www.heraldonline.com Open in urlscan Pro
104.109.59.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldonline.net/
Effective URL:
https://www.heraldonline.com/
Submission: On December 30 via api (December 30th 2018, 9:42:41 am UTC) from DE

Summary HTTP 229 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 63 IPs in 8 countries across 52 domains to perform 229 HTTP transactions. The main IP is 104.109.59.81, located in Amsterdam, Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.heraldonline.com.
TLS certificate: Issued by DigiCert ECC Secure Server CA on December 11th 2018. Valid for: a year.

This is the only time www.heraldonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 42	104.109.59.81 104.109.59.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	52.49.211.192 52.49.211.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 7	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
7	54.192.93.152 54.192.93.152	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2600:9000:200... 2600:9000:200c:7c00:15:d134:4e40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 3	52.51.131.19 52.51.131.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:200... 2600:9000:200c:6a00:18:1fcd:348:2461	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	185.33.223.200 185.33.223.200	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	69.164.212.247 69.164.212.247	63949 (LINODE-AP...) (LINODE-AP Linode)
1	182.161.72.73 182.161.72.73	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
6	213.19.162.71 213.19.162.71	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-) (VCLK-EU-)
1	34.243.36.162 34.243.36.162	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	172.82.228.19 172.82.228.19	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.216.232.149 52.216.232.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	18.197.206.194 18.197.206.194	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.209.20.178 52.209.20.178	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.154.94.173 54.154.94.173	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2.18.232.23 2.18.232.23	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY - Fastly)
4	37.252.167.211 37.252.167.211	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	52.94.237.36 52.94.237.36	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	54.192.93.144 54.192.93.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
17	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:200... 2600:9000:200c:d200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	66.117.29.3 66.117.29.3	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
3	2a02:26f0:64:... 2a02:26f0:64:49e::31c6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.120.87.207 3.120.87.207	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	54.144.48.113 54.144.48.113	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:824::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.94.183.192 104.94.183.192	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1 1	88.214.194.54 88.214.194.54	46636 (NATCOWEB) (NATCOWEB - NatCoWeb Corp.)
1	88.214.194.105 88.214.194.105	46636 (NATCOWEB) (NATCOWEB - NatCoWeb Corp.)
12	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:820::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.221.234.215 54.221.234.215	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	52.18.169.38 52.18.169.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.237.170.193 34.237.170.193	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	151.101.0.175 151.101.0.175	54113 (FASTLY) (FASTLY - Fastly)
1 3	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19c::63cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	52.22.2.8 52.22.2.8	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.192.175 151.101.192.175	54113 (FASTLY) (FASTLY - Fastly)
1	54.247.83.46 54.247.83.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
229	63

3 184.168.131.241 (Scottsdale, United States) 3 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

heraldonline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 104.109.59.81 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-59-81.deploy.static.akamaitechnologies.com

www.heraldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.heraldonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.kansascity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pics.mcclatchyinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.charlotteobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.211.192 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-211-192.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.192.93.152 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-93-152.fra2.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:200c:7c00:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ovp.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.51.131.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-131-19.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:6a00:18:1fcd:348:2461 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.200 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.164.212.247 (Newark, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li127-247.members.linode.com

bidder.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.72.73 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.162.71 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.36.162 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-36-162.eu-west-1.compute.amazonaws.com

mcclatchy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.82.228.19 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net

mcclatchy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.232.149 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.250.234 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.206.194 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-206-194.eu-central-1.compute.amazonaws.com

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.20.178 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-209-20-178.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.94.173 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-94-173.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.23 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.22.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (European Union)

ASN54113 (FASTLY - Fastly, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.167.211 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 30.ratbait.prod.ams1.adnexus.net

rb.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.237.36 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.192.93.144 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-93-144.fra2.r.cloudfront.net

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80b::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:d200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.3 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

mcclatchy.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:64:49e::31c6 (European Union)

ASN20940 (AKAMAI-ASN1, US)

static.mcclatchyinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.87.207 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-87-207.eu-central-1.compute.amazonaws.com

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:816::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.144.48.113 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-144-48-113.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

amp-error-reporting.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.94.183.192 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-94-183-192.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.194.54 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB - NatCoWeb Corp., US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.194.105 (United Kingdom)

ASN46636 (NATCOWEB - NatCoWeb Corp., US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.2.27 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2006 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.234.215 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-221-234-215.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.169.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-169-38.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.170.193 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-237-170-193.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.175 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.103 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19c::63cc (European Union)

