR7ZYjge1Onm3oXXCqmrfu2NnC7KxLZZeh4IRZuRW4O1nN%2B4qATji0VeJ%2F6AUeR%2Btt1ygZwyvMMp5ptDq4yZuAHqPWE75YBE4zvkicrwap1h42bsZS%2F62uYbq2O2E7QmNmpBWOIS7H5%2B9P1Ja6QHi8eDsk%2Foy%2F3e7UcViqGJvAtSpWw09d119NRG7OSxrwkEYBhvyRn4x8M%2BCchl8nCaD9OeHV36EXJ725GrHo9rO4962UIJ%2BX8LkUeuy6R4kqpBUW%2FxM3ZM5i4H1EtKEyXyEhX5bQhOUgDCjQ0QIPmLbvY5f3xAYGZWR%2Bm9s8COP4WeQUBLAtsunBvHCJIKw8lzG4%2BG2mwAkMgvtCPmI8xR%2B23xGmkstbdxsNfbrGrHY38yM1toU7uY0FXSx6peWE4kKO6VcWdqKNuNN9KHcHqdtlNbNyky%2B8dqnNHx%2B5%2FA4C5fBpgysAWwFbWe7IchXMOMtf4YjWRdUFp%2FmUu263mZOMisGUBznqUah8oWBLhb0rV0SHefkV4%2FQUIrPjYcg1TJC%2F7WMpJKtSAzaiICn3mzzEAtdWvrusl64fH9V%2FJEnNvTYVlTwzGD%2FuHgG4AhrmuAirB02XpDTK%2Fwt6g6CpDx8QvDyGeFfOt4AXXWpcoGF8Zh%2B4QExi1BnNoAaYGxJ42mtbJmeMDGXusod4pxC4LHIQ9mTPjvrASJEnT8HuM9zHLVh3bTHavRVnZm%2Byy2lRA%2Fg9OZRJvWzzMHwKwA8VYLJMZYxeaNGdzQFipDlOE%2B1EJmA28VuxN8IkprOGkUrlhRLCeEn56rFJt7PAffT7XAjczlIs8ogx2M3RLF%2BWdfv1LBjck52IgiFE9BMmEtwqvXEh2otfpAwQ1BoPuvyVeKA%2B%2FD8o9XmoTp%3D%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
653e273bbc432403bb37db126e8e43f758c7bd998691759be0bc2b3f4515b274

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
hZrdh0fvQkU6_t5OybbjC0JQtaSc2dSTlVkdf5XeoItLREVRPHiYEQ==
date
Mon, 25 Nov 2024 13:57:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 39a169e5169cc741a7c793f95d144134.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-amz-cf-pop
PHL50-C1
server
nginx
liveView.php
live.primis.tech/live/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNmMlNTQmMDpjJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTplNTY4NwUzrD03MwAzrT00MDUzoXN0YT0kNTA4OTQ2MlZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuYMTEyM0IyMwBMnW51rCUlMHt4Ny82NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMmEhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY3NDQ4MwVxYTZvNmUzpaZhPSR7VyBsUyZOX01BQ1JPsSZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZjoGFwZW1yoaRTqHJyYW1UrXByPTMzp3NjX2y1pm0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MmI1NDMjNmAmNDtzqWyxPVNyn2yhZG9TUGkurWVlNwp0NDtlNWRxNzMkOSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phpzVanXN0ZXIgnGVlYWkxLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQzpHucZD0lZzY5Ymp4MDuvNmU4MDI4N2IjODt3YzRvZWElZwyuMt==
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
max-age=315360000
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
h3VOTVEpGku4bWB3T8aMdAJlcHjtVJ7vX7ggboG8Q2OtvRR23oXKQg==
date
Mon, 25 Nov 2024 13:57:50 GMT
content-type
image/gif
content-disposition
inline; filename="pixel.gif"
server
nginx
x-amz-cf-pop
PHL50-C1
prebid
id5-sync.com/api/config/ Frame 933C 		167 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
2940655625cbe9168662c87a72288297d67e21a12ca7b63954003dc7bb0410f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ Frame 933C 		0
0
id
id.crwdcntrl.net/ Frame 933C 		75 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.244.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-244-46.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bb791387fa1983a4a63dbb631b6be72e9dac73ab30b3b0dd2f087140609ddb27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
75
date
Mon, 25 Nov 2024 13:57:53 GMT
content-type
application/json;charset=utf-8
x-server
10.40.50.22
server
Jetty(9.4.38.v20210224)
rid
match.adsrvr.org/track/ Frame 933C 		108 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
39687c06f987637997be6ea0dbbb41ccba20f5fed9ec8d031ade18397c790e61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Wed, 25 Dec 2024 13:57:51 GMT
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:51 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
LVEN46HQ.html
tpc.googlesyndication.com/sodar/ Frame E933 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/LVEN46HQ.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/xdEizrWJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
8534
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:15:11 GMT
expires
Mon, 25 Nov 2024 14:05:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ Frame 933C 		45 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
b5577eb0bfbc45da8ed23f70e4975217dbb6d4eac9c9d5f5955c74e520f8ac46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:52 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
212.json
id5-sync.com/g/v2/ Frame 933C 		638 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
993e22be16263bfdf8ed1aeb5d1abbc9b2c1e518dd6c12743ec560d46a5f4a1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
p3p
CP="CAO PSA OUR"
date
Mon, 25 Nov 2024 13:57:53 GMT
content-type
application/json
vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame 933C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?length=936&loaderinit=1732543070156&nonreq=1732543070157&nonload=1732543075161&lid=1&sdkv=h.0.0.0&palv=1.32.0&e=95320804%2C95322027%2C95326337%2C95331589%2C95332046%2C95336958&id=pal_html5&c=2458219410356579&domain=www.register-herald.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 13:57:55 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
chunklist_480.m3u8
video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/ 		311 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
59849adf8b0024a44b3532de1ae3e4de887df7242939e02b26173441cf36d3b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"7adbb2d4944dd2f08a4f3d02b25e7ba0"
age
73570
access-control-allow-methods
GET, HEAD
expires
Mon, 25 Nov 2024 17:31:47 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
wZ3jWKAsE-ud4OGiKOh_Gn2TmlP8aHubvi3smLK6A8BXgDNVIepARQ==
date
Mon, 25 Nov 2024 13:23:42 GMT
content-type
application/vnd.apple.mpegurl
last-modified
Thu, 19 Aug 2021 01:48:50 GMT
vary
Accept-Encoding
cache-control
max-age=86400
via
1.1 61aaa713659e16ea5564e9032008b4e2.cloudfront.net (CloudFront), 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
311
x-amz-cf-pop
IAD89-P3, PHL51-P1
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?network_code=9869277
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
3deff99cc649273d38db2a3eed704caedf44b7f87a82e1595384f93a7470bc47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
546 / 20052 / m202411180101 / config-hash: 79477889192541496
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 13:57:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33428
x-xss-protection
0
server
cafe
prebid-analytics-8.50.0.js
a.pub.network/core/ 		621 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-8.50.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d720517727209364c05e7923b20067950059abd5bdacd5b80ebf1850b2b920ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
*
x-goog-hash
crc32c=AdPHhw==, md5=GrR2UL+h2/73CeG/ZZ6D6A==
cf-cache-status
HIT
etag
W/"1ab47650bfa1dbfef709e1bf659e83e8"
age
59053
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 24 Nov 2025 21:33:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
635496
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
text/html
last-modified
Mon, 21 Oct 2024 20:57:18 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC6ik1VWF27WMLOTXFENyDNUGle0yG0lwxZzb28NLSaTBUU0XZjSwF04IsvRiQyM6fnhcuo
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31476947
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e822698beb9ab51-YYZ
access-control-allow-origin
*
x-goog-generation
1729544238803279
server
cloudflare
pubfig.engine.js
a.pub.network/register-herald-com/ 		377 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/register-herald-com/pubfig.engine.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc6c096296ab210888d390eedb0f52d963077a4dc083bd08e5c6e074c79d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=aUUJYg==, md5=HXJt7e88hXLDxeefUqiCYg==
cf-cache-status
HIT
etag
W/"1d726dedef3c8572c3c5e79f52a88262"
age
158583
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 14:27:57 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
385821
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:40:56 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4PKl0c9TPbR90THih8hYi8XRuACduAO9aYsbBgR17m-5E-97IgXhZANIpeKs9gTdljo-E
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e822698cec4ab51-YYZ
access-control-allow-origin
*
x-goog-generation
1732034456694177
server
cloudflare
w_480_00000.ts
video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/ 		275 KB
275 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
0a5373aa300072621c7944345101c731b0942f4beb48f016c2056d413bd9fab9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"48bf49161540eeeb08dee634129939a3"
age
57053
access-control-allow-methods
GET, HEAD
expires
Sun, 08 Dec 2024 22:07:04 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
REPR540LZibgwGmxTKPwLLDJASy0e8CbBv3r8zTcJAx6ue-Qs8w9uw==
date
Mon, 25 Nov 2024 13:23:42 GMT
content-type
video/mp2t
last-modified
Thu, 19 Aug 2021 01:48:50 GMT
vary
Accept-Encoding
cache-control
max-age=1209600
via
1.1 d01a0cfc47d6e412dd81c986ff5d69da.cloudfront.net (CloudFront), 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
281436
x-amz-cf-pop
IAD50-C2, PHL51-P1
server
nginx
b9ae52cc-a1ae-4982-b8d5-c220c73bb05a
https://www.register-herald.com/ Frame 		0
0
core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
cdn.smugmug.com/include/js/smugpage/ Frame 26EE 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
cd9ead1d96f5e05bd49c8231ab7856822fdef385c83f0d91e2962ca07a562618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
ua92nt/QNx9KBGOsx7at7w==
x-extra
1725962688.0476
x-request-id
37ad4bc4
content-encoding
gzip
etag
"b9af769edfd0371f4a0463acc7b6adef"
age
6580389
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
eYW3V8UrFTOhCQAgJ17SEz6T5qWSnQAJvQJQX5iLAVcHIS9_nacUkQ==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
27536
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0175
smug-static-cache
Fresh MD5
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=ec58e149, d=i-09beae53177ccdf1c
expires
Wed, 10 Sep 2025 10:04:48 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Tue, 10 Sep 2024 10:04:48 GMT
edge-control
public, max-age=31536000
x-s
100.11.29:1369793
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
core-config-069300e7b97b546dfcf7a0a69c919489.js
cdn.smugmug.com/include/js/smugpage/ Frame 26EE 		345 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/smugpage/core-config-069300e7b97b546dfcf7a0a69c919489.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
49cd659a3bf0dd17eefca348c5a30c21476202ae0410f6a9d8d8982750c2e164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
HFkuTcbyulBSYbru8fEo4Q==
x-extra
1732542010.1636
x-request-id
673432e5
content-encoding
gzip
etag
"1c592e4dc6f2ba505261baeef1f128e1"
age
1067
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
YqKP71HTUlOIHUz4XsrQDZOdrqwC2ktbi2NNenVFB9XVIdGDGMB3oQ==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
48443
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0158
smug-static-cache
Fresh MD5
x-smugmug-values
4/5 - Dare
x-env
a=live, b=www, c=e8889be1, d=i-065ff7823257e4c13
expires
Tue, 25 Nov 2025 13:40:10 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 25 Nov 2024 13:40:10 GMT
edge-control
public, max-age=31536000
x-s
100.15.30:1981011
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
stylesheet.css
cdn.smugmug.com/img/fonts/sofia-pro/v2/ Frame 26EE 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
bac8ee57b7086f2eac3c07d0852d819ba937a57c16304f9065dfdafbf141d795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.0925
content-md5
HOhv4frU3LMoVBoaYp+i5A==
x-request-id
bc1243ec
x-smugmug-values
4/5 - Dare
content-encoding
gzip
etag
"1ce86fe1fad4dcb328541a1a629fa2e4"
age
32929
x-env
a=live, b=www, c=e8889be1, d=i-00c81ac1995dd1d93
expires
Tue, 26 Nov 2024 04:49:08 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 25 Nov 2024 12:49:04 GMT
content-type
text/css; charset=utf-8
x-s
100.13.39:1860218
vary
Accept-Encoding
last-modified
Fri, 10 Jun 2022 22:58:54 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-amz-cf-id
ikWqpWsmP7J5qscv3BlkpxYFpsSIwBEdcdHUhqHzmP-t7FNS5mu7_g==
x-ttfb-l
519
cache-control
public, max-age=86400
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
content-length
519
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
core-a5354e4f11dd90ae46d9f7b6125084b9.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame 26EE 		372 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
06387490c83a22e6ea8ce6eded7b073e8469bc46afa2be75e9afc416c6d0d4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
N8jL1y1lbo6o6L/Pen7RQQ==
x-extra
1732219552.6347
x-request-id
e11e4662
content-encoding
gzip
etag
"37c8cbd72d656e8ea8e8bfcf7a7ed141"
age
323525
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
Hfc6eNXDZOQOd9YS6SBnl7eHJf3Xem3taP4H8U12yQxDRIyniwqZcA==
content-type
text/css; charset=utf-8
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
cache-control
public, max-age=31536000
content-length
61900
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0222
smug-static-cache
Fresh MD5
x-smugmug-values
2/5 - Thrill Our Customers
x-env
a=live, b=www, c=e8889be1, d=i-0b0d65f1e70c16833
expires
Fri, 21 Nov 2025 20:05:53 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 20:05:52 GMT
edge-control
public, max-age=31536000
x-s
100.15.42:2750273
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
widget_bundle-d444c68ccac9c24df76b208da45a8d91.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame 26EE 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/widget_bundle-d444c68ccac9c24df76b208da45a8d91.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
0693bf82a6c3cfc499b9316adb25202beec3c702a832a82753495a8d37821ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
ERxqkzW51HDYGO++y0yTfQ==
x-extra
1726740009.965
x-request-id
845066fc
content-encoding
gzip
etag
"111c6a9335b9d470d818efbecb4c937d"
age
5803068
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
_R4T2nw-vdb2g74XmrNAdcM0vZYnhYv89ZVe6qiFhSugmNme3bx7RA==
content-type
text/css; charset=utf-8
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
cache-control
public, max-age=31536000
content-length
9059
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0141
smug-static-cache
Fresh MD5
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=e8889be1, d=i-047aa7805762d7819
expires
Fri, 19 Sep 2025 10:00:10 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 10:00:09 GMT
edge-control
public, max-age=31536000
x-s
100.13.26:3362715
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
gallery_bundle-4c94933ce49008d0f1dcb556c7f627ae.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame 26EE 		101 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/gallery_bundle-4c94933ce49008d0f1dcb556c7f627ae.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
c0f86e2e4aee90ce1ffeef49d951618e34e3ed4810a3ed1110ae66f9c051e3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
gT62yrfJzyXztuVJt7debA==
x-extra
1732219552.6684
x-request-id
eee57cc2
content-encoding
gzip
etag
"813eb6cab7c9cf25f3b6e549b7b75e6c"
age
323525
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
PJQe8g3iSe9v0MTiGB5tSXLQgdccu_zt4mcurq9wbDuzIAOgxX4NFw==
content-type
text/css; charset=utf-8
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
cache-control
public, max-age=31536000
content-length
18544
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.015
smug-static-cache
Fresh MD5
x-smugmug-values
3/5 - Deliver Awesome
x-env
a=live, b=www, c=e8889be1, d=i-0b168be38c3aa7c6b
expires
Fri, 21 Nov 2025 20:05:53 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 20:05:52 GMT
edge-control
public, max-age=31536000
x-s
100.13.146:910754
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
smugpage-6DEPD72Y.js
cdn.smugmug.com/include/js/bundles/ Frame 26EE 		538 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
20c9f643f67728484f8b6826df78f2da34a00c20294e6d2a94ed9504f294e8d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.0154
x-request-id
dbcf47d5
x-smugmug-values
1/5 - Grow Together
content-encoding
gzip
age
309993
x-env
a=live, b=www, c=e8889be1, d=i-0b0d65f1e70c16833
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:24 GMT
content-type
application/javascript; charset=utf-8
x-s
100.15.42:2889053
vary
Accept-Encoding
x-amz-cf-id
X422cGzVo_mxEuPa69_Zlu5caOgWdZyFoKoCsHSQ8_bkEqfuoOzt6Q==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
538
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
1527
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 15:32:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:32:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ 		15 B
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=490301710&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEABAAAAAGAAI~&jid=1016740879&gjid=659858121&cid=1091792531.1732543063&tid=UA-101908882-1&_gid=735156526.1732543064&_r=1&_slc=1&z=1598824390
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
fd7cf24e7130670073acb303d5d23086ed076f7813153ece3c67cf5037b5db67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
/
optimise.net/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=register-herald.com&t=desktop&c=CA&r=19
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
043a4266d387998ff529d09093801ee8f2a4eba2914107912ba047638e8f4077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
1

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
17
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
fs-country
CA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 		492 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
1421939719645060458
age
38767
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 03:11:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 03:11:50 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=register-herald.com&t=desktop&c=CA&r=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.register-herald.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Mon, 25 Nov 2024 13:57:57 GMT
expires
0
fs-client-rtt
17
fs-country
CA
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
skeleton.gif
static.adsafeprotected.com/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?ab=1&zoneid=980335_advertisement_
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-65.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
2855
x-cache
Hit from cloudfront
x-amz-cf-id
F1s93M3KT0nLfHgLQQ6eu-CEBCKW9GZdC8_QgpYlFTHjRuGum64cMg==
date
Mon, 25 Nov 2024 13:10:26 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 34db9bd11ebdbcc746e357ed5d665244.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
PHL51-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
/
www.register-herald.com/tncms/csrf/token/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/tncms/csrf/token/
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/shared-content/art/tncms/api/csrf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
age
0
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
text/html; charset=UTF-8
vary
X-IPCountry, Accept-Encoding
x-frame-options
SAMEORIGIN
x-vcache
MISS
strict-transport-security
max-age=31536000
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms
1.83.2; app14; 0.01s; 1.1M
content-security-policy
upgrade-insecure-requests
cache-control
private, no-cache, no-store, max-age=0
x-loop
1
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
content-length
20
x-xss-protection
1; mode=block
diberp-tcx-v7.13.0.js
www.americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
etag
"f085c7609fb7c47fb72fd768d721373e"
age
786053
x-goog-stored-content-encoding
gzip
expires
Sun, 16 Nov 2025 11:37:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
104504
date
Sat, 16 Nov 2024 11:37:07 GMT
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
content-type
text/javascript
vary
Accept-Encoding,Origin
x-guploader-uploadid
AFiumC6m4T41NwmyKEZXMOXTOuV00NMsplfwI-vRsgv39q2yDDKH5k4eOEKyRwfMn02y1t7CIg4
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1661782821233427
content-length
104504
server
UploadServer
ping
ping.chartbeat.net/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=register-herald.com&p=%2F&u=dF_aWBp_AK4D5fb9f&d=register-herald.com&g=34377&g0=homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12331&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.register-herald.com%2F&b=20766&t=31KAxDLXHozCsCn21DyDFIXBXL0pf&V=147&i=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&tz=480&sn=1&sv=D52GflDTmU4UBsB0u4BdH3aLsCHnU&sr=external&sd=1&im=067b2ffa&_
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.235.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-235-4.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Mon, 25 Nov 2024 13:57:58 GMT
pragma
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
ea2a4861-dcae-4d7c-967a-5a0790c86595
https://www.register-herald.com/ Frame 		0
0
5bb6d0ed-dbcd-4bb2-848f-69c49eeddfcb
https://www.register-herald.com/ Frame 		0
0
icons-large-defs-ee9e79aaf4bccd0881a864fb3c0eb250.svg
cdn.smugmug.com/include/svg/build/ Frame 26EE 		62 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/svg/build/icons-large-defs-ee9e79aaf4bccd0881a864fb3c0eb250.svg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
5748c66b763e7c561f8e57b036f76a58909c657cffda9a3acffff99103ffccda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
x-ttfb
0.0099
x-request-id
b9ed3898
content-encoding
gzip
x-smugmug-values
3/5 - Deliver Awesome
age
25210062
x-env
a=live, b=www, c=ec58e149, d=i-001ebc9b2ecbc6e8d
expires
Thu, 06 Feb 2025 19:10:16 GMT
smug-cdn
cloudfront (via www.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Wed, 07 Feb 2024 19:10:15 GMT
edge-control
public, max-age=31536000
content-type
image/svg+xml
x-s
100.9.163:192757
vary
Accept-Encoding
x-amz-cf-id
7xaCDQYgIvNT5wLAvRkGHRwOVMGgHQzwPgb420Z2-x8KYAwOxJNtCw==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
63479
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
icons-small-defs-58e447dff7a75911debd21d1ba52970e.svg
cdn.smugmug.com/include/svg/build/ Frame 26EE 		43 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/svg/build/icons-small-defs-58e447dff7a75911debd21d1ba52970e.svg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
700bdd4916ae7cdc0bf47f650cbf21ed881fc282e4729afe2814678670e441c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
x-ttfb
0.018
x-request-id
79160689
x-smugmug-values
3/5 - Deliver Awesome
content-encoding
gzip
age
5803067
x-env
a=live, b=www, c=e8889be1, d=i-017d313419e2bf940
expires
Fri, 19 Sep 2025 10:00:10 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 10:00:10 GMT
edge-control
public, max-age=31536000
content-type
image/svg+xml
x-s
100.14.215:805115
vary
Accept-Encoding
x-amz-cf-id
qgBeimGRbr8KE0SXtcCyYRgrXkkP0vxqfAF-mEpiqGGxEinEc42BTA==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
44112
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
chunk-6277CUBV.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 26EE 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-6277CUBV.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
74ab74e001689f9d87effd32607338d5728f219a86faff4f122a15f2e27887ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0278
x-request-id
bd7c2c45
x-smugmug-values
4/5 - Dare
content-encoding
gzip
age
309996
x-env
a=live, b=www, c=e8889be1, d=i-0afa9982b7c648c69
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.14.53:3314829
vary
Accept-Encoding
x-amz-cf-id
5v4zyHOrNnTKNvqxiLIXFEWFZP2NxFRl_JyNEQsNyvUCHxAlaFSKmA==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
73532
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
chunk-UWEQIG5E.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 26EE 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-UWEQIG5E.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
16ea27af27e740ce6b0a05893f44d314de6b8e4d1f0a1f43d79e1fc421fac73a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0225
x-request-id
9c3ce78f
x-smugmug-values
2/5 - Thrill Our Customers
content-encoding
gzip
age
309996
x-env
a=live, b=www, c=ec58e149, d=i-0885b1deb8871e7c5
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.8.213:75056
vary
Accept-Encoding
x-amz-cf-id
K1ezfUCZyhgnhpInGqMsAeS5-9EeuKGzeX4g9A7_xz9NG6Sfpd0i9g==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
69009
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
chunk-TP6B3ZNP.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 26EE 		338 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-TP6B3ZNP.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
c9c82d6446bd15b7b992cc15e86119da298f3dc805b81fb777baa24651593d93
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0223
x-request-id
0faf79a5
x-smugmug-values
2/5 - Thrill Our Customers
content-encoding
gzip
age
309996
x-env
a=live, b=www, c=4cf206a9, d=i-02721ee865b461221
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.2.115:3301486
vary
Accept-Encoding
x-amz-cf-id
yIOeaBg4CINvnNDBTLnv4kBfZZl9x2eP6jgkaxL6pT5Z1vatJQ21TQ==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
345832
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
chunk-F7GNJZUR.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 26EE 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-F7GNJZUR.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
76b2d22c9e0858cc8b08ff50dbd291d2679031e95a912fbaec60fda771b6c433
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0158
x-request-id
d1ca6564
x-smugmug-values
4/5 - Dare
content-encoding
gzip
age
4566052
x-env
a=live, b=www, c=4cf206a9, d=i-0fd5edc2cfea067c4
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 03 Oct 2024 17:37:05 GMT
content-type
application/javascript; charset=utf-8
x-s
100.3.83:76493
vary
Accept-Encoding
x-amz-cf-id
E9IpWZKGYs9ISd8WfmtejbFJ4GrKBElCWyRUsi62MKpENc57ZSwvoA==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
34563
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
chunk-E3BNR3EF.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 26EE 		2 MB
557 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
ddfaead26a52cb4c33361bbf0ab894dc95e0f304b8ffb46923058a24172ea6be
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0515
x-request-id
8f38d66b
x-smugmug-values
3/5 - Deliver Awesome
content-encoding
gzip
age
309996
x-env
a=live, b=www, c=ec58e149, d=i-0e2fc266d9c3b0cea
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.8.136:2296503
vary
Accept-Encoding
x-amz-cf-id
2sv2V7kXcaL0w1DGNROf7kIt9ELfp0cMQJUV-WrmHXedL3I8y_VYmw==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
1857229
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 2441 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
472
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28994
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:50:06 GMT
expires
Mon, 25 Nov 2024 14:40:06 GMT
last-modified
Mon, 18 Nov 2024 20:43:40 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		124 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a65f6b7de67ddc5691ba9c0fda5f9b2d3083909afa1db3cf471ddaf1219affd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"ea4db534765bb83090644778b72e786a"
age
806
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 13:32:27 GMT
vary
Accept-Encoding
x-amz-id-2
EYz5S1rgRRaKJjRrcQMTlOFHb0VFiNXqNCpWH/Uy3DbgZSI9dZZeGqzvUT7TO2wjC7R86yDAWr8=
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
0Y8C50C0K3XH4Y46
cf-ray
8e82269d6e31ac31-YYZ
accept-ranges
bytes
content-length
26770
server
cloudflare
x-amz-server-side-encryption
AES256
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
js
www.googletagmanager.com/gtag/ 		278 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JD3VHQYLPF&cx=c&_slc=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8bef761790faa6844c09eb3646d3aef9e2badeba71c9a598cccb4378f4260d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 13:57:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99988
x-xss-protection
0
server
Google Tag Manager
w_480_00001.ts
video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/ 		475 KB
475 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
4be0baf6a5f60c63438d694ed7c1cd28333ad81d1836bd037378528f11fbeb7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"7dbf6d26dea9265e74cd06295eb2f28c"
age
7625
access-control-allow-methods
GET, HEAD
expires
Mon, 09 Dec 2024 11:50:53 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zW46goXk_cobL0jdExTIy6Bv_yYf9U_MXCC4Tlal5vii9wQExBHgfg==
date
Mon, 25 Nov 2024 11:50:53 GMT
content-type
video/mp2t
last-modified
Thu, 19 Aug 2021 01:48:50 GMT
cache-control
max-age=1209600
via
1.1 f9d8b248b09e5c0a77a4319a8bfbc9d0.cloudfront.net (CloudFront), 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
486356
x-amz-cf-pop
IAD89-P3, PHL51-P1
server
nginx
combo.js
cdn.smugmug.com/include/combo/ Frame 26EE 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/combo/combo.js?13c86319&yui/3/cookie/cookie-min.js&yui/3/history-base/history-base-min.js&yui/3/history-hash/history-hash-min.js&yui/3/history-html5/history-html5-min.js&yui/3/event-key/event-key-min.js&yui/3/event-outside/event-outside-min.js&yui/3/attribute-complex/attribute-complex-min.js&yui/3/classnamemanager/classnamemanager-min.js&yui/3/event-focus/event-focus-min.js&yui/3/widget-base/widget-base-min.js&yui/3/widget-htmlparser/widget-htmlparser-min.js&yui/3/widget-skin/widget-skin-min.js&yui/3/widget-uievents/widget-uievents-min.js&yui/3/widget-autohide/widget-autohide-min.js&yui/3/button-core/button-core-min.js&yui/3/button-plugin/button-plugin-min.js&yui/3/widget-stdmod/widget-stdmod-min.js&yui/3/widget-buttons/widget-buttons-min.js&yui/3/widget-modality/widget-modality-min.js&yui/3/widget-position/widget-position-min.js&yui/3/widget-position-align/widget-position-align-min.js&yui/3/widget-position-constrain/widget-position-constrain-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
d8d0c6936da58940112f51b84fc4c2ea1393ad348963fe380643e38acabd677c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
IeOoElyK8EYl1AW2PTeZQA==
x-request-id
0804ce48
content-encoding
gzip
etag
"21e3a8125c8af04625d405b63d379940"
age
3004103
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
2piU8wzzK7pz75Nk-LqxgJj6MF9flGxRtANkUtW0ZWCBjzvXnkqh3g==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
16774
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0157
x-smugmug-values
5/5 - Empower Passion
x-env
a=live, b=www, c=ec58e149, d=i-0c0aa0ac8e81b5df4
expires
Tue, 21 Oct 2025 19:29:36 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 21 Oct 2024 19:29:35 GMT
edge-control
public, max-age=31536000
x-s
100.9.17:80324
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
combo.js
cdn.smugmug.com/include/combo/ Frame 26EE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/combo/combo.js?13c86319&yui/3/widget-stack/widget-stack-min.js&yui/3/panel/panel-min.js&yui/3/yui-throttle/yui-throttle-min.js&yui/3/dd-ddm-base/dd-ddm-base-min.js&yui/3/dd-drag/dd-drag-min.js&yui/3/dd-plugin/dd-plugin-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
e752952af381ed1e89cd1f11c914d071199049f896192feac4a68b64f9fe62ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
sH+TZK67cEtiMO/usWloGA==
x-request-id
12ca3513
content-encoding
gzip
etag
"b07f9364aebb704b6230efeeb1696818"
age
5881092
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
_4HGQUJ6EoMugiEFuKY7IUWQ5pxa9cXdiIVmlPSTWiY1MCylvUnuvQ==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
5567
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0166
x-smugmug-values
2/5 - Thrill Our Customers
x-env
a=live, b=www, c=ec58e149, d=i-0db5b987a99d65934
expires
Thu, 18 Sep 2025 12:19:47 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Wed, 18 Sep 2024 12:19:46 GMT
edge-control
public, max-age=31536000
x-s
100.10.151:836850
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
combo.js
cdn.smugmug.com/include/js/lib/build/combo/ Frame 26EE 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/lib/build/combo/combo.js?sm-templates-form/f159/sm-templates-form-min.js&sm-fields/95ad/sm-fields-min.js&sm-panel-draggable/ae55/sm-panel-draggable-min.js&sm-panel/e014/sm-panel-min.js&sm-terms-of-use/e945/sm-terms-of-use-min.js&sm-page-nav-login/e217/sm-page-nav-login-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
4635963601b388f845ec836fff1c510db5dde31ef3591a87622feec8d851cd1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
HkuqnHFQcHAT0gptRsqQhg==
x-request-id
6512f86e
content-encoding
gzip
etag
"1e4baa9c7150707013d20a6d46ca9086"
age
5881105
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
6aE-gjuh0wHTxPehRzEHDpI-4-faedTasMLPAorXiWUQwfi7HlkxGg==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
5764
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0146
x-smugmug-values
4/5 - Dare
x-env
a=live, b=www, c=ec58e149, d=i-0baa6f840b2f77a71
expires
Thu, 18 Sep 2025 12:19:34 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Wed, 18 Sep 2024 12:19:33 GMT
edge-control
public, max-age=31536000
x-s
100.10.94:3368745
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
combo.js
cdn.smugmug.com/include/js/app/build/combo/ Frame 26EE 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/app/build/combo/combo.js?sm-login-helpers/65cc/sm-login-helpers-min.js&sm-login/d1f3/sm-login-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
505d1da0bb68322b9276866435a2b0b006ba5e51fe250942031e9fe3d214b7ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
0/L9NS3tVtAm5Xf4MCYh2g==
x-request-id
1ac23bb9
content-encoding
gzip
etag
"d3f2fd352ded56d026e577f8302621da"
age
6058683
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
W1lrQ4jJOFZoM8xZXa8caIe1Bc49IOdPQgV2KHU46xOZYLGy54sS2w==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
4107
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0135
x-smugmug-values
2/5 - Thrill Our Customers
x-env
a=live, b=www, c=e8889be1, d=i-04a1f1c3a2577036e
expires
Tue, 16 Sep 2025 10:59:55 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 16 Sep 2024 10:59:55 GMT
edge-control
public, max-age=31536000
x-s
100.13.9:1181108
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
liveView.php
live.primis.tech/live/ 		0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpmMwU0MmA2OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuYMTEyM0IyMwBMnW51rCUlMHt4Ny82NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMmEhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY3NDQ4MwVxYTZvNmUzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtkMSZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNmMlNTQmMDp4MwU2JaVcZD1TZWgcozRiU1BfYXyypwY3NDQ4MwVxZDZwMTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaJyZ2ymqGVlLWuypzFfZC5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9MwI4YTE0MWY2MwEjMDAkZzElNGVxZwElOGEkY2Y1NTx=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
LU_-zMluuPCOX_jXTPNT3Le1NHQybfuY3Dh6CuC5GpB3POjMvXcXbw==
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
PHL50-C1
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.register-herald.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Nov 2024 13:57:58 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.128.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-128-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.register-herald.com
access-control-max-age
86400
date
Mon, 25 Nov 2024 13:57:58 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410301053/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410301053/wrap.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d0b0bc4f725f8e2c71589dc3208c484d"
age
2011770
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 14:54:35 GMT
vary
Accept-Encoding
x-amz-id-2
NG7vuX0i5S4XKFXpry2Tx40DDSFecIxOuPACcTdk7aWyIlUfYtQ0mj4GrPa6S2aWbAfQmQF5htbaUZnPFrp77vVEk4ct7qwW
cache-control
public, max-age=31536000
x-amz-request-id
CJQ68YHS97KFTS2W
cf-ray
8e82269f5fdaac31-YYZ
accept-ranges
bytes
content-length
110098
server
cloudflare
x-amz-server-side-encryption
AES256
4d97a662ad
pb-rtd.ccgateway.net/v1.0/realtime/ 		254 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-rtd.ccgateway.net/v1.0/realtime/4d97a662ad?profile_id=c15746b1-23cd-48e9-90e6-22b101fa088e&url=https%253A%252F%252Fwww.register-herald.com%252F&context=true&audience=true&deal_ids=true&custom_taxonomy=true
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.153.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-153-54.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
afee7a42c610dfdfeeeda42cc4fd8c35b2c1369ca8cc91f0e71e4dc1be642b82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=3600
etag
"254-a1b86eb8"
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
254
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json; charset=utf-8
vary
Origin
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=y2k6oIedzK21iEjwT7FXp1%2BphDy2kiMy8Fr6e1ODMm8%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=y2k6oIedzK21iEjwT7FXp1%2BphDy2kiMy8Fr6e1ODMm8%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=y2k6oIedzK21iEjwT7FXp1%2BphDy2kiMy8Fr6e1ODMm8%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Nov 2024 13:57:58 GMT
vary
origin
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.register-herald.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21d40d06dd91e757348c94fbd108af537e80b902b5878421ff4445440fdf998

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8e8226a1dd8a39e4-YYZ
access-control-allow-origin
*
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		195 B
483 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
018245d6042d05a2c78fd3580019f9cddd1ca43a48e88a4d3c01cc5c002bc0d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:57 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
rid
match.adsrvr.org/track/ 		108 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3c9ed4288985c1c6e38cf58039c44872bdfcb62dd00ad466ce15d86cff8d7632

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Wed, 25 Dec 2024 13:57:58 GMT
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=EH%2FofNG9tGYmchWfHFUzQFUx8C1jcQGsdgDR6P%2BWZew%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=EH%2FofNG9tGYmchWfHFUzQFUx8C1jcQGsdgDR6P%2BWZew%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&b=1&tp=EH%2FofNG9tGYmchWfHFUzQFUx8C1jcQGsdgDR6P%2BWZew%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Nov 2024 13:57:57 GMT
vary
origin
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.register-herald.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21d40d06dd91e757348c94fbd108af537e80b902b5878421ff4445440fdf998

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8e8226a21db939e4-YYZ
access-control-allow-origin
*
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		195 B
483 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
018245d6042d05a2c78fd3580019f9cddd1ca43a48e88a4d3c01cc5c002bc0d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
rid
match.adsrvr.org/track/ 		108 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3c9ed4288985c1c6e38cf58039c44872bdfcb62dd00ad466ce15d86cff8d7632

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Wed, 25 Dec 2024 13:57:58 GMT
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
quant.js
secure.quantserve.com/ 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"mLYq618hJoRcW1Crupr2OQ=="
expires
Mon, 02 Dec 2024 13:57:43 GMT
accept-ranges
bytes
date
Mon, 25 Nov 2024 13:57:43 GMT
content-type
application/javascript
vary
Accept-Encoding
freestar_close_button.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/freestar_close_button.svg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=xUDeFg==, md5=1OG2/3P8Bvg2SBLmidtA+g==
cf-cache-status
HIT
etag
W/"d4e1b6ff73fc06f8364812e689db40fa"
age
1391
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 14:57:58 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1211
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
image/svg+xml
last-modified
Wed, 04 Sep 2024 08:16:13 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC4yup_LW1kAOPEMTlBwQ-KMrGXFE8SNysuajRa4cE42f6Obf9tBr1_tPFOnzMkAL3Gl4mk
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e82269ffcfaab51-YYZ
access-control-allow-origin
*
x-goog-generation
1725437773526766
server
cloudflare
page_load
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		59 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/page_load
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.153.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-153-54.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d80fef48aad15a258cbbfaf14d7a0ef016c4791a7de005a89037aabe8e7a9c8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-origin
https://www.register-herald.com
content-length
59
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
1392
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 14:57:58 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC6ZHLbtYerpktu8GT8iO3lUsv0zaIp6ueVIb4qIvH3zdfNOqtamcHIf300qj-zQht6J6MpooXZn6Q
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e8226a01d12ab51-YYZ
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
092da857-5c17-4285-9d1c-001a20f4946d
https://www.register-herald.com/ Frame 		0
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JD3VHQYLPF&gtm=45je4bk0v9123094753za200&_p=1732543061525&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-ca&sr=1600x1200&cid=1091792531.1732543063&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sid=1732543078&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=21662
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JD3VHQYLPF&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
text/plain
server
Golfe2
/
sentry.io/api/1729937/envelope/ Frame 26EE 		2 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1729937/envelope/?sentry_key=a50725d1f5884564b5c9f506e44fde72&sentry_version=7&sentry_client=sentry.javascript.browser%2F8.34.0
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://photos.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
snowplow_2-20230602110113.js
cdn.smugmug.com/include/js/ Frame 26EE 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/snowplow_2-20230602110113.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
EwuBovMqM+rLBTrFUN6G+Q==
x-extra
1726482510.8637
x-request-id
c2507692
content-encoding
gzip
etag
"130b81a2f32a33eacb053ac550de86f9"
age
6060568
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
yQvFvBZfMTSEWfPA4i9tEnQ2Q1LVSepHE436GQWK7qVQznqzESt-yQ==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
30140
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0136
smug-static-cache
Fresh Timestamp
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=e8889be1, d=i-05b7473238bcce68e
expires
Tue, 16 Sep 2025 10:28:31 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 16 Sep 2024 10:28:30 GMT
edge-control
public, max-age=31536000
x-s
100.13.55:858977
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P6
cookiemonster.mg
photos.register-herald.com/include/js/ Frame 7A96
Redirect Chain
  • https://www.smugmug.com/include/js/cookiemonster.mg?returnTo=https://photos.register-herald.com
  • https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com
0
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://photos.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
20
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Nov 2024 13:57:58 GMT
Server
nginx
cache-control
private, no-store, no-cache, max-age=0
content-encoding
gzip
expires
Mon, 25 Nov 2024 13:57:58 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-env
a=live, b=www, c=e8889be1, d=i-04b541d63012615d5
x-powered-by
SmugMug/1.0
x-request-id
878b477c
x-s
100.13.45:1769772
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
4/5 - Dare
x-ttfb
0.0132
x-ttfb-l
0
x-ua-compatible
IE=edge