ASN20940 (AKAMAI-ASN1, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.2.8 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-2-8.compute-1.amazonaws.com

c.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.175 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.83.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-83-46.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	heraldonline.com 1 redirects www.heraldonline.com media.heraldonline.com	1 MB
20	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	437 KB
19	boltdns.net cf-images.us-east-1.prod.boltdns.net manifest.prod.boltdns.net	2 MB
11	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	119 KB
9	ampproject.org cdn.ampproject.org	287 KB
9	matheranalytics.com 2 redirects js.matheranalytics.com www.i.matheranalytics.com	52 KB
9	adnxs.com acdn.adnxs.com ib.adnxs.com rb.adnxs.com	102 KB
8	brightcove.com edge.api.brightcove.com	28 KB
8	google.com 2 redirects www.google.com adservice.google.com	1 KB
7	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	9 KB
5	googleapis.com imasdk.googleapis.com	80 KB
4	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	85 KB
4	googletagservices.com www.googletagservices.com	90 KB
4	demdex.net 1 redirects dpm.demdex.net mcclatchy.demdex.net	3 KB
4	mcclatchyinteractive.com pics.mcclatchyinteractive.com static.mcclatchyinteractive.com	54 KB
4	crwdcntrl.net 1 redirects ad.crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net	11 KB
3	facebook.com www.facebook.com	693 B
3	liadm.com 1 redirects b-code.liadm.com c.liadm.com i.liadm.com Failed	9 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adobedtm.com assets.adobedtm.com	44 KB
3	google-analytics.com www.google-analytics.com	17 KB
3	amazonaws.com s3.amazonaws.com sqs.us-east-1.amazonaws.com	18 KB
3	omtrdc.net mcclatchy.sc.omtrdc.net mcclatchy.tt.omtrdc.net	5 KB
3	rtk.io bidder.rtk.io sync.rtk.io	1 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	31 KB
3	iris.tv ovp.iris.tv	212 KB
3	newsobserver.com www.newsobserver.com	176 KB
3	heraldonline.net 3 redirects heraldonline.net	419 B
2	facebook.net connect.facebook.net	58 KB
2	appspot.com amp-error-reporting.appspot.com	219 B
2	google.de adservice.google.de www.google.de	306 B
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	794 B
2	quantserve.com edge.quantserve.com pixel.quantserve.com	6 KB
2	colossusssp.com colossusssp.com Failed sync.colossusssp.com	1 KB
2	openx.net mcclatchy-d.openx.net Failed u.openx.net	290 B
2	mcclatchy-wires.com www.mcclatchy-wires.com	58 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	ipify.org api.ipify.org	248 B
1	2mdn.net s0.2mdn.net	10 KB
1	criteo.net static.criteo.net	13 KB
1	quantcount.com rules.quantcount.com	992 B
1	postrelease.com jadserve.postrelease.com	5 KB
1	gstatic.com www.gstatic.com	91 KB
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	707 B
1	criteo.com bidder.criteo.com	218 B
1	googleadservices.com www.googleadservices.com	9 KB
1	charlotteobserver.com www.charlotteobserver.com	52 KB
1	kansascity.com media.kansascity.com	618 B
1	ntv.io s.ntv.io	76 KB
0	advertising.com Failed adserver-us.adtech.advertising.com Failed
0	casalemedia.com Failed as-sec.casalemedia.com Failed
229	52

	Domain	Requested by
27	www.heraldonline.com	1 redirects www.heraldonline.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.heraldonline.com
12	manifest.prod.boltdns.net	www.heraldonline.com
9	cdn.ampproject.org	securepubads.g.doubleclick.net
8	edge.api.brightcove.com	www.heraldonline.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.heraldonline.com
7	cf-images.us-east-1.prod.boltdns.net	www.heraldonline.com
7	www.google.com	2 redirects www.heraldonline.com
7	media.heraldonline.com	www.heraldonline.com media.heraldonline.com
6	fastlane.rubiconproject.com	acdn.adnxs.com
5	www.i.matheranalytics.com	www.heraldonline.com
5	imasdk.googleapis.com	www.heraldonline.com imasdk.googleapis.com
4	rb.adnxs.com	acdn.adnxs.com
4	js.matheranalytics.com	2 redirects www.heraldonline.com
4	www.googletagservices.com	www.heraldonline.com
3	www.facebook.com
3	sb.scorecardresearch.com	1 redirects www.heraldonline.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.heraldonline.com
3	static.mcclatchyinteractive.com	assets.adobedtm.com static.mcclatchyinteractive.com
3	googleads.g.doubleclick.net	www.googleadservices.com www.heraldonline.com
3	assets.adobedtm.com	media.heraldonline.com assets.adobedtm.com
3	www.google-analytics.com	media.heraldonline.com www.heraldonline.com
3	dpm.demdex.net	1 redirects media.heraldonline.com www.heraldonline.com
3	ovp.iris.tv	www.heraldonline.com ovp.iris.tv
3	www.newsobserver.com	www.heraldonline.com
3	acdn.adnxs.com	www.heraldonline.com acdn.adnxs.com
3	heraldonline.net	3 redirects
2	c.liadm.com	1 redirects
2	connect.facebook.net	www.heraldonline.com connect.facebook.net
2	cdn.krxd.net	static.mcclatchyinteractive.com cdn.krxd.net
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	u.openx.net	1 redirects acdn.adnxs.com
2	sync.rtk.io	acdn.adnxs.com static.mcclatchyinteractive.com
2	amp-error-reporting.appspot.com	cdn.ampproject.org
2	secure-us.imrworldwide.com	1 redirects www.heraldonline.com
2	s3.amazonaws.com	www.heraldonline.com
2	mcclatchy.sc.omtrdc.net	media.heraldonline.com
2	ib.adnxs.com	acdn.adnxs.com
2	static.chartbeat.com	media.heraldonline.com
2	www.mcclatchy-wires.com	www.heraldonline.com
1	beacon.krxd.net	cdn.krxd.net
1	consumer.krxd.net	cdn.krxd.net
1	b-code.liadm.com	www.heraldonline.com
1	ping.chartbeat.net
1	api.ipify.org	www.heraldonline.com
1	s0.2mdn.net	imasdk.googleapis.com
1	sync.colossusssp.com	www.heraldonline.com
1	eus.rubiconproject.com	acdn.adnxs.com
1	static.criteo.net	acdn.adnxs.com
1	pixel.quantserve.com	www.heraldonline.com
1	mcclatchy.tt.omtrdc.net	assets.adobedtm.com
1	rules.quantcount.com	edge.quantserve.com
1	www.google.de	www.heraldonline.com
1	sqs.us-east-1.amazonaws.com	s3.amazonaws.com
1	mab.chartbeat.com	static.chartbeat.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	jadserve.postrelease.com	s.ntv.io
1	edge.quantserve.com	media.heraldonline.com
1	www.gstatic.com	www.google.com
1	cm.everesttech.net	1 redirects
1	mcclatchy.demdex.net	media.heraldonline.com
1	web.hb.ad.cpe.dotomi.com	acdn.adnxs.com
1	colossusssp.com	acdn.adnxs.com
1	bidder.criteo.com	acdn.adnxs.com
1	bidder.rtk.io	acdn.adnxs.com
1	tags.crwdcntrl.net	www.heraldonline.com
1	www.googleadservices.com	www.heraldonline.com
1	www.charlotteobserver.com	www.heraldonline.com
1	pics.mcclatchyinteractive.com	www.heraldonline.com
1	media.kansascity.com	www.heraldonline.com
1	s.ntv.io	www.heraldonline.com
1	ad.crwdcntrl.net	www.heraldonline.com
0	i.liadm.com Failed	b-code.liadm.com
0	adserver-us.adtech.advertising.com Failed	acdn.adnxs.com
0	mcclatchy-d.openx.net Failed	acdn.adnxs.com
0	as-sec.casalemedia.com Failed	acdn.adnxs.com
229	77

This site contains links to these domains. Also see Links.