Redirect headers

cache-control
private, no-store, no-cache, max-age=0
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 13:57:58 GMT
expires
Mon, 25 Nov 2024 13:57:58 GMT
location
https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
strict-transport-security
max-age=31536000
via
1.1 7c55514b62254664b7255cfc5da6dc92.cloudfront.net (CloudFront)
x-amz-cf-id
23UlVUKdTAcxcxVhbAlKmuyCIQa-ThbAUEq5FqOqk9botTzD8XDnlw==
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
x-env
a=live, b=www, c=ec58e149, d=i-0ab67ad4d2388a96f
x-powered-by
SmugMug/1.0
x-request-id
b0cfc5ac
x-s
100.8.168:1702504
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
2/5 - Thrill Our Customers
x-ttfb
0.0121
x-ttfb-l
0
x-ua-compatible
IE=edge
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 26EE 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&returnModelList=true&idCopy=true&PageNumber=1&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
9fe889fee7df4b7b8b5f7169b799b406-895fa8d413c67d80-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=9fe889fee7df4b7b8b5f7169b799b406,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.1443
x-request-id
701b00aa
content-encoding
gzip
x-smugmug-values
3/5 - Deliver Awesome
x-env
a=live, b=www, c=4cf206a9, d=i-0a219b7504f777794
expires
Mon, 25 Nov 2024 13:57:58 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 13:57:58 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.0.57:1998022
x-frame-options
DENY
x-ttfb-l
33878
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
4230
x-powered-by
SmugMug-API/1.4.0
Server
nginx
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
94a04cf2-7243-413f-a3ce-bba38a5d74ac
https://www.register-herald.com/ Frame 		0
0
8f04ebad9251e5fd1e384c0eb36c6b7a36ea7ef2
bandborder.com/post/f3815b8948f8/ 		301 B
761 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/post/f3815b8948f8/8f04ebad9251e5fd1e384c0eb36c6b7a36ea7ef2
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0566ab5a1c307689aed1e5a7dd090fe8b8efefa171ddd669928152c2b68f6386
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-us-central1-spot-442h
expires
Mon, 25 Nov 2024 13:57:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
priority
u=1,i
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e8226a2bb0aac15-YYZ
access-control-allow-origin
https://www.register-herald.com
x-buildnumber
1553448542
server
cloudflare
tp2
stats-new.smugmug.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stats-new.smugmug.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.45.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-45-67.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://photos.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://photos.register-herald.com
access-control-max-age
600
content-length
0
date
Mon, 25 Nov 2024 13:57:59 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
tp2
stats-new.smugmug.com/com.snowplowanalytics.snowplow/ Frame 26EE 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-new.smugmug.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.45.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-45-67.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://photos.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
https://photos.register-herald.com
content-length
2
date
Mon, 25 Nov 2024 13:57:59 GMT
server
nginx
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
8d8c340b9749a4161a16408c863a491011288ec1235cefe447cd2939c1b30547
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a7c69f7fb8c13d825b4816b6a342b53589d5db9e2db45086ce72b5f16fcfd045
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
w_480_00002.ts
video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/ 		383 KB
383 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
e5f21c32d773836b79f08684932c9684b3bb7b1346c1f5b750e726f452fbe93b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"0e3a577637bcb3e9298a25f7b90f86d8"
age
25791
access-control-allow-methods
GET, HEAD
expires
Mon, 09 Dec 2024 06:48:07 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KKi_UmGNA3jxTAOAugAK3vGEE8QbAVbnqe_qIGw06OP__KpQthWPmQ==
date
Mon, 25 Nov 2024 13:23:43 GMT
content-type
video/mp2t
last-modified
Thu, 19 Aug 2021 01:48:50 GMT
cache-control
max-age=1209600
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront), 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
391980
x-amz-cf-pop
IAD50-C2, PHL51-P1
server
nginx
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 8A62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.164.208 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-164-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=80041
content-encoding
gzip
content-length
859
content-type
text/html
date
Mon, 25 Nov 2024 13:57:58 GMT
expires
Tue, 26 Nov 2024 12:11:59 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
topics_frame.html
pa.openx.net/ Frame 52E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
3236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 13:04:03 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AFiumC7ANW_1erKPCTWkSiHZYziJcIFDPfZ8fV8HyTtqKCouZDJgAiog1FlPhdRdRPH1Y1hF1Tdaw-OVIQ
openrtb
ex.ingage.tech/v1/ Frame 		0
0
cookie_sync
s2s.t13.io/ 		3 KB
910 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f29d66e855aa23da884f4bf9a77506cdedfedb297ecd5583d70621074cb47b0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
668
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
vary
origin
auction
s2s.t13.io/openrtb2/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
openrtb
ex.ingage.tech/v1/ 		0
0
cdb
bidder.criteo.com/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		42 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1101657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494273ee881b43a4c09ea2dd7956ef49fc9868fc7f11c04a1f3875394a221049

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bc492URz978kYB7YxD%2Fss6alukikmmb9B6PQFIHIfvko%2FcA7bTIPzkHia0niezImT85J7pL1kq42yfJe3d7ddQ%2BnQGgZTmcvhwuy3nSc4C%2FGc4NTAQk1PljPcM3HnWOjjaCBtCYz"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e8226a37f7baaba-YYZ
access-control-allow-origin
https://www.register-herald.com
content-length
7283
server
cloudflare
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
prebid
bids.concert.io/bids/ 		0
0
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8e8226a35eaf39e4-YYZ
content-length
0
content-type
application/json
date
Mon, 25 Nov 2024 13:57:58 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
109 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8e8226a3aee839e4-YYZ
access-control-allow-origin
*
content-length
27
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
nuicons24-v30.woff2
cdn.smugmug.com/img/fonts/ Frame 26EE 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/img/fonts/nuicons24-v30.woff2
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
32585c4ce1f4c35d5bf2a8b6d910ff18ec3c43850eff616406d0c4aa7115956a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css

Response headers

x-ttfb
0.1135
content-md5
f4L3RUWvXq8n3h/6Y5kP1A==
x-request-id
d77a34da
x-smugmug-values
4/5 - Dare
etag
"7f82f74545af5eaf27de1ffa63990fd4"
age
6572739
x-env
a=live, b=www, c=ec58e149, d=i-01dfeb84ebc08d2b6
expires
Wed, 10 Sep 2025 12:12:20 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Tue, 10 Sep 2024 12:12:19 GMT
content-type
font/woff2
x-s
100.11.68:3843287
last-modified
Wed, 07 Feb 2024 16:03:37 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-amz-cf-id
zKQdldaXYvbTdJCoG6_U2QNdvQ7S2aBKGgCSr0CNkvUkW8izbSWfJg==
x-ttfb-l
21488
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
21488
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx
v2!token
photos.register-herald.com/api/ Frame 26EE 		405 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/api/v2!token?APIKey=W0g9oqdOrzuhEpIQ2qaTXimrzsfryKSZ
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
e86656350de5d856707ea7a39973282b7978c80ec07dab0ad6200ce759506d3a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
9fe889fee7df4b7b8b5f7169b799b406-85da7a2fc31a83fa-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=9fe889fee7df4b7b8b5f7169b799b406,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.0327
x-request-id
13cb36d9
content-encoding
gzip
x-smugmug-values
3/5 - Deliver Awesome
x-env
a=live, b=www, c=4cf206a9, d=i-07fe728e8168ee879
expires
Mon, 25 Nov 2024 13:57:58 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
Date
Mon, 25 Nov 2024 13:57:59 GMT
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
x-s
100.3.160:2452418
x-frame-options
DENY
x-ttfb-l
405
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-origin
https://photos.register-herald.com
Content-Length
267
x-powered-by
SmugMug/1.0
Server
nginx
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 26EE 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&idCopy=true&PageNumber=1&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
9fe889fee7df4b7b8b5f7169b799b406-ab4798dcf8f759db-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=9fe889fee7df4b7b8b5f7169b799b406,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.1894
x-request-id
bb196462
content-encoding
gzip
x-smugmug-values
3/5 - Deliver Awesome
x-env
a=live, b=www, c=4cf206a9, d=i-0584bc679de4a5863
expires
Mon, 25 Nov 2024 13:57:58 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 13:57:59 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.1.194:2109237
x-frame-options
DENY
x-ttfb-l
33878
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
4230
x-powered-by
SmugMug-API/1.4.0
Server
nginx
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 26EE 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&idCopy=true&PageNumber=2&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
9fe889fee7df4b7b8b5f7169b799b406-acdfa809a380b747-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=9fe889fee7df4b7b8b5f7169b799b406,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.1161
x-request-id
0ea363fa
content-encoding
gzip
x-smugmug-values
4/5 - Dare
x-env
a=live, b=www, c=e8889be1, d=i-0205a4d35f52bddf3
expires
Mon, 25 Nov 2024 13:57:58 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 13:57:59 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.14.236:2704674
x-frame-options
DENY
x-ttfb-l
33878
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
4227
x-powered-by
SmugMug-API/1.4.0
Server
nginx
240525-photo-westside%20graduation%2002-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LxMxrRF/0/MxBjWPZ5v9RS6TjKCLxDTKh2Rc8h4XN2WgdZCXjJZ/S/ Frame 26EE 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LxMxrRF/0/MxBjWPZ5v9RS6TjKCLxDTKh2Rc8h4XN2WgdZCXjJZ/S/240525-photo-westside%20graduation%2002-S.jpg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
268a82621b02246caf8a54bb04015e1b9df065c23ef5aeae36d6608eaaac28bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.108
content-md5
GsD+BsSfgVMou1ZaZTBy3g==
x-robots-tag
index, archive
x-request-id
S6_rDDsP9vVd3WL_fLmTQ_kJFEHK8rdg-10hQ6fcmM3ebFoKlcVsqg==
x-smug-ct
m
etag
"1ac0fe06c49f815328bb565a653072de"
age
6568031
x-env
a=live, b=photoserve, c=ec58e149, d=i-0c1ecdfaa8587e894
expires
Wed, 10 Sep 2025 13:30:48 GMT
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
x-ua-compatible
IE=edge
date
Tue, 10 Sep 2024 13:30:48 GMT
x-smug-ph
0.0336
content-type
image/jpeg
last-modified
Sat, 25 May 2024 11:09:29 GMT
x-response
Buffer
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-smug-v
17
x-ttfb-l
0
cache-control
public, max-age=31536000
x-amz-cf-id
APj-8qHzVOBVuYxgGEF5AsCZENgwWX31ae33otclOBv5pBw16mWlnw==
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-smug-d
Tue, 10 Sep 2024 06:30:48 PDT
content-length
65737
smug-content-length
65737
x-amz-cf-pop
JFK50-P6
server
nginx
240525-photo-westside%20graduation%2001-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-8M8GZGL/0/M8KzXVtRff5SZWVq85J3hwmQDKmNg5sMFmJGPF9ZF/S/ Frame 26EE 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-8M8GZGL/0/M8KzXVtRff5SZWVq85J3hwmQDKmNg5sMFmJGPF9ZF/S/240525-photo-westside%20graduation%2001-S.jpg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
f3ce13fad7c845235767cb1ce6dde20a5cd4024f0f305aeffc71c594284a91b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.0919
content-md5
T6bPYX0vgTkK7niowa7WSg==
x-robots-tag
index, archive
x-request-id
Ewk4ztPK2HwQ1YYHPhJnVCQ1vclOAlZMo2I91kIr0OHgoGsCIWXQ1g==
x-smug-ct
m
etag
"4fa6cf617d2f81390aee78a8c1aed64a"
age
5880877
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0c153d04cc2764516
expires
Thu, 18 Sep 2025 12:23:22 GMT
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
x-ua-compatible
IE=edge
date
Wed, 18 Sep 2024 12:23:22 GMT
x-smug-ph
0.0282
content-type
image/jpeg
last-modified
Sat, 25 May 2024 11:09:29 GMT
x-response
Buffer
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-smug-v
17
x-ttfb-l
0
cache-control
public, max-age=31536000
x-amz-cf-id
gZyQfYaGVeyj36OurYTVWvy__Y20UHPc8pTJXCyLMddNCLl1hSvWYA==
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-smug-d
Wed, 18 Sep 2024 05:23:22 PDT
content-length
37209
smug-content-length
37209
x-amz-cf-pop
JFK50-P6
server
nginx
240525-photo-westside%20graduation%2003-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-FKdWMnS/0/LR9j2jpT4rKzQ7bNTWrqSdfTKn3LpJBp2rbdWwMB8/S/ Frame 26EE 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-FKdWMnS/0/LR9j2jpT4rKzQ7bNTWrqSdfTKn3LpJBp2rbdWwMB8/S/240525-photo-westside%20graduation%2003-S.jpg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
281e701c74c7a82bd98ec52525a2d51ae64ab893db20f89443569077d88be841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.1536
content-md5
m6mFDtJbGyQj13V3QLZH0Q==
x-robots-tag
index, archive
x-request-id
4S8Hbkt1TZP1inspDgH5DQ0NlFesyckKkiCxcfqWWFaj-8O3vUIngw==
x-smug-ct
m
etag
"9ba9850ed25b1b2423d7757740b647d1"
age
5791774
x-env
a=live, b=photoserve, c=e8889be1, d=i-0ea77e4af83682c01
expires
Fri, 19 Sep 2025 13:08:25 GMT
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 13:08:25 GMT
x-smug-ph
0.0274
content-type
image/jpeg
last-modified
Sat, 25 May 2024 11:09:30 GMT
x-response
Buffer
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-smug-v
17
x-ttfb-l
0
cache-control
public, max-age=31536000
x-amz-cf-id
1eR8OuIK7NsBE-3IABG1Oj_6qObtBmdf4jRT-jhl8_JdK96leOyQug==
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-smug-d
Thu, 19 Sep 2024 06:08:25 PDT
content-length
50087
smug-content-length
50087
x-amz-cf-pop
JFK50-P6
server
nginx
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
8f04ebad9251e5fd1e384c0eb36c6b7a36ea7ef2
bandborder.com/f2815b8948f8/ 		3 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/f2815b8948f8/8f04ebad9251e5fd1e384c0eb36c6b7a36ea7ef2
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-us-central1-spot-442h
expires
Mon, 25 Nov 2024 13:57:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
priority
u=1,i
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e8226a3abe5ac15-YYZ
access-control-allow-origin
https://www.register-herald.com
content-length
3
x-buildnumber
1553448542
server
cloudflare
w_480_00003.ts
video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/ 		356 KB
356 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
915f38031e2bfec4cacb78015a2c64f8a422323039eb33e324f1d1d1cd45db20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"818ae196a433b01bf713d9e9ccbbbff0"
age
41505
access-control-allow-methods
GET, HEAD
expires
Mon, 09 Dec 2024 02:26:14 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
j0xjrFJfbZkqIrywXCOriwn9BOpfzqjyW00XQ-4FteYOHgB5OosXTA==
date
Mon, 25 Nov 2024 13:23:44 GMT
content-type
video/mp2t
last-modified
Thu, 19 Aug 2021 01:48:50 GMT
vary
Accept-Encoding
cache-control
max-age=1209600
via
1.1 df08ba5d249ec7fb2513313ea66b59f8.cloudfront.net (CloudFront), 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
364344
x-amz-cf-pop
IAD50-C2, PHL51-P1
server
nginx
v2!prefetch
photos.register-herald.com/api/ Frame 26EE 		190 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/api/v2!prefetch?_shorturis&APIKey=W0g9oqdOrzuhEpIQ2qaTXimrzsfryKSZ&_prefetchImages=only&_verbosity=1&_accept=application%2Fjson&_filteruri=
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
3ba9a07cb4d783c069ce0ae2d5ba581612abbec9104f5198d7b24d4b1db8b0b8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
9fe889fee7df4b7b8b5f7169b799b406-b6554b5dc242c673-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Content-Type
application/x-www-form-urlencoded
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=9fe889fee7df4b7b8b5f7169b799b406,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.0311
x-request-id
1e17c262
content-encoding
gzip
x-smugmug-values
2/5 - Thrill Our Customers
x-env
a=live, b=www, c=ec58e149, d=i-05c19f112bc29e057
expires
Mon, 25 Nov 2024 13:57:58 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
Date
Mon, 25 Nov 2024 13:57:59 GMT
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
x-s
100.9.216:2498304
x-frame-options
DENY
x-ttfb-l
190
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-origin
https://photos.register-herald.com
Content-Length
191
x-powered-by
SmugMug/1.0
Server
nginx
w_480_00004.ts
video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/ 		435 KB
436 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
0541ac764cbea52ad791c281f52962647fbf48c1c90d3ef8039d727b0358c5ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"11fff5b2c339f7af979a8cad08c1cea6"
age
170544
access-control-allow-methods
GET, HEAD
expires
Sat, 07 Dec 2024 14:35:35 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
jxqaaGJtYRkwNQeEj88gtCaZ-kMr3HeVnkSfnmJjkH6wXkR_K6oc9Q==
date
Sat, 23 Nov 2024 14:35:35 GMT
content-type
video/mp2t
last-modified
Thu, 19 Aug 2021 01:48:50 GMT
cache-control
max-age=1209600
via
1.1 165ed32c12154887fba331169c8022ee.cloudfront.net (CloudFront), 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
445560
x-amz-cf-pop
IAD50-C2, PHL51-P1
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ 		879 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Cweatherhousead&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x60&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079178&lmt=1732542835&adxs=133&adys=113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=120x82&msz=95x82&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c2c&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D83ef575e-75ed-48ec-b5da-e9c3947d1691%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_weather_120x60_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=3794124965&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
514aba9a718be860dd8fbc81c363a636f30ceb2dbb968ccb28ceffbe17907887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
412
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079189&lmt=1732542835&adxs=436&adys=290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=1360x272&msz=1360x272&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c2d&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D8d18e3ae-638e-4f42-a811-f1165a52411c%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_desktop_leaderboard_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=1967715633&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
3b8440eec4e69fb0dba1c1ea22c0990a8d6e47d172e3fd4b893e7ef98d9722c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
27642
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079193&lmt=1732542835&adxs=120&adys=3420&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x282&msz=300x272&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c2e&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dfb16f19e-340c-4534-81f3-51e63aaf5376%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_desktop_300x250_btf1%26fs_ad_product%3Dbanner%26pos%3Dbtf1%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=4023246624&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
39b15ca5c08ec3d228a9056a38ba7fd571e6d6961e0195ec01f616caa20a0353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
27477
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C620x366&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079196&lmt=1732542835&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c2f&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dd5beba0a-2dc3-48c6-a26d-86e5da0df6cb%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_mob_300x250_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=2348834533&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
ea7ee9d8ec4ee7323e85937058fe103d54672899ee650e5096752f69f7a2f35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
15550
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C200x600%7C300x600&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079199&lmt=1732542835&adxs=1180&adys=1007&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x622&msz=300x622&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c30&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dcb713d6d-e4cc-4a84-8b52-d056726aaa88%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_siderail_300x600_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=2992770089&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
b292026bbea1dca2638c18da9865da63ae91d891023e534660addf9929821317
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
22897
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C300x250%7C970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079201&lmt=1732542835&adxs=436&adys=6395&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=1584x314&msz=1584x272&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c31&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D2cfe1657-48c8-4c01-bb8c-ef2705a469c8%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_desktop_leaderboard_btf2%26fs_ad_product%3Dbanner%26pos%3Dbtf2%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=3888697066&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
84853ed8daf40ef8a64fe3aec2102c1bda088e800b62394a9d697992a5d70991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
27878
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079204&lmt=1732542835&adxs=1180&adys=6718&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=260x272&msz=260x272&fws=4&ohw=260&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c32&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dce6e7512-fa3e-4a3e-92a3-4f91161c3dbe%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_desktop_300x250_btf2%26fs_ad_product%3Dbanner%26pos%3Dbtf2%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=1576625234&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
01222fea6095f69e5d9a8c3d696f5c06ecbdf1295e98d0ccc148ef58a585e048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
27239
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C200x600%7C300x600&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079207&lmt=1732542835&adxs=1180&adys=10178&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x632&msz=300x622&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c33&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Da866232f-4be5-407d-9c25-20356e8e627d%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_siderail_300x600_sticky_btf_3%26fs_ad_product%3Dbanner%26pos%3Dbtf3%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=885799431&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
6cef5ca46221c65dc5fa306fe04af9c8e7623097e1317e1365ddc1097fcb8b71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
6825502030
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138497087179
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
12597
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079210&lmt=1732542835&adxs=436&adys=10839&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=1584x154&msz=1584x112&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c34&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Df539f1b0-ba25-4e5b-9af6-0f6e6006d04c%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_desktop_728x90_btf%26fs_ad_product%3Dbanner%26pos%3Dbtf%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=3448168808&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
0c7022ddfd84afc521829b11f2f431dcb7e09af529d7f78e6a3f1c94722ae5ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
6826725116
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138495343977
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
12608
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		784 B
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=2038624199703663&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Creveal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732543079213&lmt=1732542835&adxs=805&adys=13026&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=1360x803&msz=1310x0&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c35&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D74e3c562-4078-4db3-8c5b-143385a2995a%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_reveal%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=136573954&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
f38edd1ce3782cb07e82967ed50372b3d4efcb3071fcd4bb7fa42a715f8b1ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
332
x-xss-protection
0
server
cafe
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D345 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
spacer.gif
cdn.smugmug.com/img/ Frame 26EE
Redirect Chain
  • https://photos.register-herald.com/img/spacer.gif
  • https://cdn.smugmug.com/img/spacer.gif
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.smugmug.com/img/spacer.gif
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
18.164.114.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-114-179.jfk50.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.1483
content-md5
MlRyYBVx8x4b8AZ0w2jTNQ==
x-request-id
53d9d60b
x-smugmug-values
3/5 - Deliver Awesome
etag
"325472601571f31e1bf00674c368d335"
age
6142356
x-env
a=live, b=www, c=4cf206a9, d=i-09273cbfbf259f1df
expires
Mon, 15 Sep 2025 11:45:24 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Sun, 15 Sep 2024 11:45:23 GMT
content-type
image/gif
x-s
100.3.103:1522135
last-modified
Sat, 20 Jul 2013 19:09:23 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-amz-cf-id
HsRr3LUa1WO4nIX5Lzy4TQPOQ8kJl3rp5H30iekkMrMtZG_X2vv4Og==
x-ttfb-l
43
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
content-length
43
x-amz-cf-pop
JFK50-P6
x-powered-by
SmugMug/1.0
server
nginx