Domain
digital.olivesoftware.com
account.heraldonline.com
www.legacy.com
x.email.heraldonline.com
heraldonline.newsbank.com
nie.heraldonline.com
events.heraldonline.com
games.heraldonline.com
mcclatchy.nextbee.com
jobs.heraldonline.com
www.startmoonlighting.com
www.virtualcareerevent.com
www.facebook.com
twitter.com
itunes.apple.com
www.youtube.com
mcciservices.newscyclecloud.com
rockhillherald.adperfect.com
rockhill.dealsaver.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert ECC Secure Server CA	`2018-12-11` - `2020-02-19`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2018-11-20` - `2020-02-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2018-06-12` - `2019-12-11`	a year	crt.sh
www.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2017-12-14` - `2019-01-14`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
iris.tv Amazon	`2018-08-28` - `2019-09-28`	a year	crt.sh
www.googleadservices.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2016-03-15` - `2019-03-20`	3 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2018-04-02` - `2019-04-18`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
*.rtk.io COMODO RSA Domain Validation Secure Server CA	`2017-03-16` - `2020-03-25`	3 years	crt.sh
*.criteo.com DigiCert SHA2 Secure Server CA	`2018-11-05` - `2020-01-03`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
ad.cpe.dotomi.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-05-25` - `2020-05-25`	2 years	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2016-05-04` - `2019-05-23`	3 years	crt.sh
*.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
js.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-04-07` - `2019-04-07`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2018-02-15` - `2019-07-11`	a year	crt.sh
*.postrelease.com Amazon	`2018-04-25` - `2019-05-25`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2018-04-06` - `2019-04-11`	a year	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-12-26` - `2019-09-12`	9 months	crt.sh
queue.amazonaws.com Amazon	`2018-11-06` - `2019-10-18`	a year	crt.sh
*.api.brightcove.com Amazon	`2018-10-23` - `2019-11-23`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh
www.mcclatchy.com DigiCert ECC Extended Validation Server CA	`2018-11-21` - `2020-02-12`	a year	crt.sh
*.criteo.net DigiCert SHA2 Secure Server CA	`2018-11-08` - `2019-12-19`	a year	crt.sh
misc-sni.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
www.i.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-12-10` - `2020-02-08`	2 years	crt.sh
*.appspot.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2018-12-06` - `2019-12-06`	a year	crt.sh
brightcove.com GlobalSign CloudSSL CA - SHA256 - G3	`2018-10-18` - `2019-03-16`	5 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.ipify.org COMODO RSA Domain Validation Secure Server CA	`2018-01-24` - `2021-01-23`	3 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-10-09` - `2019-09-27`	a year	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
b-code.liadm.com DigiCert ECC Secure Server CA	`2018-07-16` - `2019-07-16`	a year	crt.sh
*.liadm.com Amazon	`2018-01-02` - `2019-02-02`	a year	crt.sh
*.krxd.net Go Daddy Secure Certificate Authority - G2	`2017-06-12` - `2019-07-11`	2 years	crt.sh

This page contains 24 frames:

Primary Page: https://www.heraldonline.com/
Frame ID: 1971135F814B48959F3995F8271A35FB
Requests: 170 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: F62C619160E2800DAF5A475D5740949E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: 9AD3D217735F0A7E475804BB7459E3E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: E5D2EA1A1D282F8F32EFE163421F4262
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Frame ID: 01C3F1D161CD57C43CF2787AD82FD36B
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Frame ID: CC02FB44C5421C846390E6739A35949B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/abg_lite.js
Frame ID: 9E9868AB5C7A9FB383697856886E8DEE
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/abg_lite.js
Frame ID: 2CC7AFD7EB8AD97A2F0C2D0E53C31874
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Frame ID: D823CAC440445A53FF65DBEB3D928BBE
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8F1F4E31819492C131250536B0FD9EB5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 706F8678CF84A5F6CDFB2B5F11740F37
Requests: 1 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: C91911E75787F61DE2ECF8D07DF50D01
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: E612175A2D9A8BFF596A06803B035F42
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 55CE4A26B14E47529FC26CE4B48CC8C3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html
Frame ID: 03B2AC72556EB852F6628E85DF414CDA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html
Frame ID: 8F9CED43B8A82BFFF416603BFF031CCB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html
Frame ID: E78A4B0B5B6E650DF2108322C667B709
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html
Frame ID: C7B6E8E6C7ECD8FD47E517620C32F19E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C%20The%20Herald%2C%20SC%2C%20South%20Carolina%2C%20York%2C%20Fort%20Mill%2C%20Clover%2C%20Lake%20Wyle%2C%20Chester%2C%20Lancaster%2C%20headline%2C%20stories%2C%20articles%2C%20opinion%2C%20newspaper/rt=ifr
Frame ID: FF18028CF7D763D8478CE2D580500421
Requests: 1 HTTP requests in this frame

Frame: https://sb.scorecardresearch.com/beacon.js
Frame ID: 09A287A48C30023DD06F8BA4CBEEBBBF
Requests: 2 HTTP requests in this frame

Frame: https://connect.facebook.net/en_US/fbevents.js
Frame ID: B8F70F2B0E9317F24D93C2EFDDC6CB35
Requests: 5 HTTP requests in this frame

Frame: https://b-code.liadm.com/a-01ef.min.js
Frame ID: 816FA7DA58C654C9515C6E66F97ECFD4
Requests: 2 HTTP requests in this frame

Frame: https://sync.rtk.io/cs
Frame ID: 14EA2D4AC1EC2C7FD534BBA148843D19
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01ef?s=&cim=&ps=true&ls=false&duid=a-01ef--4d4131e0-ade6-4cbe-a025-cea056c040e4&domainSessionId=caede6a1-f1c6-4088-beb6-265eab486b7d&ppid=0&euns=0&ci=0&version=sc-2.2.0&nosync=false&
Frame ID: 58DAD05C6FA834C85A666D5F0B5CD5E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://heraldonline.net/ HTTP 302
http://heraldonline.net/QRXMZ/ HTTP 302
http://heraldonline.net/ HTTP 301
http://www.heraldonline.com/ HTTP 301
https://www.heraldonline.com/ Page URL

Detected technologies

VideoJS (Video Players) Expand

Overall confidence: 100%
Detected patterns

env /^VideoJS$/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /require.*\.js/i
env /^requirejs$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i
env /PREBID_TIMEOUT/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_sf_(?:endpt|async_config)$/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
script /2mdn\.net/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^s_(?:account|objectID|code|INST)$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

229
Requests

91 %
HTTPS

34 %
IPv6

52
Domains

77
Subdomains

63
IPs

8
Countries

5241 kB
Transfer

11438 kB
Size

3
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: http://digital.olivesoftware.com/Olive/ODN/TheHerald/default.aspx
Title:

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/static/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/static/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/heraldonline/#navlink=navbar
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://x.email.heraldonline.com/ats/url.aspx?cr=663&wu=17#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://heraldonline.newsbank.com/#navlink=subnav
Title: Archives

Search URL Search Domain Scan URL

URL: http://nie.heraldonline.com/#navlink=subnav
Title: NIE

Search URL Search Domain Scan URL

URL: http://digital.olivesoftware.com/Olive/ODN/TheHeraldSS/default.aspx#navlink=subnav
Title: Down Home Magazine

Search URL Search Domain Scan URL

URL: http://digital.olivesoftware.com/Olive/ODN/TheHeraldPhysiciansDirectory/default.aspx#navlink=subnav
Title: Physicians Directory

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/heraldonline/#navlink=subnav
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.legacy.com/celebration/heraldonline/#navlink=subnav
Title: Weddings

Search URL Search Domain Scan URL

URL: http://events.heraldonline.com/#navlink=subnav
Title: Calendar

Search URL Search Domain Scan URL

URL: http://games.heraldonline.com/#navlink=subnav
Title: Puzzles & Games

Search URL Search Domain Scan URL

URL: http://mcclatchy.nextbee.com/heraldonline/dashboard-signed-out.html#navlink=subnav
Title: Rewards

Search URL Search Domain Scan URL

URL: https://jobs.heraldonline.com/#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: http://www.startmoonlighting.com/mni/Rock-Hill-Herald/?utm_source=Rock-Hill-Herald&utm_medium=navweblink&utm_campaign=MNI#navlink=subnav
Title: Moonlighting

Search URL Search Domain Scan URL

URL: http://www.virtualcareerevent.com/rockhill#navlink=subnav
Title: Virtual Career Fair

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/subscribe/create?param=fHpEAUI=&cid=CTA_HTML_support
Title: #READLOCAL Journalism that makes a difference; your support makes it possible. Subscribe today.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Fbig-south%2Fwinthrop-university%2Farticle223718310.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Fbig-south%2Fwinthrop-university%2Farticle223718310.html&text=Winthrop%E2%80%99s%20Nych%20Smith%20explains%20why%20he%20stayed%20in%20Rock%20Hill%20this%20past%20offseason

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Facc%2Farticle223729960.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Facc%2Farticle223729960.html&text=Top%20photos%20of%20Clemson%E2%80%99s%20Cotton%20Bowl%20victory

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Facc%2Farticle223729895.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Facc%2Farticle223729895.html&text=Clemson%20celebrates%20Cotton%20Bowl%20win%20against%20Notre%20Dame

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Farticle223723890.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldonline.com%2Fsports%2Fcollege%2Farticle223723890.html&text=Bryson%20Allen-Williams%3A%20%E2%80%98Whatever%E2%80%99s%20next%2C%20I%E2%80%99ll%20attack%20it%20with%20Gamecock%20pride%E2%80%99

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/subscribe/create?param=fHpHAEM=&offer=NmEfaxcUb3lSCUJAfRI6a0FLHxpGCDNCABlBG15QPgoUG0hQeHNDAEpGb29STx0HLisVS1BIbxE4dUBCDA0%2BbDM%2Bbz4%3D&cid=CTA_20annual_offers_holiday
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/rock-hill-herald-news/id507321327?mt=8
Title: The Herald App

Search URL Search Domain Scan URL

URL: http://x.email.heraldonline.com/ats/url.aspx?cr=663&wu=17
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/therockhillherald

Search URL Search Domain Scan URL

URL: https://twitter.com/RHHerald

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/rockhillheraldonline

Search URL Search Domain Scan URL

URL: https://account.heraldonline.com/static/subscribe#navlink=mi_footer
Title: Start a Subscription

Search URL Search Domain Scan URL

URL: https://mcciservices.newscyclecloud.com/cgi-bin/cmo_mcc-c-cmdb-est-01.sh/custservice/web/login.html?siteid=RHL#navlink=mi_footer
Title: Customer Service