Redirect headers

x-ttfb
0.0144
x-request-id
132a51a7
x-smugmug-values
4/5 - Dare
x-env
a=live, b=www, c=e8889be1, d=i-0824378580abb19e6
expires
Mon, 25 Nov 2024 13:57:58 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
Date
Mon, 25 Nov 2024 13:57:59 GMT
Content-Type
text/html; charset=utf-8
x-s
100.14.102:2387537
x-frame-options
DENY
x-ttfb-l
0
cache-control
private, no-store, no-cache, max-age=0
location
https://cdn.smugmug.com/img/spacer.gif
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
0
x-powered-by
SmugMug/1.0
Server
nginx
882.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
60b45b5ceeee2f487eb9f4b9a40c75ec81727aa770b95c86c8fdefd33c4174be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
p3p
CP="CAO PSA OUR"
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
vary
Origin
w_480_00005.ts
video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/ 		299 KB
299 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn12/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325c107fd6863863006.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-109.phl51.r.cloudfront.net
Software
nginx /
Resource Hash
3206f3fb4ba7110393cf27e4cd1762c5e08057e371d83c85f8e8c8ca91b52b67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"09990461117eaf48dec560422145f004"
age
7626
expires
Mon, 09 Dec 2024 11:50:53 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
C7zkKOO9nl9BGYA0R_wab9Z_MxSANxg_-jDDOofM6k_nl4B7p7BNMQ==
date
Mon, 25 Nov 2024 13:23:45 GMT
content-type
video/mp2t
last-modified
Thu, 19 Aug 2021 01:48:50 GMT
cache-control
max-age=1209600
via
1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront), 1.1 b9e4f54576ef92a1af5dd8e6f47f2916.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
306064
x-amz-cf-pop
IAD50-C2, PHL51-P1
server
nginx
882.json
id5-sync.com/g/v2/ 		632 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
67bf8bbca18805743494b3597b4e511decd3ea60ed6d8bc73d9924b3249c3860
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
p3p
CP="CAO PSA OUR"
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
vary
Origin
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
optimise.net/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=register-herald.com&t=desktop&c=CA&r=19
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3d25d4c862932392b297360a6584be95371d6364530ce0f2584c5f29d69785dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
1

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
17
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
fs-country
CA
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=ca033363-3e63-40f4-a38c-a47f10937acc&cid=&crid=315461417|315461417|315461417|315461417|315461417|315461417|315461417|315461417&adunit_count=8&dn=www.register-herald.com&requrl=https://www.register-herald.com/&istop=true&event=client_timeout&value=8&rd=731
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.106.187 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-205-106-187.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 25 Nov 2024 13:58:02 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Mon, 25 Nov 2024 13:58:02 GMT
Content-Type
image/gif
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=1&d=register-herald.com&t=desktop&c=CA&r=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.register-herald.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
0
fs-client-rtt
21
fs-country
CA
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
a1335fe2-ad35-450f-99bc-fb7b95f3f6af
https://www.register-herald.com/ Frame 		0
0
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.register-herald.com
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8e8226a81b3e38e4-YYZ
date
Mon, 25 Nov 2024 13:57:59 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Headers
auction
s2s.t13.io/openrtb2/ 		1 KB
510 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f4dafedb801d04dc517b1f19f8bea0d45aadc4b8a8f2d89b6565c477e7d2d6e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
408
date
Mon, 25 Nov 2024 13:57:59 GMT
x-prebid
pbs-java/3.14.0
content-type
application/json
vary
origin
cdb
bidder.criteo.com/ 		0
522 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.50.0&cb=7033490238&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:59 GMT
vary
Origin
server
Kestrel
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1101657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3392866195e3532d5d7ee0e51529d4e2d005323486528c09e89e71f2c70e663a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ELJr3lGUFqzphCUNuETYWCpAbpEOJPlClT54HVDH9rxC%2B0K%2FPw%2F%2FACRc4PjOU%2FitLGTtM9MUpFRjKjTd8zHCt3E%2BdCtABnVXuvsnRppX9Rn%2FRziUbac5uQBpI9HUY7HQx7Ll4nQ"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e8226a7db7daaba-YYZ
access-control-allow-origin
https://www.register-herald.com
content-length
37
server
cloudflare
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543079641&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_sticky_footer&hadronId=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&tdid=803bc1bf-640b-4350-b48a-c314858948a6&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia%2Fregisterherald_sticky_footer&maxw=970&maxh=90&si=1106634&pi=3&bf=970x90%2C728x90%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-4-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f6a7416b5246c86304ed13c4321397792b105cd5656c2a535b78dd3b6fc91f1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543079641&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_sticky_footer&hadronId=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&tdid=803bc1bf-640b-4350-b48a-c314858948a6&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia%2Fregisterherald_sticky_footer&maxw=970&maxh=90&si=1106638&pi=3&bf=970x90%2C728x90%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-4-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fe7e474ec2eae393c8532b84012494f09fedd6898d395829e0e2e7af62e8ef40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543079641&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_sticky_footer&hadronId=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&tdid=803bc1bf-640b-4350-b48a-c314858948a6&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia%2Fregisterherald_sticky_footer&maxw=970&maxh=90&si=1106639&pi=3&bf=970x90%2C728x90%2C320x50%2C300x50%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-4-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3e6493557fbbf0bfd94d99262b4220a58281ea08c2471c4703c9947e3086bad8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json;charset=UTF-8
server
nginx
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543079641&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_sticky_footer&hadronId=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&tdid=803bc1bf-640b-4350-b48a-c314858948a6&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia%2Fregisterherald_sticky_footer&t=voetklzr&pi=2&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-4-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f5f5d2a1e50dac4945fc981bf5977cadb087885135d25e6b64d3bec5267a9847

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json;charset=UTF-8
server
nginx
openrtb
ex.ingage.tech/v1/ 		1 KB
944 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b92c976cc1ba3d579978efb914212a88888c37a233bcd4cdb5d09ab7c1a168

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e8226a868d5aacd-YYZ
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
0
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 26 Nov 2024 13:57:59 GMT
access-control-allow-origin
*
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=register-herald.com&t=desktop&k=1&r=1&c=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.register-herald.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
cache-status
disabled
content-length
0
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		757 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=register-herald.com&t=desktop&k=1&r=1&c=CA
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6d896fdfc8e6e56294894dc30c1b62c1028577efb750ad9b575778ee7462d77d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
1

Response headers

strict-transport-security
max-age=31536000
access-control-max-age
3600
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
via
1.1 google
expires
0
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:57:59 GMT
cache-status
disabled
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
ixmatch.html
js-sec.indexww.com/um/ Frame 67BF 		0
0
/
sync.cootlogix.com/api/sync/iframe/ Frame 9085 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.182.139.208 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Mon, 25 Nov 2024 13:58:00 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%2...
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3755446787584945000V10
86 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3755446787584945000V10
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
image/png

Redirect headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
cache-control
max-age=0, no-cache, no-store
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3755446787584945000V10
timing-allow-origin
*
pragma
no-cache
expires
Mon, 25 Nov 2024 13:58:00 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
content-length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/html
server
Apache
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.128.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-128-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.register-herald.com
access-control-max-age
86400
date
Mon, 25 Nov 2024 13:57:59 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		60 B
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.153.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-153-54.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
bb66884b816f0fa419db6478001343e1f80c8677913267d2d9dd4ed351dbabfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-origin
https://www.register-herald.com
content-length
60
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		65 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=969559708085276&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Cregister-herald.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D914e9ec12accc7b8%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MaCR3zt3_eqxyoIQx3ri7pRQVDvVw&gpic=UID%3D00000f9e7fed464b%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYjC1Vgcb4I1kjEGwaqtccQlagvDw&abxe=1&dt=1732543079829&lmt=1732542835&adxs=1180&adys=2266&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x250&msz=300x-1&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c36&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=slotName%3Dldgr1%26pubDom%3Dregister-herald.com%26atab%3Dtrue%26frstlk%3Dtrue%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=50677592&frm=20&eo_id_str=ID%3D198b0f2cfaa5ce06%3AT%3D1732543079%3ART%3D1732543079%3AS%3DAA-AfjYF2vVyqidWTuiei1C0mUzL
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
ba86232eb923856dd8711dd9fb9656ff8af22de6d387d9091ce7b68cda01ad5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
27537
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=969559708085276&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Cregister-herald.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D914e9ec12accc7b8%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MaCR3zt3_eqxyoIQx3ri7pRQVDvVw&gpic=UID%3D00000f9e7fed464b%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYjC1Vgcb4I1kjEGwaqtccQlagvDw&abxe=1&dt=1732543079832&lmt=1732542835&adxs=840&adys=4849&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x250&msz=300x-1&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c37&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=slotName%3Dldgr4%26pubDom%3Dregister-herald.com%26atab%3Dtrue%26frstlk%3Dtrue%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=4023109604&frm=20&eo_id_str=ID%3D198b0f2cfaa5ce06%3AT%3D1732543079%3ART%3D1732543079%3AS%3DAA-AfjYF2vVyqidWTuiei1C0mUzL
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3e73728650c01917db3ad8d825fe331a4a54de18b578cb31511687888c0999f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
27256
x-xss-protection
0
server
cafe
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Tue, 26 Nov 2024 13:57:59 GMT
access-control-allow-origin
*
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8e8226a92bde39e4-YYZ
access-control-allow-origin
*
content-length
27
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:57:59 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 26EE 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&returnModelList=true&idCopy=true&PageNumber=2&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.208.138.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-138-144.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8f48d97d3112bc9bf95ef0d70d30e7ec78041b3b498251ccd183fb18686139ac
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
9fe889fee7df4b7b8b5f7169b799b406-9c9f5e9176e048fe-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=9fe889fee7df4b7b8b5f7169b799b406,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.1444
x-request-id
abbb6aad
content-encoding
gzip
x-smugmug-values
2/5 - Thrill Our Customers
x-env
a=live, b=www, c=ec58e149, d=i-0a51f58f789e0b098
expires
Mon, 25 Nov 2024 13:57:59 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 13:58:00 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.10.59:2089953
x-frame-options
DENY
x-ttfb-l
33555
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
4471
x-powered-by
SmugMug-API/1.4.0
Server
nginx
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 99CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame AE53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.218.140 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-218-218-140.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 25 Nov 2024 13:58:00 GMT
ETag
"623de86a-cf34"
Expires
Tue, 26 Nov 2024 13:58:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 57A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?us_privacy=1---&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
550
content-type
text/html
date
Mon, 25 Nov 2024 13:57:59 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
getuid
ib.adnxs.com/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		421 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=969559708085276&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Cweatherhousead&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x60&ifi=13&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D376af4b4755ca917%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYFK_zr9M-PZ1Pq2sLVbQhCAO4ndA&gpic=UID%3D00000f9e7ff79d8a%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYTbhTsweBFrRNFzDL1kNLddkNn3g&abxe=1&dt=1732543080151&lmt=1732542835&adxs=133&adys=113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=120x82&msz=95x82&fws=4&ohw=1600&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c38&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D83ef575e-75ed-48ec-b5da-e9c3947d1691%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_weather_120x60_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26fs-auuid%3D26c02c49-59e1-4a12-91e7-f02271ac5cdb%26fsbid%3D0&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=3794124965&frm=20&eo_id_str=ID%3D3c5533e1637cbfab%3AT%3D1732543079%3ART%3D1732543079%3AS%3DAA-AfjaArJBIRMcYZSPnYj_zLXby
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
f8785d8c14f219828047fa9f8a4e2ec05076ec0dffaa7e0f4becd8186e61689c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
142
x-xss-protection
0
server
cafe
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E964 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rtd
id.hadron.ad.gt/api/v1/ 		27 B
105 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8e8226ab8dac39e4-YYZ
access-control-allow-origin
*
content-length
27
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8e8226abadbe39e4-YYZ
access-control-allow-origin
*
content-length
27
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
ads
securepubads.g.doubleclick.net/gampad/ 		416 B
170 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=969559708085276&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Creveal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=14&sfv=1-0-40&rcs=1&ists=1&eri=1&sc=1&cookie=ID%3Dc6e5cfe089b08395%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYety5uR39rDDHxJsBfnK-XJ17AYQ&gpic=UID%3D00000f9e7fd5d40d%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYWtKYRTDDd01d6PFQOzUUOOu1PCg&abxe=1&dt=1732543080279&lmt=1732542835&adxs=805&adys=13026&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=1360x803&msz=1310x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c39&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D74e3c562-4078-4db3-8c5b-143385a2995a%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_reveal%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26fs-auuid%3De3f4f857-4875-47da-933f-4acd3142cd89&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=136573954&frm=20&eo_id_str=ID%3Db04391b864fb8778%3AT%3D1732543079%3ART%3D1732543079%3AS%3DAA-AfjY3todw38mW4oakEHg2el3q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
5ff1a301f86176a7f31075ce1110eb6882126eb79f995467afb938032fafdb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
141
x-xss-protection
0
server
cafe
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6899 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=969559708085276&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Crichmedia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C300x50%7C320x50%7C728x90%7C970x90&ifi=15&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc6e5cfe089b08395%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYety5uR39rDDHxJsBfnK-XJ17AYQ&gpic=UID%3D00000f9e7fd5d40d%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYWtKYRTDDd01d6PFQOzUUOOu1PCg&abxe=1&dt=1732543080373&lmt=1732542835&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=338x-1&msz=300x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c3a&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dba65c231-362f-4ad2-8da1-23925f6d35a1%26floors_id%3Dc300b1%26floors_hour%3D13%26fs_placementName%3Dregisterherald_sticky_footer%26fs_ad_product%3DstickyFooter%26pos%3Dbtf%26fsbid%3D0%26fs-auuid%3D1018dcec-4777-4742-9ae2-6d02f80c1934&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=3620817979&frm=20&eo_id_str=ID%3Db04391b864fb8778%3AT%3D1732543079%3ART%3D1732543079%3AS%3DAA-AfjY3todw38mW4oakEHg2el3q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
79f14035c1ffde2198a718bdf97321fe5a5cbd7effb819e116beb37e4101aea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
15608
x-xss-protection
0
server
cafe
auction
s2s.t13.io/openrtb2/ 		1013 B
418 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
3cb8151ff0ba8eec1d4c9034402ef05a60338f526e8b08dd63d5256c2659cb6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
395
date
Mon, 25 Nov 2024 13:58:00 GMT
x-prebid
pbs-java/3.14.0
content-type
application/json
vary
origin
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543080380&to=480&id5Id=ID5*vkWIZ6t6gKwaIwGu89wfVtD_j27HCvxxntaKtLPc1R3cT4YQYrbyYFIdG4Oxouef&id5IdLinkType=2&aun=_fs-sf-registerherald_siderail_300x600_atf-1&hadronId=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl&id5id=ID5*vkWIZ6t6gKwaIwGu89wfVtD_j27HCvxxntaKtLPc1R3cT4YQYrbyYFIdG4Oxouef&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&tdid=803bc1bf-640b-4350-b48a-c314858948a6&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2F_fs-sf-registerherald_siderail_300x600_atf-1&pv=d6b5d834-ccd2-416a-a83a-e2877ece8f20&maxw=300&maxh=250&si=1106632&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-4-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
57981157c097bbf9a092453252bae197dd73b36bf5543739b9c7dc25b21c0d98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json;charset=UTF-8
server
nginx
pbjs
htlb.casalemedia.com/openrtb/ 		44 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1101657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79377caaa40167fba777f4627f8f5b10a42a3df5be6016f2222fcd59329f76b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZqWSLWPDJgR1TZzeOFr4Nk6Ke%2BsxY97bdjMZ42SEXTghHwXS%2FjKOmZYr2wU%2F29FPuHq7hhSGnkr3KxTPyV6uFUJmzYB%2BnOAJ9UViToAI4f1npIrg7Z6kqNStJhGbpDRI1RNLd1M"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e8226ac7c913a09-YYZ
access-control-allow-origin
https://www.register-herald.com
content-length
7824
server
cloudflare
v1
btlr.sharethrough.com/universal/ 		0
0
openrtb
ex.ingage.tech/v1/ 		1 KB
883 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050cfb1385ae15a7727872bc0280dc3d7404c23bed40d88c52634ebe2ca15f20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e8226ac7c2aaacd-YYZ
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
cdb
bidder.criteo.com/ 		0
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.50.0&cb=12822473137
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:59 GMT
vary
Origin
server
Kestrel
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5437 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events
bidder.criteo.com/csm/ 		0
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:57:59 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
debug
rtd-nx-ny
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8e8226aeaffa39e4-YYZ
access-control-allow-origin
*
content-length
27
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
*
auction
s2s.t13.io/openrtb2/ 		1 KB
433 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
009f81ba78d288f3fa8c0f569d8db876b8d4b3ce2d3d3fb2dfa5cfc32069911d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
410
date
Mon, 25 Nov 2024 13:58:00 GMT
x-prebid
pbs-java/3.14.0
content-type
application/json
vary
origin
openrtb
ex.ingage.tech/v1/ 		1 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e27324c9ac2047b034c08d12e05e9b1329c5fbe17b67e422840221f7586249ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e8226aefe54aacd-YYZ
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
66bccd47a52481685a6ab90d
prebid.cootlogix.com/prebid/multi/ 		0
0
cdb
bidder.criteo.com/ 		0
526 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.50.0&cb=72318886959
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
vary
Origin
server
Kestrel
v1
btlr.sharethrough.com/universal/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1101657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2034af73ee690c0a1e62f96b32611cbde9da88d27bad9adfbfe26d3fa2082a8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=thPbH3doZodp8TfwcJixfi0MrQPejjCyfFSM2oL6UdT6QLxNiNEl9MW%2FPlwhU5je74Vn%2FQA2J1f%2FsK8A5uwm0%2F%2BR1Jrh%2FkESzgBDhQhkXVuYsLj5yoejkr%2BjAaEJ1zfzS4AHSLaJ"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e8226af0eea3a09-YYZ
access-control-allow-origin
https://www.register-herald.com
content-length
38
server
cloudflare
imp
g2.gumgum.com/hbid/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543080787&to=480&id5Id=ID5*vkWIZ6t6gKwaIwGu89wfVtD_j27HCvxxntaKtLPc1R3cT4YQYrbyYFIdG4Oxouef&id5IdLinkType=2&aun=_fs-sf-registerherald_siderail_300x600_sticky_btf_3-1&hadronId=0001yum0eal66iaeaaaf9f79jieca9kiib69gblgkiabackkc2jl&id5id=ID5*vkWIZ6t6gKwaIwGu89wfVtD_j27HCvxxntaKtLPc1R3cT4YQYrbyYFIdG4Oxouef&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&tdid=803bc1bf-640b-4350-b48a-c314858948a6&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2F_fs-sf-registerherald_siderail_300x600_sticky_btf_3-1&pv=d6b5d834-ccd2-416a-a83a-e2877ece8f20&maxw=300&maxh=250&si=1106632&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-4-151.compute-1.amazonaws.com
Software
nginx /
Resource Hash
20878bb44c6b54b6b9b6e1a64e8db6b62680fe2524ef07869593e22f98855495