Search URL Search Domain Scan URL

URL: http://digital.olivesoftware.com/Olive/ODN/TheHerald/default.aspx#navlink=mi_footer
Title: eEdition

Search URL Search Domain Scan URL

URL: http://x.email.heraldonline.com/ats/url.aspx?cr=663&wu=17#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://nie.heraldonline.com/#navlink=mi_footer
Title: News in Education

Search URL Search Domain Scan URL

URL: https://heraldonline.newsbank.com/#navlink=mi_footer
Title: Archives

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/heraldonline/obituary-place-an-obituary.aspx#navlink=mi_footer
Title: Place Obituary, Celebration

Search URL Search Domain Scan URL

URL: http://rockhillherald.adperfect.com/#navlink=mi_footer
Title: Place Classified, Legal

Search URL Search Domain Scan URL

URL: http://rockhill.dealsaver.com/#navlink=mi_footer
Title: Local Deals

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldonline.net/ HTTP 302
http://heraldonline.net/QRXMZ/ HTTP 302
http://heraldonline.net/ HTTP 301
http://www.heraldonline.com/ HTTP 301
https://www.heraldonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://cm.everesttech.net/cm/dd?d_uuid=21270680339052163883185305171053520157 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XCiS8wAADmgkLjx0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XCiS8wAADmgkLjx0

Request Chain 85

https://js.matheranalytics.com/s/ma12095/74930704/sp.js?cb=1491 HTTP 301
https://js.matheranalytics.com/static/2_2_18-c/sp.br.js

Request Chain 89

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/&rp=&ts=compact&rnd=1546162928517 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/&rp=&ts=compact&rnd=1546162928517&ja=1

Request Chain 162

https://js.matheranalytics.com/s/ma12095/74930704/sp.js?cb=1491 HTTP 301
https://js.matheranalytics.com/static/2_2_18-c/sp.br.js

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 181

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 183

https://colossusssp.com/?c=o&m=cookie HTTP 302
https://sync.colossusssp.com/hms.gif?puid=8a483e45670fc703dc0853b54bb94243716192d7

Request Chain 218

https://bcp.crwdcntrl.net/5/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C%20The%20Herald%2C%20SC%2C%20South%20Carolina%2C%20York%2C%20Fort%20Mill%2C%20Clover%2C%20Lake%20Wyle%2C%20Chester%2C%20Lancaster%2C%20headline%2C%20stories%2C%20articles%2C%20opinion%2C%20newspaper/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C%20The%20Herald%2C%20SC%2C%20South%20Carolina%2C%20York%2C%20Fort%20Mill%2C%20Clover%2C%20Lake%20Wyle%2C%20Chester%2C%20Lancaster%2C%20headline%2C%20stories%2C%20articles%2C%20opinion%2C%20newspaper/rt=ifr

Request Chain 227

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1546162953339&ns_c=UTF-8&ns_if=1&cv=3.1&c8=Comscore%20Pixel&c7=https%3A%2F%2Fwww.heraldonline.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1546162953339&ns_c=UTF-8&ns_if=1&cv=3.1&c8=Comscore%20Pixel&c7=https%3A%2F%2Fwww.heraldonline.com%2F&c9=

Request Chain 231

https://c.liadm.com/i?e=pv&eid=02598939-b391-4270-b17c-16ff9aecf466&url=https%3A%2F%2Fwww.heraldonline.com%2F&page=LiveConnect%20Pixel&refr=&aid=a-01ef&sid=caede6a1-f1c6-4088-beb6-265eab486b7d&duid=a-01ef--4d4131e0-ade6-4cbe-a025-cea056c040e4&p=web&tna=liveIntentPublisherTracker&tv=pub-2.1.0& HTTP 302
https://c.liadm.com/i?e=pv&&duid=a-01ef--4d4131e0-ade6-4cbe-a025-cea056c040e4&eid=02598939-b391-4270-b17c-16ff9aecf466&url=https://www.heraldonline.com/&refr=&aid=a-01ef&tna=liveIntentPublisherTracker&page=LiveConnect+Pixel&tv=pub-2.1.0&n3pc=true&p=web&sid=caede6a1-f1c6-4088-beb6-265eab486b7d

229 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.heraldonline.com/
Redirect Chain

http://heraldonline.net/
http://heraldonline.net/QRXMZ/
http://heraldonline.net/
http://www.heraldonline.com/
https://www.heraldonline.com/

180 KB
28 KB

91ms
10ms

Document
text/html

104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: df90c640192552a2d7a3840165fb374a597bd10ae690c4f6eb1921474cd324cf