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json;charset=UTF-8
server
nginx
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bid
ap.lijit.com/rtb/ 		23 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.195.206.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-206-118.compute-1.amazonaws.com
Software
/
Resource Hash
7873fcc3509d539719c9d8a7856b8c40ee620109698fa3f09bb6cbc1a79a3f4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://www.register-herald.com
content-length
23
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
arj
justapinch-com-d.openx.net/w/1.0/ 		191 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.register-herald.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=620315aa-6e00-49b3-a795-aac5ccd2567b%2C2110ed59-9e12-4801-a7e5-5b4fa16ce234&nocache=1732543080870&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!americanhometownmedia.com%2C00021%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_3%2Cahm_widg_id_7&aucs=%2C&auid=544092638%2C544092638
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e92c674e78c0de0e67ac9c38ea950c88943370f41d0c28ac7e0c2a0a30a82691

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=0, no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
177
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
application/json
vary
Accept, Accept-Encoding
server
OXGW/0.0.0
events
bidder.criteo.com/csm/ 		0
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 13:58:00 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:00 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0688 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=969559708085276&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=16&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0d493ee838705116%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MZjkKVR4PgSb_qcwXOQ1_RwV0tZ-w&gpic=UID%3D00000f9e81b2d28b%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MbX9VNRm1g37me49eesnRGtnI0Ebg&abxe=1&dt=1732543081114&lmt=1732542835&adxs=1180&adys=1182&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x622&msz=300x17&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskobZ7WSXdyJHq2GSylInH7QDB-8XaNkFNukMq0XJ-0s2Z6O0BobCHXfUacASelt0R6ScVyzi2Myb1H9ntONKWIbYP7uA%2CAOrYGslSyJeQw_9Q3LNj0ZR-51n8uB60YlKZLf2w1fTEOXUoFlHL1MKwPyu1JYY9e-khakCfOKk-cRAusR13G9f3ofRi5B5dlg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c3b&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D741e9acd-950b-4d23-bd1a-df8d740ff966%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_siderail_300x600_atf%26fs_ad_product%3Dbanner%26fs-sf-uuid%3D0aac82f6-ddd3-4964-ba24-0b785cf5a4ea%26fs-sf-index%3D1%26fs-auuid%3D7d1a239c-ce00-4c9a-8e65-a117c1646461%26fsbid%3Dtimeout%26fspbg%3Dfs_universal%26fs_source%3Dclient%26fs_auction_id%3D9fad2672-279f-4d6b-837d-cb6e6fe5c4d5%26freestar_path%3D%252F%26freestar_domain%3Dregister-herald.com%26custom_bidder_size%3Dix_300x250%26fs_format%3Dbanner%26fs_size%3D300x250%26fs_pb%3D0.03%26fs_adid%3D1629c54af66c5d85%26fs_bidder%3Dix&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=3362696857&frm=20&eo_id_str=ID%3D2d56b13958457bd0%3AT%3D1732543079%3ART%3D1732543079%3AS%3DAA-Afjb6vk2SgnUedD2IOFW8jumy
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
299ca29622562cfb53555095ed6447c02d9f27a422bf2bf96e9015770f28ed62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
27353
x-xss-protection
0
server
cafe
usersync.html
cdn.undertone.com/js/ Frame BF80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-30.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
16337
content-encoding
gzip
content-type
text/html
date
Mon, 25 Nov 2024 09:25:45 GMT
etag
W/"dfe2e64ea592e9005c09a26c7dd96a2f"
last-modified
Mon, 21 Oct 2024 15:26:25 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 145a3c1a881b9a37bb761d4b0890859a.cloudfront.net (CloudFront)
x-amz-cf-id
BN32vOhqhjzMA3VpNHqmLeuYDtWGSShyNlYdIVC_ZHNBS6m9i0xJNQ==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
9oeKiCAhC7EYXxf0SvtBmahBpM5vpgXU
x-cache
Hit from cloudfront
auction_end
pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/ 		60 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4d97a662ad/engagement/trigger/auction_end
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.153.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-153-54.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
bb66884b816f0fa419db6478001343e1f80c8677913267d2d9dd4ed351dbabfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-origin
https://www.register-herald.com
content-length
60
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 118C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3458868517464178&correlator=969559708085276&eid=31081684%2C31088970%2C44782500%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fif&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=17&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D268677094576daf7%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MbqOPnq_weJ8wiQENtij1ylheCJLQ&gpic=UID%3D00000f9e8005179d%3AT%3D1732543079%3ART%3D1732543079%3AS%3DALNI_MYk_iLKHLuuGPiQqvKiQU2P-5UHqg&abxe=1&dt=1732543081522&lmt=1732542835&adxs=1180&adys=10354&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=10&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x622&msz=300x17&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskobZ7WSXdyJHq2GSylInH7QDB-8XaNkFNukMq0XJ-0s2Z6O0BobCHXfUacASelt0R6ScVyzi2Myb1H9ntONKWIbYP7uA%2CAOrYGslSyJeQw_9Q3LNj0ZR-51n8uB60YlKZLf2w1fTEOXUoFlHL1MKwPyu1JYY9e-khakCfOKk-cRAusR13G9f3ofRi5B5dlg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=20679&tan=2111d4f6-c769-4eb5-bd55-82a369714c3c&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732543058077&idt=19749&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D838a2b2f-bcc8-4a68-8dd6-6acc01e02759%26floors_id%3Dlearning%26floors_hour%3D13%26fs_placementName%3Dregisterherald_siderail_300x600_sticky_btf_3%26fs_ad_product%3Dbanner%26fs-sf-uuid%3Df08314ae-afbc-4ccb-8cdf-706fd09e7551%26fs-sf-index%3D1%26fs-auuid%3D229bb892-4c17-44cc-8035-ecb536b2eff9%26fsbid%3Dtimeout&cust_params=fs_session_id%3D2515c977-500e-4a21-9e39-96e1fbc026ce%26fs_pageview_id%3D6ca1ad32e12da5cf9098bf2760cd4a27%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-YY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D17%26fs_clientservermask%3D13012311200111320002202%26fs_testgroup%3Dexperiment%26cc-custom-taxonomy%3D&adks=1676624005&frm=20&eo_id_str=ID%3Dc51bcccc99a7829a%3AT%3D1732543079%3ART%3D1732543079%3AS%3DAA-AfjbEzPXVfLGJxJm9mGpzyVwH
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
f2e9c54edda97bb6454268bb733ea5184f02c1e4956c3ec6063da386f33354bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
6825370033
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 13:58:02 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138497179028
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
19733
x-xss-protection
0
server
cafe
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4BCA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3AEB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 13:57:59 GMT
expires
Mon, 25 Nov 2024 13:57:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:01 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
view
securepubads.g.doubleclick.net/pcs/ Frame 387E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjU17RAEi6tKSLFICP0pKivSZXutdCNjSADhrPhoRgeefJHWfrVEZUkDthZJXN2BZqMUYnqjDLzYVnaymOG11cukP_r-llOV01cxylGhN7AbAwZN5PFvMgoCIAfQtF4C0dnJFOSNQtRdfbG0meb7OuuI4I06IDutXf1awwXYOwg-jfZvTdmO-B4EM1I2QJOHuMBD7LfbV3MM8pwMsZhzFCjgRh_13oYdnqTI7mxZDi0l-f-6zyQNbbqbsRvrA5VQ8KngCq6JtMxpeiPwOXwmf1WRke6FNxY7dSFy2MydGRWkkbsEk0qCYAaCD4_YirwIQspkQtfFMVPMpKQEKgoIKXIdDGmt4PZLg86HEngapMiZRsDogo4hiBQmgVPzkWbMK0vgIpMZeHBeXwmfMNzE3qgvPPreHV5MuGf4xtE1ESy3Se2dJOUsxKErFQP5XeuRx1Kqs4rGL-_y-yeg8&sai=AMfl-YRlXIjve2C23VADpfkTjBGlXI3zB-63sn9yFu8IqoJB81eK0Lx9hVWAXIFbaktosfyFrz63zPOlrWy-sWfWwiB15SMZsUJyBZn7hIViJ-wukUIN2NOQHCFh_EM&sig=Cg0ArKJSzNMaIn-QNsl2EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 13:58:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 387E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
79909
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 15:46:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 24 Nov 2024 15:46:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 387E 		217 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
96
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 14:56:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 13:56:26 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
11720759287746141154
tpc.googlesyndication.com/simgad/ Frame 387E 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11720759287746141154
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f132.1e100.net
Software
sffe /
Resource Hash
8a3d07edaed7c877448706fd0fff8b146093e704f70e6ee636d22a4811ec52fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
6579
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 12:08:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Mon, 25 Nov 2024 12:08:23 GMT
last-modified
Thu, 14 Nov 2024 17:09:28 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
55248
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 387E 		0
0
truncated
/ Frame 387E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7db143cdfe65b77cfa62c402eeb00d009f0584e1a407f42140ebd2fd4852934

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
cm
u.openx.net/w/1.0/ Frame 3C62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
562
content-type
text/html
date
Mon, 25 Nov 2024 13:58:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame 387E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 13:58:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 387E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4DVd9ZSkyDYRz0A1d5CdzG71bo_2khgAwGJdStlA8XyejG68flcQnqKmvY4zQmYbiYdbHCTXJrP68dHF3BULGa9djjyJkEQMQ1rsbXWOG54-L9b8sxato6Fv6lUtAtIsWDqG_wgVrcd0-H2kO-Z8GKlGEDviXkIfxHA6QESX-RmvmC6Tx5T58zPbM4tQUbvluUVLlykthOcVPAhkUe9gL7-XL3yhnnpGo2q6Ae5UkbBQiuxaTs6D86627axhTH3-UaHu-yIhB6-XhUUp0AmrNMq6WoKlZaTe3qz-aAdHv1ZUxxgunOyJcgNZuAO94hzmgSZD07gonvYPcJ64EDcYEDqRc7HTHCNYcTKmF21l4iNxxmIZUZEciLLQ_lVaARPnB9YgM7urGH031wvJoJE_VCy-FOXAsI4OLsHiUHdpr9P7n1RDxh_4lS6Yd5SIetPDMQdkMMcPTQQ-AYulIag&sai=AMfl-YTGxcff9R2seEm6K9HuolA4FuNZRjhduc4E2OeoAG8erwAXhPnsFdoD1OG9wj7MuaIBAjer58eo7QUUVaQ4hHWqQJ2v1_MhlXTpXOtQ5ISI_MpFEo3_hm4Zma4&sig=Cg0ArKJSzG3dYgEbF_ZaEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 13:58:02 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 13:58:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 387E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 13:58:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:02 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
isyn
prebid.a-mo.net/ Frame 034A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
125.253.89.179 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
652
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 13:58:03 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
2
usersync.php
ssp.api.tappx.com/cs/ Frame ECC5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=1---&type=iframe&ruid=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.21.57.33 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.57.21.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 13:58:04 GMT
server
nginx
transfer-encoding
chunked
pd
us-u.openx.net/w/1.0/ Frame 5E64 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
583
content-type
text/html
date
Mon, 25 Nov 2024 13:58:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4bk0v887101457za200zb861227858&_p=1732543061525&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1091792531.1732543063&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&dl=https%3A%2F%2Fwww.register-herald.com%2F&sid=1732543062&sct=1&seg=1&_s=2&tfd=28126
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:58:05 GMT
content-type
text/plain
server
Golfe2
setuid
s2s.t13.io/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=563220&ev=1&us_privacy=1---&gpp=&gpp_sid=&rurl=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpulsepointfsx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gp...
  • https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=2iPwFrOSAWle&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
86 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=2iPwFrOSAWle&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 13:58:05 GMT
content-type
image/png

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://s2s.t13.io/setuid?bidder=pulsepointfsx&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=2iPwFrOSAWle&ev=1&gpp_sid=&gpp=&us_privacy=1---&pid=563220
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-9775cb85-gq8dm
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
server
Jetty(10.0.14)
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=1---
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=M3X3ESS0-1I-3KWU&us_privacy=1---
0
0
liveView.php
live.primis.tech/live/ 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpmMwU0MmA2OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuYMTEyM0IyMwBMnW51rCUlMHt4Ny82NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMmEhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY3NDQ4MwVxYTZvNmUzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTp5NSZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNmMlNTQmMDt2MwA2JaVcZD1TZWgcozRiU1BfYXyypwY3NDQ4MwVxZDZwMTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaJyZ2ymqGVlLWuypzFfZC5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9OTNxN2U4MWNwNGNxOTI5NWUlODI0ZGMmYTAjNmx0MTp=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
UZahTM2lefW8nEQwFjn5YkVNZTyypt91Sqm1RRSz66jCeQn3Snx-eA==
date
Mon, 25 Nov 2024 13:58:06 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
PHL50-C1
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:06 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
1392
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 14:57:58 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
server-timing
cfExtPri
date
Mon, 25 Nov 2024 13:57:58 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC6ZHLbtYerpktu8GT8iO3lUsv0zaIp6ueVIb4qIvH3zdfNOqtamcHIf300qj-zQht6J6MpooXZn6Q
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e8226a01d12ab51-YYZ
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:07 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 13:58:07 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
tattle.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tattle.api.osano.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.236.9.251 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
accept,authorization,content-length,content-type,origin,x-requested-with
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
apigw-requestid
BzlSIinCoAMEaFQ=
date
Mon, 25 Nov 2024 13:58:11 GMT
/
tattle.api.osano.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tattle.api.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.236.9.251 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-amzn-requestid
c942d7a8-21b1-5784-a617-8816a5026082
apigw-requestid
BzlSIh2uoAMEafw=
access-control-allow-origin
*
date
Mon, 25 Nov 2024 13:58:11 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=register-herald.com&p=%2F&u=dF_aWBp_AK4D5fb9f&d=register-herald.com&g=34377&g0=homepage&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=13239&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.register-herald.com%2F&b=20766&t=31KAxDLXHozCsCn21DyDFIXBXL0pf&V=147&tz=480&sn=2&sv=D52GflDTmU4UBsB0u4BdH3aLsCHnU&sr=external&sd=1&im=067b2ffa&_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.235.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-235-4.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Mon, 25 Nov 2024 13:58:12 GMT
pragma
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
liveView.php
live.primis.tech/live/ 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpmMwU0MmA2OSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0kNTQhNDphMTphNDEzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuYMTEyM0IyMwBMnW51rCUlMHt4Ny82NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMmEhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY3NDQ4MwVxYTZvNmUzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTp5NCZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNmMlNTQmMDx0MTQ2JaVcZD1TZWgcozRiU1BfYXyypwY3NDQ4MwVxZDZwMTxzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaJyZ2ymqGVlLWuypzFfZC5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9NmpkNmx4ZzFyNWZuMmyvNmtmMwZuNTt0MTxjZwJyNmY=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.214.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-46.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 5c70ae1eac1857f85c7660495d949094.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
VN9JwIRcz98iDhZP-Ke_d_zwDZEeVCqK6a11k6lsSUthOrElz9QdXg==
date
Mon, 25 Nov 2024 13:58:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
PHL50-C1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/299212e6-fa1d-4b70-9772-18d8398d4bb7
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/d2984a93-a25e-430d-b5d6-d294643bb8ba
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/3c19a4ca-d7d3-426c-a928-94100deb83a7
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/5f3b1c0d-9c35-4563-81d4-b5cf4a1c3100
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/545ff71c-5293-44e0-994e-aec609247824
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/06254738-42b3-4d37-8d1d-f913420ddc21
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/967791ae-fa06-4031-a110-c133eddf7096
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/6158c61d-09e2-44b2-834a-89d11bd3e446
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/abe05761-20d0-45bb-9c93-de115995755b
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/ddcd1810-781c-4cf9-ae5b-b33ded3f3cf1
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/ed291c96-62f3-425c-8d10-08389240fb14
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/0f9e5fd7-b81e-4d55-8604-d1badaf18bab
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/65a7e4b2-336d-4778-880f-e4cfb740f3e3
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/c2cd7aa5-5370-478a-ba70-73983986869d
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/f27fa630-888e-4304-8b86-e5c87e8b6e98
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/5d7a38f7-a083-4588-9d3a-0ba1c2882f44
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/adsid/integrator.json?aos=https%3A%2F%2Fwww.register-herald.com
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/b9ae52cc-a1ae-4982-b8d5-c220c73bb05a
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/ea2a4861-dcae-4d7c-967a-5a0790c86595
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/5bb6d0ed-dbcd-4bb2-848f-69c49eeddfcb
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/092da857-5c17-4285-9d1c-001a20f4946d
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/94a04cf2-7243-413f-a3ce-bba38a5d74ac
Domain
ex.ingage.tech
URL
https://ex.ingage.tech/v1/openrtb
Domain
s2s.t13.io
URL
https://s2s.t13.io/openrtb2/auction
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
ex.ingage.tech
URL
https://ex.ingage.tech/v1/openrtb
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.50.0&cb=99469086866&lsavail=1
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078885&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_siderail_300x600_sticky_btf_3&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_siderail_300x600_sticky_btf_3&maxw=300&maxh=600&si=1106632&pi=3&bf=300x600%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078886&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_siderail_300x600_sticky_btf_3&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_siderail_300x600_sticky_btf_3&maxw=300&maxh=600&si=1106633&pi=3&bf=300x600%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078886&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_desktop_leaderboard_atf&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_desktop_leaderboard_atf&maxw=970&maxh=250&si=1106638&pi=3&bf=970x250%2C728x90&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078886&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_desktop_leaderboard_btf2&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_desktop_leaderboard_btf2&maxw=970&maxh=250&si=1106632&pi=3&bf=970x250%2C728x90%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078886&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_desktop_leaderboard_btf2&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_desktop_leaderboard_btf2&maxw=970&maxh=250&si=1106638&pi=3&bf=970x250%2C728x90%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078886&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_desktop_300x250_btf2&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_desktop_300x250_btf2&maxw=300&maxh=250&si=1106632&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078886&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_mob_300x250_atf&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_mob_300x250_atf&maxw=620&maxh=366&si=1106632&pi=3&bf=620x366%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078887&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_desktop_728x90_btf&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_desktop_728x90_btf&maxw=728&maxh=90&si=1106638&pi=3&bf=728x90&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078887&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_siderail_300x600_atf&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_siderail_300x600_atf&maxw=300&maxh=600&si=1106632&pi=3&bf=300x600%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078887&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_siderail_300x600_atf&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_siderail_300x600_atf&maxw=300&maxh=600&si=1106633&pi=3&bf=300x600%2C300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.50.0&lt=1732543078887&to=480&id5Id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&id5IdLinkType=null&aun=registerherald_desktop_300x250_btf1&id5id=ID5*PG_B2SlQyRKYCUgQcfZW6FLVxtBFILXPHPzDCjH2nKPcT24IOe5C0zGAjFyhSorq&pubcid=e02d1ea1-9b9f-4cb5-838a-0380738ffd70&gpid=%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%2Fregisterherald_desktop_300x250_btf1&maxw=300&maxh=250&si=1106632&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!freestar.com%2C1795%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.register-herald.com%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.50.0%22%7D&ogu=https%3A%2F%2Fwww.register-herald.com%2F&ns=10240
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
bids.concert.io
URL
https://bids.concert.io/bids/prebid
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/a1335fe2-ad35-450f-99bc-fb7b95f3f6af
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
prebid.cootlogix.com
URL
https://prebid.cootlogix.com/prebid/multi/66bccd47a52481685a6ab90d
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPvRG__qtfjLt3C4EgzsNlNrw1Au1Kx8qE0j35LS9CDiEDLxf8IgUfy7FEQ4JdaEAdG_aFQkirce2Ale0VeeliKtVCxg
Domain
s2s.t13.io
URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=M3X3ESS0-1I-3KWU&us_privacy=1---