Request headers

Host: www.heraldonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

MI-API: WPS
Content-Type: text/html;charset=utf-8
Surrogate-Control: varnish=ESI/2.1
Last-Modified: Sun, 30 Dec 2018 09:41:59 GMT
ETag: W/"2c7f8-k8+qb/EnYWma7MsAHjfrPw"
Content-Encoding: gzip
X-Varnish: 1045203727 786802
X-MI-In-Market: 0
Server: MI
MI-Cache-Age: 1
Vary: Accept-Encoding
MI-Cache: HIT
Content-Length: 27671
Cache-Control: max-age=102
Date: Sun, 30 Dec 2018 09:42:07 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.heraldonline.com/
Date: Sun, 30 Dec 2018 09:42:06 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK require.js Show response
www.heraldonline.com/wps/source/scripts/libs/ 15 KB
7 KB 20ms
10ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/scripts/libs/require.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: beec98d383e6249c59c306dca3810f332bb8804ef60db6c89f245a3c6fc396ca

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 211440
Connection: keep-alive
Content-Length: 6443
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"3dd1-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 34635904, 381747212 290881926
Access-Control-Allow-Origin: *
Cache-Control: max-age=160557
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK main2018-896d23ba0f.css
www.heraldonline.com/wps/build/css/ 276 KB
48 KB 49ms
10ms Stylesheet
text/css 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7fdee8c41c304a899cf957052fdc1eb23dd2a0e352b5c1557293d9234b231b8c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 219881
Connection: keep-alive
Content-Length: 48367
Last-Modified: Thu, 13 Dec 2018 20:54:07 GMT
Server: MI
ETag: W/"4516c-167a9591598"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 336005033 51679802, 431825643 755402734
Access-Control-Allow-Origin: *
Cache-Control: max-age=247842
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
www.heraldonline.com/wps/source/scripts/libs/ 91 KB
33 KB 65ms
13ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/scripts/libs/jquery-1.10.2.min.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 49377
Connection: keep-alive
Content-Length: 32825
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"16bb3-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 220496559, 1057982975 595624777
Access-Control-Allow-Origin: *
Cache-Control: max-age=160000
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK mi-header-8c560c29fe.js Show response
www.heraldonline.com/wps/build/js/ 99 KB
29 KB 66ms
14ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/js/mi-header-8c560c29fe.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 18c957878fa3fb648d002ee26cd4dd926b9f610f244c76c530e981e5fad8b2a2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 529786
Connection: keep-alive
Content-Length: 28709
Last-Modified: Thu, 13 Dec 2018 20:54:58 GMT
Server: MI
ETag: W/"18ac5-167a959dcd0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 962101558 20283650, 398365773 860323862
Access-Control-Allow-Origin: *
Cache-Control: max-age=397394
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK guid.js Show response
www.heraldonline.com/wps/source/scripts/libs/ 1 KB
1 KB 64ms
12ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 92085
Connection: keep-alive
Content-Length: 547
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"505-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 692158499 5734700
Access-Control-Allow-Origin: *
Cache-Control: max-age=245564
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK heraldonline.js Show response
media.heraldonline.com/misites/rhh/ 3 KB
1 KB 322ms
13ms Script
text/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldonline.com/misites/rhh/heraldonline.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 369ef1dd27e90cf88ac0e51eb89ec1b385a681892da8e16c722095ab8102604c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Apr 2018 21:38:27 GMT
Server: Apache
ETag: "a04-56b038eb73ac0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1101

GET
H/1.1 200
OK pb.js Show response
acdn.adnxs.com/prebid/c/7543_sc-ga1/ 921 KB
98 KB 67ms
12ms Script
application/javascript 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 674a684b7b4aaed87a62a82c73789a868189d83eefc7004bedec3901681465a7

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Nov 2018 22:38:27 GMT
Server: nginx/1.13.10
ETag: W/"5be4bae3-e6236"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 100400
Expires: Mon, 31 Dec 2018 09:42:09 GMT

GET
H/1.1 200
OK callback=extractPid Show response
ad.crwdcntrl.net/5/c=7436/pe=y/ 75 B
388 B 167ms
34ms Script
application/javascript 52.49.211.192
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=extractPid
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.211.192 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-211-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dae4d33d995616958774b76553c6e7ed2ad69f4aaefb156cf51167fd812d125d

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:07 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.26.20.27
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Content-Length: 75
Expires: 0

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 261 KB
76 KB 120ms
17ms Script
application/x-javascript 2.18.234.163
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: bcd38441fbb2f5f2379d3d20b988efbef03919bc0aedad5b3d893dba7f79b966