Verdicts & Comments Add Verdict or Comment

465 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 function| BigInt object| dataLayer function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset function| pageLoaded number| TNCMS_DotConnect_Tile object| TNCMS_Used_Ad object| oReq object| aTemp string| sTemp string| regionType object| poll_config function| bizmarquee object| promo_design_config function| Osano object| regeneratorRuntime function| __uspapi object| flippxp function| admiral object| googletag object| freestar function| TNStats_Tracker object| TNTracker string| adType object| _pubfigInstanceManagerConfig function| handleMessageFromNative object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents object| _sf_async_config function| ta_popupCallback object| analytics object| gaGlobal function| ta_getPaywallDomain function| ta_isMachineIdValid function| ta_createCookie function| ta_createCookieInDomain function| ta_readCookie function| ta_eraseCookie function| ta_eraseCookieInDomain function| ta_checkCookie function| ta_setValue function| ta_getValue function| ta_getCookiesByMatch function| ta_catchEscKey function| ta_releaseEscKey function| ta_onStop function| ta_showContent function| ta_resetInterrupted function| ta_resetInterruptedTimeout function| ta_loaded string| ta_mac_id object| ta_mscript string| paywallScriptSrc string| ta_rnd object| body function| 4dm1r11545242527 function| quantserve function| __qc object| ezt object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext string| sUserId object| pSUPERFLY_mab object| _cbq object| pSUPERFLY string| ta_MACHINE_ID string| ta_sessionString boolean| ta_supportStorages object| ta_configJSON object| ta_rulesJSON object| ta_productTypesJSON object| ta_subscriptionTypesJSON boolean| ta_showWelcomePopupJustOnHomepage number| ta_periodToShow string| ta_showCustomPopup boolean| ta_showLatestPopup boolean| ta_showPaywallPopup boolean| ta_isFreeProduct number| ta_validateRequestStatus string| ta_productType string| ta_userSubscriptions string| pSKValue string| challenge object| ta_MIN_THRESHOLDS string| ta_externalLoginDomain string| NO_COOKIES_POPUP_TRACK_NAME string| PRIVATE_MODE_POPUP_TRACK_NAME string| WELCOME_POPUP_TRACK_NAME string| FIRST_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PRODUCTS_LEFT_POPUP_TRACK_NAME string| ONE_PRODUCT_LEFT_POPUP_TRACK_NAME string| NO_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PAYWALL_POPUP_TRACK_NAME string| ACCOUNT_POPUP_TRACK_NAME string| CLICK_EVENT_TRACK_NAME string| OPEN_EVENT_TRACK_NAME string| CLOSE_EVENT_TRACK_NAME string| LOGIN_EVENT_TRACK_NAME string| LOGIN_SUCCESS_EVENT_TRACK_NAME string| LOGIN_FAILED_EVENT_TRACK_NAME string| LOGOUT_EVENT_TRACK_NAME string| FORGOT_PASSWORD_EVENT_TRACK_NAME string| LOGIN_LINK_TRACK_NAME string| LOGOUT_LINK_TRACK_NAME string| FORGOT_PASSWORD_LINK_TRACK_NAME string| TOKEN_AUTOLOGIN_NAME string| CHANGE_PASSWORD_EVENT_TRACK_NAME string| CHANGE_PASSWORD_LINK_TRACK_NAME string| pubkey_e string| pubkey_m function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| RSAKeyPair function| twoDigit function| encryptedString function| decryptedString number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod string| hex_chr function| ta_rhex function| ta_str2blks_MD5 function| ta_add function| ta_rol function| ta_cmn function| ta_ff function| ta_gg function| ta_hh function| ta_ii function| ta_calcMD5 function| retry function| isIE10OrLater function| detectPrivateMode function| ta_isIE function| ta_isIE7 function| ta_isIE8 function| ta_isIE11 function| ta_setClass function| ta_appendClass function| ta_getComputedStyle function| ta_truncateArticle function| ta_getPreservedImages function| ta_removePreservedImages function| ta_elementThresholdExempt function| ta_fillThreshold function| ta_articleTextCount function| ta_setElementsDisplay function| ta_hideElements function| ta_showElements function| ta_hideArticlePreview function| ta_hideProtectedMedia function| ta_showProtectedMedia function| ta_refundArticle function| ta_allowEscapeKeyIfBlocked function| ta_setClickAction function| ta_setForgotPasswordClickAction function| ta_setChangePasswordClickAction function| ta_isUserLoggedIn function| ta_checkUser function| ta_checkSubscription function| ta_openEedition function| ta_getTrackingParams function| ta_openCookiesNotEnabledPopup function| ta_showCookiesNotEnabledPopup function| ta_hideCookiesNotEnabledPopup function| ta_openPrivateModePopup function| ta_showPrivateModePopup function| ta_hidePrivateModePopup function| ta_openWelcomePopup function| ta_openPaymentAlertPopup function| ta_showPaymentAlertPopup function| ta_openProductsLeftPopup function| ta_openPagesLeftPopup function| ta_showPagesLeftPopup function| ta_showPaywall function| ta_showPopup function| ta_hidePopup function| ta_hidePaymentAlertPopup function| ta_hidePagesLeftPopup function| ta_hidePaywall function| hideAllPopups function| ta_pageReload function| ta_resetUserStatus function| ta_logout function| ta_callAfterLogoutCallback function| ta_stripToken function| ta_appendURLParam function| ta_removeQueryToFragment function| ta_getCallBackHome function| ta_appendBackground function| ta_appendInvisible function| ta_getLoginTable function| ta_fixIFrameHeight function| ta_getForgotPasswordTable function| ta_getChangePasswordTable function| ta_removeWrongLoginText function| ta_appendCookiesNotEnabledPopup function| ta_appendPrivateModePopup function| ta_appendPagesLeftPopup function| ta_appendPaywall function| ta_appendPaymentAlertPopup function| ta_loadNMUrlInIFrame function| ta_getExternalLoginLink function| ta_getExternalLogoutLink function| ta_openExternalLoginLink function| ta_openExternalLogoutLink function| ta_showLoginFormInPopup function| ta_refreshButtonsActions function| ta_showLogoutLinkInPaymentAlertPopup function| ta_showForgotPasswordFormInPopup function| ta_showChangePasswordFormInPopup function| ta_accountOptions function| ta_account function| ta_showAccountPopup function| ta_showSingleCreditButton function| ta_showPeriodCreditButton function| ta_createCORSRequest function| ta_hideForgotPasswordSubmitButton function| ta_showForgotPasswordSubmitButton function| ta_forgotPassword function| ta_forgotPasswordRequest function| ta_hideChangePasswordSubmitButton function| ta_showChangePasswordSubmitButton function| ta_changePassword function| ta_changePasswordRequest function| ta_hideLoginSubmitButton function| ta_showLoginSubmitButton function| ta_login function| ta_makeLoginRequest function| ta_checkToken function| ta_sendPostMessageLog function| ta_reloadWithoutToken function| ta_loginSuccess function| ta_makeLogoutRequest function| ta_makeAutoLogoutRequest function| ta_makeUserValidateRequest function| ta_makePagesRequest function| ta_validateContent function| ta_validateContentWithProductType function| ta_isHomepage function| ta_readMetaTag function| ta_getProductType function| ta_getMAX_THRESHOLDS function| ta_getMIN_THRESHOLDS function| ta_getFirstTimeNotFree function| ta_isAlreadyVisited function| ta_appendPageURL function| ta_isLocalStorageSupported function| ta_updateAccountButtonText function| ta_paywallSetup function| ta_storeLocally function| ta_getLocalValue function| ta_removeLocalValue function| ta_paywallRefresh function| ta_makeDoubleDelegate function| ta_openPaywall object| popups_style string| text function| ta_externalLoginIFrameOnLoad function| getIFrameByEvent object| ta_ga4_tracking_ids function| ta_gtag string| params object| gaplugins object| gaData number| ap_set_scroll number| ap_scroll_distance object| ap_popup_img function| ap_scroll_div function| ap_stop_scroll function| ap_create_popup_img function| ap_link_hover function| ap_get_popup function| ap_move_popup function| ap_hide_popup function| ap_show_popup function| removeDivIfAdListNotExists object| sifi_att_42656 function| postscribe object| google_tag_manager_external object| _snup function| ahmsll_release boolean| ahmsll number| ahmsllfail string| ahm_tvx_placeId string| ahm_tcx_siteId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sPlayer string| ahm_tdx_sURL object| sRotd string| myPropertyId object| clientSettings object| confiant object| viewPortSize number| sekindoDisplayedPlacement function| constructsekindoParent951 object| ahmpb number| google_global_correlator object| fsprebid object| premium_text_ads function| shuffle string| adExists string| backgroundColor string| primaryColor string| secondaryColor string| tertiaryColor string| moreText number| numberToDisplay string| headerText boolean| boldFirstLine boolean| showWrapper object| accordionAds object| fsprebidChunk object| _pbjsGlobals object| mnet function| loginButtonLink function| subscribeButtonLink function| gamesButtonLink function| cookiePref object| gptAdSlots function| dmpAction function| stick_in_parent function| tntDmpReactiveLotame function| tntDmpReactiveSegment object| digits object| ggeac object| google_js_reporting_queue object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| _cb_shared object| litHtmlVersions object| pubgroup_config function| initActiveTab object| activeTab object| ahm_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart object| google_reactive_ads_global_state object| google_tag_topics_state function| load_script function| _hadron object| edktInitializor function| pubHadronCb object| Criteo number| google_unique_id number| ahm_stacktime object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| ahmpbChunk

176 Cookies

Domain/Path Name / Value
.smartadserver.com/api Name: pid
Value: 5816107978324444555
.register-herald.com/ Name: osano_consentmanager_uuid
Value: 774e10e3-c593-48ce-a1b6-526e214e3d3b
.register-herald.com/ Name: osano_consentmanager
Value: DxpE8Z63Xy0JpBU05RjPR8PAD4CXL0KEidk9mKun7aIDAykUUlTUJZDkvq0ukP6g9TluwDrDUhSfCzMYtAxImOO_5VaC9fHkXZ744iLmt7p1IoM9CDACfRC8HPnNQnpkPZIx4hvtnLjfx3nD_RNBrHGA9MLoTmXOVQzTmWPxo_UnlU24EeCvKSZfOb7AAGyuzEtnG-yJnZ9kvy42eV9vRgiYaSrG_rMQV8_21uKQmAAYiAKmLyGJ1uW9xb6OXwF5A0gkQg3iUaqixPFEa8VrOBFE0nzQ4_jUd8kmh1JERHgy6YCCnJ3mfwweLfsIal14oym8stvHLAs=
www.register-herald.com/ Name: flipp-uid
Value: 93d4dd02-d69e-4beb-a312-0fd0dccc604e
.p.flipp.com/ Name: gid
Value: "H/RB7QABZndgXliLDL1SZA=="
.register-herald.com/ Name: _ga_7YYJFLQXWS
Value: GS1.1.1732543062.1.0.1732543062.0.0.0
.rlcdn.com/ Name: rlas3
Value: oyOyhbDOjKZ2PY3xEuHx3x9uslrX8YWKzFy5rOmw924=
.register-herald.com/ Name: _ga_D4QVJDNBRB
Value: GS1.1.1732543063.1.0.1732543063.0.0.0
.rlcdn.com/ Name: pxrc
Value: CNaEkroGEgUI6AcQABIFCOhHEAA=
.register-herald.com/ Name: ta_MACHINE_ID
Value: 37dc703a049847d0cb446ea6104f3e65
.pippio.com/ Name: did
Value: mAur0sxtm151Rt_Y
.pippio.com/ Name: didts
Value: 1732543063
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.register-herald.com/ Name: ajs_anonymous_id
Value: 635b19a0-bbc5-4a62-90de-982611d6329b
www.register-herald.com/ Name: ta_cookiesTest
Value: 1
www.register-herald.com/ Name: ta_vl
Value: 1
www.register-herald.com/ Name: ta_interrupted
Value: 0
.register-herald.com/ Name: _ga
Value: GA1.2.1091792531.1732543063
.register-herald.com/ Name: _gid
Value: GA1.2.735156526.1732543064
.register-herald.com/ Name: _dc_gtm_UA-3850501-28
Value: 1
.register-herald.com/ Name: _dc_gtm_UA-2313981-1
Value: 1
www.register-herald.com/ Name: ta_ss
Value: a5f4003d908041999984b19a31d9c49f
.quantserve.com/ Name: mc
Value: 67448258-bff8f-bd051-277a8
.register-herald.com/ Name: __qca
Value: P0-2072807851-1732543064678
.simpli.fi/ Name: suid
Value: 0390DDFFEEB549E7815362860838A5A6
.primis.tech/ Name: csuuid
Value: 6744825da6b75
www.register-herald.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: i
Value: 044c8be1-2336-456b-8cd2-cb203f4efbde|1732543070
.casalemedia.com/ Name: CMID
Value: Z0SCXkt3uW0AAEAhAmWx9gAA
.casalemedia.com/ Name: CMPS
Value: 152
.casalemedia.com/ Name: CMPRO
Value: 152
.yellowblue.io/ Name: wrvUserID
Value: TpJT5qfrkp_s
.3lift.com/ Name: tluidp
Value: 1159805321925012985558
.3lift.com/ Name: tluid
Value: 1159805321925012985558
.rubiconproject.com/ Name: khaos
Value: M3X3ESS0-1I-3KWU
.rubiconproject.com/ Name: khaos_p
Value: M3X3ESS0-1I-3KWU
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDID
Value: 803bc1bf-640b-4350-b48a-c314858948a6
.bidswitch.net/ Name: tuuid
Value: 76583ff2-919f-467a-bbbf-23cce8b35dc2
.bidswitch.net/ Name: c
Value: 1732543070
.bidswitch.net/ Name: tuuid_lu
Value: 1732543070
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmT8sFCYf_67tLaayjqzXk9wD5LrNZxejxQq_cMQSxIw6bPUaBDdQJgRBMvl7o
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1732543070595
.intentiq.com/ Name: intentIQ
Value: mCvAtYKLF4
.go.sonobi.com/ Name: __uis
Value: 4b0bb237-6f78-4d10-9019-e106395843d6
.go.sonobi.com/ Name: HAPLB8G
Value: s85185|Z0SCY
.contextweb.com/ Name: V
Value: 2iPwFrOSAWle
.contextweb.com/ Name: VP
Value: part_2iPwFrOSAWle
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c41e4d22223ac646
.admanmedia.com/ Name: admtr
Value: 62dd1df3-1bae-4374-a3d4-c172d32d7575
.admanmedia.com/ Name: ac_r
Value: CS116
.sharethrough.com/ Name: stx_user_id
Value: dc2f70f1-9ef2-4c3b-9475-5e5c0c68b255
.adform.net/ Name: uid
Value: 718481968312153848
.yahoo.com/ Name: A3
Value: d=AQABBF-CRGcCEDubEyC_V7Csci6r-nQRq3YFEgEBAQHTRWdOZyXaxyMA_eMAAA&S=AQAAAt1n7GIImLVZqshVPBMVAo4
.tremorhub.com/ Name: tvid
Value: 0f82447de7ad4ba684e92174035abd69
.analytics.yahoo.com/ Name: IDSYNC
Value: 19du~2m11
.tremorhub.com/ Name: tvssa
Value: 1732543071642
www.register-herald.com/ Name: _lr_retry_request
Value: true
www.register-herald.com/ Name: _lr_env_src_ats
Value: false
.media.net/ Name: data-ris
Value: {{APID}}~~25
.ads.stickyadstv.com/ Name: UID
Value: b124a91183fd2df8ff27d84ed248b42d
www.register-herald.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22803bc1bf-640b-4350-b48a-c314858948a6%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222024-10-25T13%3A57%3A51%22%7D
www.register-herald.com/ Name: pbjs-unifiedid_last
Value: Mon%2C%2025%20Nov%202024%2013%3A57%3A51%20GMT
.kueezrtb.com/ Name: vdz_sync
Value: da3a229b-175c-dc4c-1a9e-b1218dd9c244
.turn.com/ Name: uid
Value: 8433961793956537802
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2a2e1de1-9e1d-49fb-9405-e8c4e3a9f226-005%22%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 700deaa9991415129ed021fb4493e161
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQMDcwSElNTLS0tDQ0MTQ1NLJMTTEwMkxLMjGxNE41NDNkAIJ0l6ZEBgQAAD%2FtCdg%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBId2lKZIADABNrAY8%3D"
.register-herald.com/ Name: panoramaId_expiry
Value: 1732629473147
.register-herald.com/ Name: _cc_id
Value: 700deaa9991415129ed021fb4493e161
.lijit.com/ Name: ljt_reader
Value: JueFALZHiy0g6kjGSnWEugEv
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 34812312-7FEA-40EE-8169-82968C8EFC89
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMljycynfEGooX_MjFRlcZs&KRTB&16514-CAESEMljycynfEGooX_MjFRlcZs&KRTB&23025-CAESEMljycynfEGooX_MjFRlcZs&KRTB&23386-CAESEMljycynfEGooX_MjFRlcZs
.pubmatic.com/ Name: PugT
Value: 1732543072
.ingage.tech/ Name: instUid
Value: 98590d07-776e-47ae-8238-0de9e797c01f
.ingage.tech/ Name: __cf_bm
Value: uskkOiagRF.ZfcLw3SLKev8cxrUdlciHD_BzE8N3ny8-1732543074-1.0.1.1-IgVGtd8DPaipoGe0.MEu1Iyq6qnVJsWhmepS2Mkv15wnacZvzeHCowU2f4Rsk1Y51C90RMJZ22OdSSa7jG_Tyg
.pub.network/ Name: _fsuid
Value: 4bb5e86e-89bb-442e-a0c5-b980d2167581
.photos.register-herald.com/ Name: Sreferrer
Value: https%3A%2F%2Fwww.register-herald.com%2F
.register-herald.com/ Name: _gat
Value: 1
.register-herald.com/ Name: _cb
Value: dF_aWBp_AK4D5fb9f
.register-herald.com/ Name: _chartbeat2
Value: .1732543077542.1732543077542.1.D52GflDTmU4UBsB0u4BdH3aLsCHnU.1
.register-herald.com/ Name: _cb_svref
Value: external
.register-herald.com/ Name: usprivacy
Value: 1---
.register-herald.com/ Name: tncms_csrf_token
Value: dfacecad9187f8727ff171a9631ef67c553d4e6e2a8cfafccd063ce071bfa67e.3d5163d64c6a4a570ea3
.33across.com/ Name: check
Value: true
.media.net/ Name: visitor-id
Value: 3755446787584945000V10
.media.net/ Name: data-pri
Value: 6744825da6b75~~34
.register-herald.com/ Name: _ga_JD3VHQYLPF
Value: GS1.2.1732543078.1.0.1732543078.0.0.0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVVjlDQzJs
.intentiq.com/ Name: IQPData
Value: 2586775849#1732543078570#0#1732543070580
.ccgateway.net/ Name: ccuid
Value: c15746b1-23cd-48e9-90e6-22b101fa088e
.photos.register-herald.com/ Name: _sp_ses.1e80
Value: *
.photos.register-herald.com/ Name: _sp_id.1e80
Value: 7d1cdb29-1078-48af-94a9-6e6c79aa6f25.1732543079.1.1732543079.1732543079.0c508895-5945-4e53-9e70-ede85915605d
.photos.register-herald.com/ Name: SMSESS
Value: 1b915492f5f52baa2701d6bd8a887286
.register-herald.com/ Name: _awl
Value: 2.1732543078.5-e0c9a0b8c72706393b72c687594ff7a5-6763652d75732d63656e7472616c31-0
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.id5-sync.com/ Name: id5
Value: e0e15952-95a9-77fe-a146-d94aa5f753ae#1732543073044#2
.smugmug.com/ Name: sstrack
Value: 3070a378-b653-45cf-9b68-a8578d37ba88
.ingage.tech/ Name: cookieRegion
Value: wdc
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.gumgum.com/ Name: vst
Value: u_9052e4e3-9522-4205-ae38-1d582a4676af
.media.net/ Name: data-exp
Value: setstatuscode~~1
.media.net/ Name: data-g
Value: CAESEBm-KAUP0Jm-AhxnHzipPqQ~~6
.criteo.com/ Name: cto_bundle
Value: jVDGPV80U3ZlalVKbU4zS3pUUGdXQkNJbDJaWExPUWdaVTM1cTJOT3pNWFhzbnc0MVBEOE81SG4wMlR2bE5jJTJCcVAyMDBrWFZHUjcxSDJxS0VtSDFtVzlmQ1V2ZmVwRXFrZDhiNVIwSTk5dDNjcSUyQnBHdXc3ZUZPS24lMkZLWEg4YSUyQk94UnM5
.acuityplatform.com/ Name: auid
Value: 1124812693063
.mediago.io/ Name: __mguid_
Value: e94ce74f4cedd5b028qx3n00m3x3f139
.tapad.com/ Name: TapAd_TS
Value: 1732543081114
.tapad.com/ Name: TapAd_DID
Value: e04afecb-f80c-40a7-b01d-f3e1a82975ad
.pubmatic.com/ Name: SyncRTB4
Value: 1733702400%3A201_220
.pubmatic.com/ Name: pi
Value: 160318:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
gtrace.mediago.io/ Name: cst_70
Value: ts=1732543081
.quantserve.com/ Name: sp
Value: CggI2WUSAxD9DQ==
.register-herald.com/ Name: __gads
Value: ID=a89d25bdfe811499:T=1732543079:RT=1732543079:S=ALNI_MZyLLNu-I1a6w41rrwnfYSeHwf42Q
.register-herald.com/ Name: __gpi
Value: UID=00000f9e821cc99d:T=1732543079:RT=1732543079:S=ALNI_MbW9cMDHKw-jP7SrxwsG1T0JLvoTw
.register-herald.com/ Name: __eoi
Value: ID=04fc7025302daccc:T=1732543079:RT=1732543079:S=AA-AfjaL-dSaT57jN5agJJILvUNx
.mxptint.net/ Name: mxpim
Value: R33645_11F8D5D7B_378CEBA7.1.67448269
.server.cpmstar.com/ Name: USER_ID
Value: %8e%1c%bcSR*%b0%ed%a3%f6%81o%c0%f5%ab
.acuityplatform.com/ Name: bv-812670
Value: MTY4NDQ5MHwwfDR8M3wyMDAwNDA4OHwwfDJ8MHwwfDd8Mnx8fHwwfDB8MHwwfHx8aGRQbVlDT2UxMDkwUkxWV3JTSGFEZ3w3fDF8MTEyNDgxMjY5MzA2M3w2ODY3NDk3MDd8MHwwfHx8MjU4Njc3NTgwOHwwfDExMTAzNTgwOTh8LTEwMjk3NzYzNDN8MHwwfDF8MHwxfHwwfHxDQU58T058VE9ST05UT3wxODI4fHZhLWJkci0wMDRfMTczMjU0MzA4MTY0MV8xNzMzODc1MTMzNjYxfDE5NDA3Mnx8NjIyMnw3Nzc0fDIxMjAyfDkzNzgwfDU3NDM0fDB8NzE0NnwxMDcyODd8MHwwfHB1Yi03MzI3NjYyNDA4MzAzMTU2fHwwLjB8MjMsMjYsMTIsMTV8MnwwfDB8MHwxOTM2MzlkNmU3OQ
.register-herald.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1732543062.1.1.1732543082.40.0.0
.w55c.net/ Name: matchgoogle
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: abnt6ZaxlqLlnJVsPTan646nD2bUoZbCg1wZcXrrVQSJ40dngZaV2ZcTVjo0XfpudVJ04bwW5usZcSZbyFWqbSpdgncj6eSlOZcf
.exelator.com/ Name: EE
Value: "364111edee11ebf03eb75883596c906d"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHYzMTQ0DA1JTUVSCalGRinJpmbWlgYm1qaJVsamKUsLkstWrC0tDg1JenQkoqckpym1WXxoY7xbo6%252Bnj6Ry5wzivJzU1eAhcJcgxYbGhsuyS%252FKTF%252Fk7Li4KCWNYVFJ8angkxvPAwCUBSqr"
.w55c.net/ Name: wfivefivec
Value: OZXNvKBO1TfzBg5
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjWvu2J_djGPRAFOAFaB3Npcm5zdmdgAg..
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7933
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22410E2504-C265-4936-047B-6FB41F21D201%22%7D
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBNjT6jXVzZXJNYXRjaGluZ0lkJAKAkWxhc3REcm9wVGltZU1pbGxpcyUBSVhzVnOymGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMhj3RoaXJkUGFydHlVc2VySWQh+4ExN/pCJKJDJQFJWHNWc7JEIUUh+4Ay+kLEQyUBSVhzVnOyRCFFIfuBNzD6QiQCjEMlAUlYc1ZzskQhRSH7gTQw+kIkAZBDJQFJWHNXCrxEJQFJWHNXCrxFXzM2NDExMWVkZWUxMWViZjAzZWI3NTg4MzU5NmM5MDZk+/uGdmVyc2lvbsL7
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A7383815716653064772
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12DTBNdY5yKo0oNooyzfTPMg7IM_OsTAcA2G8sTx4AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjMxNjYyNzQ1NDM0NTU1MjcxNBLiM9TNMTEwzopwcXIq8S8HAL8HLfwlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjMxNjYyNzQ1NDM0NTU1MjcxNBLiM9TNMTEwzopwcXIq8S8HAL8HLfwlAAAA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bf02db40-4ee5-5757-5e71-752155e32311.nuVdo5K3ZhoZYC4QEht3N01N9FY%2BQK8uPoDQJMsK0jQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bf02db40-4ee5-5757-5e71-752155e32311.nuVdo5K3ZhoZYC4QEht3N01N9FY%2BQK8uPoDQJMsK0jQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvwLbQE7lV1decXUhVeMjEZovESk.wjDU0S37jE%2FDQbEiy8KNicZ7kk8uFbXen57J35sI%2BOw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvwLbQE7lV1decXUhVeMjEZovESk.wjDU0S37jE%2FDQbEiy8KNicZ7kk8uFbXen57J35sI%2BOw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINb80PEcZzyaSHd3zGAs06Qw7WfU5EZ22vRgwef3UnHfEGcYBCDrhJK6BjABOgSAOSS3QgS1b4sR.X4qCioRVOCLFqC%2FI7yUyFR3ahngptoXtvPXScuNVd1M
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINb80PEcZzyaSHd3zGAs06Qw7WfU5EZ22vRgwef3UnHfEGcYBCDrhJK6BjABOgSAOSS3QgS1b4sR.X4qCioRVOCLFqC%2FI7yUyFR3ahngptoXtvPXScuNVd1M
.temu.com/ Name: __cf_bm
Value: 9nbmW6k9o8JOc5FI0zZMDphDlYO2j8fmCn8YsEaK33o-1732543083-1.0.1.1-FAh7BixcsML7WIL66Q42jOhEGcjhMj.IeeVtGWfWb8LYe18fkpQhzaMuJbqANYFfin6gZJD3CYDF79F41swNgA
.pangle-ads.com/ Name: _pangle
Value: 2pLQshnntnL7oKtYlRgsP63tKfI
.undertone.com/ Name: UID_EXT_47
Value: M3X3ESS0-1I-3KWU
.undertone.com/ Name: UID_EXT_46
Value: 803bc1bf-640b-4350-b48a-c314858948a6
.undertone.com/ Name: UTID
Value: 85842854cd1e48afbc7d3b9394e3b10c
.undertone.com/ Name: UTID_ENC
Value: 7wk7mra3jp9ahjrciog49zrws
.a-mo.net/ Name: amuid2
Value: ac9005be-b4e3-47da-9faf-c1df782afc4a
.a-mo.net/ Name: pamuid2
Value: ac9005be-b4e3-47da-9faf-c1df782afc4a
.prebid.a-mo.net/ Name: psd_amuid2
Value: ac9005be-b4e3-47da-9faf-c1df782afc4a
.prebid.a-mo.net/ Name: sd_amuid2
Value: ac9005be-b4e3-47da-9faf-c1df782afc4a
.openx.net/ Name: pd
Value: v2|1732543080.2.2|iKvPvMgakWgy.mmbwuYhEg2f8.g6wvwVmKvJeSvuvRwiwI
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12DTBNdY5yKo0oNooyzfTPMg7IM_OsTA_iNTQ3NjI1MTawMDYyMtvFiOCbGJtavmJElQcAw1PQsE0AAAA
.tappx.com/ Name: TXUSERID
Value: c2d650ee-f65f-4b1b-8a97-4f566356270ef1a
.tappx.com/ Name: TXCD
Value: 1732543084
.ads.pubmatic.com/ Name: KCCH
Value: YES
.ipredictive.com/ Name: cu
Value: bc2c68be-618e-42a7-9573-a198ffe9c24f|1732543084839
.bidr.io/ Name: bitoIsSecure
Value: ok
.contextweb.com/ Name: ccpa
Value: 1---
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1uyw|8rT.0.1|8i8.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1uyw|8rT.0.1|8i8.0.1
.tappx.com/ Name: TXCSDMN_13
Value: JueFALZHiy0g6kjGSnWEugEv
s2s.t13.io/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJwdWxzZXBvaW50ZnN4Ijp7InVpZCI6IjJpUHdGck9TQVdsZSIsImV4cGlyZXMiOiIyMDI0LTEyLTA5VDEzOjU4OjA1LjYzMDQ2OTEzWiJ9LCJ0YXBweCI6eyJ1aWQiOiJjMmQ2NTBlZS1mNjVmLTRiMWItOGE5Ny00ZjU2NjM1NjI3MGVmMWEiLCJleHBpcmVzIjoiMjAyNC0xMi0wOVQxMzo1ODowNC40Mzk0Mzc5MzJaIn0sIm1lZGlhbmV0Ijp7InVpZCI6IjM3NTU0NDY3ODc1ODQ5NDUwMDBWMTAiLCJleHBpcmVzIjoiMjAyNC0xMi0wOVQxMzo1ODowMC4wOTQ4OTM2ODdaIn0sIm9wZW54Ijp7InVpZCI6ImVlM2UzYjc3LTMzMmUtNDk3NS1iZDg4LWMzZGRkYTMyMGFhZSIsImV4cGlyZXMiOiIyMDI0LTEyLTA5VDEzOjU4OjAzLjMxNDAxMDIyM1oifSwidW5kZXJ0b25lIjp7InVpZCI6Ijd3azdtcmEzanA5YWhqcmNpb2c0OXpyd3MiLCJleHBpcmVzIjoiMjAyNC0xMi0wOVQxMzo1ODowNC4wMTM4NDgyMjFaIn19fQ==
.tappx.com/ Name: TXCSDMN_28
Value: 1159805321925012985558
.33across.com/ Name: 33x_ps
Value: u%3D212894104816987%3As1%3D1732543085799%3Ats%3D1732543085799
.bidr.io/ Name: bito
Value: AAlxtU7OiQUAABaI8f5cOw
.tynt.com/ Name: uid
Value: 3nL6n2dEgm2qTujYdZodvg==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1732543085962%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1732543085962%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1732543085962%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1732543085962%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1732543085962%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1732543085962%7D%5D
.rubiconproject.com/ Name: audit_p
Value: 1|aJVGNtuX8ujwTeZ4GPVI1DMqQQy4Z82+j0kbv0DGJu1IuB5aVrQ5+i7vfXt4HDSRkURCkCSs8dckEa5N2k7U1SEEFoCDRlfY/7aCjgmMzEV2b4Yjeos0reXJgMYu/vVdaPPeOixKWntpJMsHZQ8b+85PdEegGA9+/Vtt7hKIOSQ=
.rubiconproject.com/ Name: audit
Value: 1|aJVGNtuX8ujwTeZ4GPVI1DMqQQy4Z82+j0kbv0DGJu1IuB5aVrQ5+i7vfXt4HDSRkURCkCSs8dckEa5N2k7U1SEEFoCDRlfY/7aCjgmMzEV2b4Yjeos0reXJgMYu/vVdaPPeOixKWntpJMsHZQ8b+85PdEegGA9+/Vtt7hKIOSQ=

3 Console Messages

Source Level URL
Text
javascript warning URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/js/advertiserwidget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.register-herald.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3878ca78b457f128e3dace109a7bb8ed.safeframe.googlesyndication.com
a.pub.network
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
analytics.google.com
ap.lijit.com
api.floors.dev
api.rlcdn.com
api.segment.io
bandborder.com
bh.contextweb.com
bidder.criteo.com
bids.concert.io
bloximages.chicago2.vip.townnews.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
casmp.adperfect.com
cdn-gateflipp.flippback.com
cdn-resources.prfct.cc
cdn.confiant-integrations.net
cdn.segment.com
cdn.smugmug.com
cdn.undertone.com
cm.adform.net
cm.g.doubleclick.net
cmp.osano.com
consent.api.osano.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
csync.loopme.me
d.pub.network
d1gzrgn7m19oq9.cloudfront.net
eb2.3lift.com
ex.ingage.tech
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
interactives.ap.org
japfg-trending-content.appspot.com
js-sec.indexww.com
justapinch-com-d.openx.net
lb.eu-1-id5-sync.com
lexicon.33across.com
lh3.googleusercontent.com
live.primis.tech
match.adsrvr.org
match.sharethrough.com
mb9eo.publishers.tremorhub.com
optimise.net
p.flipp.com
pa.openx.net
pagead2.googlesyndication.com
pb-ing.ccgateway.net
pb-rtd.ccgateway.net
photos.register-herald.com
photos.smugmug.com
ping.chartbeat.net
pippio.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid.a-mo.net
prebid.cootlogix.com
pubads.g.doubleclick.net
qsearch-a.akamaihd.net
register-herald-cnhi-pw.newsmemory.com
rtb.primis.tech
rules.quantcount.com
s2s.t13.io
secure.quantserve.com
securepubads.g.doubleclick.net
sentry.io
ssbsync-global.smartadserver.com
ssp.api.tappx.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.cnhionline.com
static.criteo.net
stats-new.smugmug.com
stats.g.doubleclick.net
sync.1rx.io
sync.cootlogix.com
sync.ingage.tech
sync.intentiq.com
sync.kueezrtb.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tattle.api.osano.com
td.doubleclick.net
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
video.primis.tech
www.americanhometownmedia.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.justapinch.com
www.register-herald.com
www.smugmug.com
x.bidswitch.net
api.rlcdn.com
bidder.criteo.com
bids.concert.io
btlr.sharethrough.com
c.amazon-adsystem.com
csync.loopme.me
ex.ingage.tech
g2.gumgum.com
ib.adnxs.com
js-sec.indexww.com
prebid.cootlogix.com
pubads.g.doubleclick.net
s2s.t13.io
www.google.com
www.register-herald.com
104.16.133.24
104.18.21.206
104.18.24.111
104.18.26.193
104.18.27.193
104.18.27.216
107.178.254.65
108.138.127.68
108.138.128.51
125.253.89.179
13.224.214.117
13.224.214.13
13.224.214.46
13.226.34.100
13.249.86.140
130.211.10.17
134.122.16.152
141.95.98.64
142.250.31.155
142.250.31.156
142.251.16.157
142.251.163.155
142.251.167.132
142.251.167.139
142.251.167.153
142.251.167.94
142.251.167.95
147.182.139.208
162.19.138.118
172.253.122.100
172.253.122.156
172.253.122.94
172.253.122.97
172.253.62.132
172.253.62.154
172.253.62.157
172.64.144.166
172.67.23.234
18.164.114.179
18.164.116.119
18.238.4.109
18.238.4.65
18.238.43.160
18.238.49.30
18.238.55.81
192.104.182.209
192.184.68.254
216.17.34.108
23.105.14.100
23.205.106.187
23.205.8.126
23.218.218.140
23.221.136.32
23.62.164.208
23.62.168.32
3.168.102.109
3.168.102.41
3.168.102.42
3.171.139.111
3.208.138.144
3.81.174.250
34.107.140.113
34.111.152.239
34.120.58.62
34.160.128.112
34.160.152.31
34.195.206.118
34.200.16.169
34.200.45.67
34.21.57.33
34.236.9.251
34.36.214.49
35.163.144.222
35.186.247.156
35.211.202.130
35.244.154.8
35.244.159.8
35.244.193.51
35.245.15.98
35.85.88.45
37.157.6.237
44.237.153.54
52.223.22.214
52.223.40.198
52.45.244.46
52.5.4.151
54.173.235.4
54.69.128.49
54.82.174.208
63.251.28.210
69.147.65.251
69.173.146.5
69.194.240.13
69.194.242.12
74.119.117.4
74.119.117.47
74.214.194.131
80.77.87.163
98.85.131.250
0093f277ed1defd462bf111a42834d6f496b11ccbdc9c725947bcc1a0b490371
009f81ba78d288f3fa8c0f569d8db876b8d4b3ce2d3d3fb2dfa5cfc32069911d
01222fea6095f69e5d9a8c3d696f5c06ecbdf1295e98d0ccc148ef58a585e048
018245d6042d05a2c78fd3580019f9cddd1ca43a48e88a4d3c01cc5c002bc0d8
043a4266d387998ff529d09093801ee8f2a4eba2914107912ba047638e8f4077
050cfb1385ae15a7727872bc0280dc3d7404c23bed40d88c52634ebe2ca15f20
0541ac764cbea52ad791c281f52962647fbf48c1c90d3ef8039d727b0358c5ec
0566ab5a1c307689aed1e5a7dd090fe8b8efefa171ddd669928152c2b68f6386
05a2e11ca7eec8c417502083be1f1ab4739d7e88b9cf694fc7ad5a69195603c0
06387490c83a22e6ea8ce6eded7b073e8469bc46afa2be75e9afc416c6d0d4fe
0693bf82a6c3cfc499b9316adb25202beec3c702a832a82753495a8d37821ad8
0764d7cc1d17ec277c8fdf2adbfcdde490ec9162afbe82665f5955b5bcd406a3
08c9169c2b7794bd05638c48d359e14f040e1129328b45836d4266ff6050ab3f
0a5373aa300072621c7944345101c731b0942f4beb48f016c2056d413bd9fab9
0c7022ddfd84afc521829b11f2f431dcb7e09af529d7f78e6a3f1c94722ae5ae
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
0e582c8d9663e8e9639f7bf693f769b2bbab4e531316ae58598fe3e9204c8707
0fc71cda8439726545be4794bc2c16ed5df27c185baee8b7f281ca257f2dac2b
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15b92c976cc1ba3d579978efb914212a88888c37a233bcd4cdb5d09ab7c1a168
16ea27af27e740ce6b0a05893f44d314de6b8e4d1f0a1f43d79e1fc421fac73a
187e36835b2bd991ca93ea63a3b3aa77d6fcf579ea1d30e78829c4cd4f3581dc
1895ad7b11c8904ba4f8c86b5221539f3cf6a8cf729a0a1e3e590623c9da896b
19e71b9750bed04d835845acb8610e99fdc726b81ee570b0f48e7bb843011fc4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2034af73ee690c0a1e62f96b32611cbde9da88d27bad9adfbfe26d3fa2082a8e
20878bb44c6b54b6b9b6e1a64e8db6b62680fe2524ef07869593e22f98855495
20899d4215c29fdb483a29920675ecc094a9184c153d839f55dcbca59952ed3f
20c9f643f67728484f8b6826df78f2da34a00c20294e6d2a94ed9504f294e8d2
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
253b7cdcc65cd837d1281ec2b677e0ae88e5cc98f009779a8d1fca001c55dc96
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268a82621b02246caf8a54bb04015e1b9df065c23ef5aeae36d6608eaaac28bf
281e701c74c7a82bd98ec52525a2d51ae64ab893db20f89443569077d88be841
2940655625cbe9168662c87a72288297d67e21a12ca7b63954003dc7bb0410f7
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
299ca29622562cfb53555095ed6447c02d9f27a422bf2bf96e9015770f28ed62
302abe4269895e6318fa84b97d3f2ab3664bf26efdb824039ebc530a87ec9560
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3206f3fb4ba7110393cf27e4cd1762c5e08057e371d83c85f8e8c8ca91b52b67
32585c4ce1f4c35d5bf2a8b6d910ff18ec3c43850eff616406d0c4aa7115956a
3392866195e3532d5d7ee0e51529d4e2d005323486528c09e89e71f2c70e663a
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
33c61ff90acba12eb8453d684fce1663208d1bd7cf6aa5da1daa4920f42b371b
3679bef18c46a0dece77cbd2f546a75275afbf6ce8e793123e477c269d361560
36c64f44304b93bb203e30ce68d3518197832e3b2f0d17418731d9380857ffb6
379e688d706aea684715d979daa3469bd5dee93b314d28c31fd76a99abb75ba1
39687c06f987637997be6ea0dbbb41ccba20f5fed9ec8d031ade18397c790e61
39b15ca5c08ec3d228a9056a38ba7fd571e6d6961e0195ec01f616caa20a0353
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3b8440eec4e69fb0dba1c1ea22c0990a8d6e47d172e3fd4b893e7ef98d9722c0
3ba48dfc33fe7421ce415e24343f993c3bee5554c49dc34d2a65831f9e0db4c0
3ba9a07cb4d783c069ce0ae2d5ba581612abbec9104f5198d7b24d4b1db8b0b8
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3bf8760acf570d75580480d6a3d0768acc1358049dcdafafbab959d6843b088e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c9ed4288985c1c6e38cf58039c44872bdfcb62dd00ad466ce15d86cff8d7632
3cb8151ff0ba8eec1d4c9034402ef05a60338f526e8b08dd63d5256c2659cb6e
3d25d4c862932392b297360a6584be95371d6364530ce0f2584c5f29d69785dd
3d7c9d22bc64bec9e1ab42f298cb72b96daf3e6f0fb3ca309437b3ca962645c4
3deff99cc649273d38db2a3eed704caedf44b7f87a82e1595384f93a7470bc47
3e6493557fbbf0bfd94d99262b4220a58281ea08c2471c4703c9947e3086bad8
3eb9e800c34e51341ba2225b5dbd9553ca1cc2b6bd21e56c225a0b12d17fbdf8
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
4198d9ae65e215bbfba8a14b4e9ed754198d186ba88aed0ca37ea54ecb7701b7
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
428cf196c17a3bc4dfc9a382737abbcf4537437c594bd4ce382b9ae566a686ef
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
434dc4e3b0932d1c5a071c2a11bfd8836507fca8c8e0d296da3a0bd1643a8144
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43904a7d56116ee8c6bd5b0a6f1d55c3cc18f374be0b810aa48afe552c79a8a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a22cd14f1695091f6675ea7ee9faba07e62214ecc6a633a8539d5c145ab6f6
46311b08c6775f4a3598bec2532b2767d4c9ef866b8af6399e6cfa57079c4c38
4635963601b388f845ec836fff1c510db5dde31ef3591a87622feec8d851cd1b
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
48fd8b2824c2aaa6805d06553d9920e45a2c4ee96d72ac5809b0603d6eaa1ef3
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
494273ee881b43a4c09ea2dd7956ef49fc9868fc7f11c04a1f3875394a221049
49cd659a3bf0dd17eefca348c5a30c21476202ae0410f6a9d8d8982750c2e164
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4be0baf6a5f60c63438d694ed7c1cd28333ad81d1836bd037378528f11fbeb7d
505d1da0bb68322b9276866435a2b0b006ba5e51fe250942031e9fe3d214b7ff
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
514aba9a718be860dd8fbc81c363a636f30ceb2dbb968ccb28ceffbe17907887
52138849c09f70a1abd11ace9368267e599b99ac7d2a085f659b71efd74854d2
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
558b0a8e2d822c10c1fa4c2ccba08c6759b7514368f7fc975154f006a3639159
55b70df34ffcfa5ecc48aa975a17bb91ed3e1e1623e35e585c4972788790cb8b
5748c66b763e7c561f8e57b036f76a58909c657cffda9a3acffff99103ffccda
57981157c097bbf9a092453252bae197dd73b36bf5543739b9c7dc25b21c0d98
59849adf8b0024a44b3532de1ae3e4de887df7242939e02b26173441cf36d3b2
5a179aff94697df1272b7433e1346f780d35ae375b7cb926f3b16dcd2bfd5cc5
5d1806b1c3601ef9865da40a9aa8a53e968bba66e6ba2015710e33996461fcf0
5ff1a301f86176a7f31075ce1110eb6882126eb79f995467afb938032fafdb93
60b45b5ceeee2f487eb9f4b9a40c75ec81727aa770b95c86c8fdefd33c4174be
6175b90081cead91934049fee413677a53112b75f20b84128723247d4878d1d7
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
64c07323b9f8816039655bc454c1a75563a252381a906f01d97c169659b27e63
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
6511b9f6283c0284e354451a62b50b637fb55f63c4cb7b88d312e6e0e1899423
653e273bbc432403bb37db126e8e43f758c7bd998691759be0bc2b3f4515b274
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
67bf8bbca18805743494b3597b4e511decd3ea60ed6d8bc73d9924b3249c3860
689c90e3d54cd33dc799dcb8f743d21832ffb124eaacbb96ee5846f88dc533ba
6a65f6b7de67ddc5691ba9c0fda5f9b2d3083909afa1db3cf471ddaf1219affd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0358f1c76ca7437e0adfd927c5367f5827201112ec227c5bb9baa8436c5ed
6cef5ca46221c65dc5fa306fe04af9c8e7623097e1317e1365ddc1097fcb8b71
6d896fdfc8e6e56294894dc30c1b62c1028577efb750ad9b575778ee7462d77d
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d
700bdd4916ae7cdc0bf47f650cbf21ed881fc282e4729afe2814678670e441c1
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
728b65af071a5bf1fd59ed126009f3a78f6544664483f097f1676198d0e0c99c
7300835f748392ab97449486ce54a3ad495032623a35b158618a2ee1d36f8359
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
7489f0c635545a67cfbe23ed9463eceae16a3a45b168c3de04faa3e72b52ed8c
74ab74e001689f9d87effd32607338d5728f219a86faff4f122a15f2e27887ff
76b2d22c9e0858cc8b08ff50dbd291d2679031e95a912fbaec60fda771b6c433
7873fcc3509d539719c9d8a7856b8c40ee620109698fa3f09bb6cbc1a79a3f4d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79f14035c1ffde2198a718bdf97321fe5a5cbd7effb819e116beb37e4101aea9
7b703a452205328916cc90baac38151b01f36c21b74e2bbef2de62fa32c1a307
7cc23a6e123ece3f599d95ffefb91725b6dfe5b0a58e305f2ff68e32de0617a0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7eda0362241e856b49d35ad100cf46a98f0a939ecde278b923e8e33c527e6c41
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84853ed8daf40ef8a64fe3aec2102c1bda088e800b62394a9d697992a5d70991
87595df705a75dd3e8f9846b17872a78bedba5d1b6c9978ac63b2a450b68bc7f
8908154ab78aedae0914ded4c76fff4b8310d1b82beeb00dfadb340c77d7e90d
8a3d07edaed7c877448706fd0fff8b146093e704f70e6ee636d22a4811ec52fa
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
8bef761790faa6844c09eb3646d3aef9e2badeba71c9a598cccb4378f4260d3b
8ce720b1232d318bff1d4a135d73d24f9ede705aefee9d5cefb6e0ca33629ff1
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
8d8c340b9749a4161a16408c863a491011288ec1235cefe447cd2939c1b30547
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
8f48d97d3112bc9bf95ef0d70d30e7ec78041b3b498251ccd183fb18686139ac
8f9fce2d1efeb7ff84b096edcbd306fbeed42a83f2717b4d6e6a0502ce5ea160
915f38031e2bfec4cacb78015a2c64f8a422323039eb33e324f1d1d1cd45db20
93b14ed7784563efe04b1b2fb32f2955b1801d3eee2ab02bfcff3352ce5174d6
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
95ee6fc8810dfcbf054b898101151cb555278f15ff86e64a846cf1209c7184d0
97210a6f3bb5fd736f839127b138eb7a7786cde64d5983b53743cb6816d7079e
993e22be16263bfdf8ed1aeb5d1abbc9b2c1e518dd6c12743ec560d46a5f4a1f
9d5bfa2f97538e449ecc5f15b8c8fa7d206314d62fdfd92d7fabe28d3bc6e9cc
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
9e5cd0b67505ba3e1e301b171128e772daae859a213a59e33727d6e8dce9a11c
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a592cfa47cff944d696180a4c0fa9962916c8df41c90b8206b0f8b642461a069
a7c69f7fb8c13d825b4816b6a342b53589d5db9e2db45086ce72b5f16fcfd045
a7db143cdfe65b77cfa62c402eeb00d009f0584e1a407f42140ebd2fd4852934
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
a9bc6c096296ab210888d390eedb0f52d963077a4dc083bd08e5c6e074c79d51
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
ae6d05d8b42ac0823f2c6cce3c90be01e14c422dba16bfb3b707ec6a8cfd10c2
af69970e4bdd1dae03743c2e01cc7a78d5b3cc946517170e3ec75f6ce781908b
afee7a42c610dfdfeeeda42cc4fd8c35b2c1369ca8cc91f0e71e4dc1be642b82
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b292026bbea1dca2638c18da9865da63ae91d891023e534660addf9929821317
b2bb0f82681ca4b17ba49278bc70052a3723e2ada4bcc9a0598dcd1f60409c32
b5577eb0bfbc45da8ed23f70e4975217dbb6d4eac9c9d5f5955c74e520f8ac46
b55889ef6b0be911566f841cdf9e12e9d769a3d5324e34e1d9c3c9442218dae8
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b7b891c46c15c2e5050863d8df48fd7681da0f5f08e93091cf4f21b7ca8da882
b95b2add8ced883d3eefbfc4e70b58fbed8de0bc9e5b3772c3c262212cb67564
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
ba86232eb923856dd8711dd9fb9656ff8af22de6d387d9091ce7b68cda01ad5c
bac8ee57b7086f2eac3c07d0852d819ba937a57c16304f9065dfdafbf141d795
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb66884b816f0fa419db6478001343e1f80c8677913267d2d9dd4ed351dbabfd
bb791387fa1983a4a63dbb631b6be72e9dac73ab30b3b0dd2f087140609ddb27
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc6f4cf1c358a014ce748e0001f7ac8f7e76ef32b2e329a41cb43a608280f121
be40e3da703faed33bd3e9c8977a3d814f53c17df10838fd4b257c7e9f6d074f
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c06615f65bbd0fd24a7fc98664ebe6cc69c165be8bf47181a45c4b5876e5471e
c0f86e2e4aee90ce1ffeef49d951618e34e3ed4810a3ed1110ae66f9c051e3f4
c2d94f97927f2485fd03702dce415d8c7b11b94e57b9dfdef27704a8fadd266f
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790
c5de348f617ee894c9c9851cf7ac48e9f6525e05a30d5415f7690a3e9afeb9b3
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b
c6dea994f871c501133932c09479c56010984c5cf98e8d8ed7945d008ee09ee9
c79377caaa40167fba777f4627f8f5b10a42a3df5be6016f2222fcd59329f76b
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a
c9c82d6446bd15b7b992cc15e86119da298f3dc805b81fb777baa24651593d93
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca46c7d904699d5673e1e9cf73ea6bb7c99b224a74fe06f9e43bd213faf52b95
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc4fcec4bf797b9b83493fa3bedff1bed1153d5282c9f00550bd9bbfab0d6ba1
cd9ead1d96f5e05bd49c8231ab7856822fdef385c83f0d91e2962ca07a562618
ce019fdf5ef58bd9f7f0f8c041682db9b1ea6efccddfdd26817f13bf600e4cc6
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f706e0e18946e3f7169ac9c06dac7fbb0c686a0683ba9da18ae64919e644e7
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d720517727209364c05e7923b20067950059abd5bdacd5b80ebf1850b2b920ca
d7c25086a2305f99b43116f3935095d346eea4e1fc781bab31e81b6b9320032b
d80fef48aad15a258cbbfaf14d7a0ef016c4791a7de005a89037aabe8e7a9c8d
d8d0c6936da58940112f51b84fc4c2ea1393ad348963fe380643e38acabd677c
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
ddfaead26a52cb4c33361bbf0ab894dc95e0f304b8ffb46923058a24172ea6be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0145c4ef32c0d2abc3daa1169286fe49461cf16ee6c881099398cd0ab5f868f
e21d40d06dd91e757348c94fbd108af537e80b902b5878421ff4445440fdf998
e24cb32c39ad12af30d92d576a6c1e69234bec6e4eae27ecd92a27399da7eaf6
e2544873c9cde050a91b86eb99a2305aeeb5ba62a4a5a0e9d994e8c2fbacb366
e27324c9ac2047b034c08d12e05e9b1329c5fbe17b67e422840221f7586249ab
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e73728650c01917db3ad8d825fe331a4a54de18b578cb31511687888c0999f
e5f21c32d773836b79f08684932c9684b3bb7b1346c1f5b750e726f452fbe93b
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951
e752952af381ed1e89cd1f11c914d071199049f896192feac4a68b64f9fe62ba
e80799ebf2ac1a977b8926bb1b45767c640045522b15676c5a66b34faaa1ac31
e86656350de5d856707ea7a39973282b7978c80ec07dab0ad6200ce759506d3a
e8b425b0454dfdeaacc90a822297f5386f87aa23cdb769f6843bfdc48d87a2bb
e92c674e78c0de0e67ac9c38ea950c88943370f41d0c28ac7e0c2a0a30a82691
ea67ff6b5b7b47547079d888267aa933d278920933bf8d0b767dbbadb9a25be7
ea7ee9d8ec4ee7323e85937058fe103d54672899ee650e5096752f69f7a2f35f
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0102cb9a6e9af74148d61e73746b5b6aae509593724a4cda28a7c9ad1ad58c6
f0e29d5d3bf284f8502ebd9f0a9b1173315ded13d187ac563297a7ea58024b74
f29d66e855aa23da884f4bf9a77506cdedfedb297ecd5583d70621074cb47b0f
f2e9c54edda97bb6454268bb733ea5184f02c1e4956c3ec6063da386f33354bd
f38edd1ce3782cb07e82967ed50372b3d4efcb3071fcd4bb7fa42a715f8b1ff5
f3ce13fad7c845235767cb1ce6dde20a5cd4024f0f305aeffc71c594284a91b1
f439ccdf94fcc068976d8f7449406fdf70fef61a68993a29b1bccbe169545f34
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f4dafedb801d04dc517b1f19f8bea0d45aadc4b8a8f2d89b6565c477e7d2d6e6
f5f5d2a1e50dac4945fc981bf5977cadb087885135d25e6b64d3bec5267a9847
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10
f6a7416b5246c86304ed13c4321397792b105cd5656c2a535b78dd3b6fc91f1e
f7bc1865c10215913cd38a869630fd07c008811bb39ecdfc5b9d76a74a31b6b6
f8785d8c14f219828047fa9f8a4e2ec05076ec0dffaa7e0f4becd8186e61689c
fc80843ae4d14c53ef114d830c48869c1854c665d786cbcb28575f64e346ff35
fd7cf24e7130670073acb303d5d23086ed076f7813153ece3c67cf5037b5db67
fd8ec8afff835f923f221ffcdc2d917a9a26d87366f8f6566fabc484e56c944b
fe7e474ec2eae393c8532b84012494f09fedd6898d395829e0e2e7af62e8ef40