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
x-amz-request-id: D00F5B20AD937FFC
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: LTXj9hQmDDRAAmwO6PdRSC5sTs4CNgTvL0hqGnsp2WFTk64C84kc3rIND3fh+4LuUnJ/xfGcfes=
Last-Modified: Fri, 21 Dec 2018 22:49:30 GMT
Server: AmazonS3
ETag: "32a357f97314b4503a1a272842aba196"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 762 B
584 B 18ms
17ms Script
text/javascript 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

6398e331d33ae6c4721d5f1bce393e874f2785f9b498ad74bdfae03e28202a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 448
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:07 GMT

GET
H/1.1 200
OK logo.svg
www.heraldonline.com/wps/build/images/heraldonline/ 3 KB
2 KB 57ms
10ms Image
image/svg+xml 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/wps/build/images/heraldonline/logo.svg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 26f8d8f0069807f2b1e418dbfcd720c5d6942de02bf0a76dace4e31d5fda6a57

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 269835
Connection: keep-alive
Content-Length: 1266
Last-Modified: Thu, 13 Dec 2018 20:55:00 GMT
Server: MI
ETag: W/"c8e-167a959e4a0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 135759336, 177705770 219122270
Access-Control-Allow-Origin: *
Cache-Control: max-age=251640
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/svg+xml;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK banner-promo-link.css
media.kansascity.com/livegraphics/links/ 730 B
618 B 306ms
178ms Stylesheet
text/css 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.kansascity.com/livegraphics/links/banner-promo-link.css
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7efb26ad98fa7cae6616ce17f46974a68d086a8030fe3ded01641bf024ba2d86

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Sep 2018 20:15:47 GMT
Server: Apache
ETag: "2da-5762af492af83"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 335

GET
H/1.1 200
OK kellynicolehedrick28.jpg
www.heraldonline.com/latest-news/clp9y4/picture223661205/alternates/LANDSCAPE_768/ 31 KB
32 KB 28ms
10ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/latest-news/clp9y4/picture223661205/alternates/LANDSCAPE_768/kellynicolehedrick28.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 38fe2d8d8a8fd5f88d5956cccaa380ec345234fe710dd8d8c61fbe6e1164682e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 718
Connection: keep-alive
Content-Length: 31944
Last-Modified: Fri, 28 Dec 2018 12:16:19 GMT
Server: MI
ETag: "0b5581b2c978b9008592ce15de92040a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 122099888, 76127675 132382769
Access-Control-Allow-Origin: *
Cache-Control: max-age=457194
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/09945f80-aba2-46da-9ff1-1470909407e0/f452d914-0f1e-4d9b-ae39-8b8a6e2419ac/320x180/match/ 40 KB
40 KB 77ms
10ms Image
image/jpeg 54.192.93.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998031001/09945f80-aba2-46da-9ff1-1470909407e0/f452d914-0f1e-4d9b-ae39-8b8a6e2419ac/320x180/match/image.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.93.152 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-93-152.fra2.r.cloudfront.net
Software: / BC
Resource Hash: 73f17f923f15d3a288aea0d028355fd4f46430de85e57a80b55e5d2b7f53e562

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 21:29:40 GMT
Via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
Age: 43947
X-Powered-From: us-east-1d
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: EKuOUNjOY_XZV9fFTg14LBDosJMxmF6rv95wXIPeSYyTQlNUB_t0OQ==

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998033001/a7ae1700-683a-4869-ad37-aee3715350f1/691cb1d1-61db-46cc-b736-92350fc09d3c/160x90/match/ 2 KB
2 KB 440ms
385ms Image
image/jpeg 54.192.93.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998033001/a7ae1700-683a-4869-ad37-aee3715350f1/691cb1d1-61db-46cc-b736-92350fc09d3c/160x90/match/image.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.93.152 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-93-152.fra2.r.cloudfront.net
Software: / BC
Resource Hash: afc60b0bf665af8b6534071ea08a367fa93a36c8f405635fc047452505a97bfe

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
Via: 1.1 f51b809c33f0bb5b1d5504f4df0c0a3f.cloudfront.net (CloudFront)
X-Powered-From: us-east-1d
X-Powered-By: BC
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 1886
X-Amz-Cf-Id: TwDth42hUz4cpE7gvMVQOYRRWsdXCIqkCExdfKs-VUTuXJkXz1jHjg==

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998033001/4773149e-fe5c-4ead-81e0-83b60003e3a7/bac460c5-6633-4e6e-9526-dc89122dd95d/480x270/match/ 24 KB
25 KB 84ms
10ms Image
image/jpeg 54.192.93.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998033001/4773149e-fe5c-4ead-81e0-83b60003e3a7/bac460c5-6633-4e6e-9526-dc89122dd95d/480x270/match/image.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.93.152 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-93-152.fra2.r.cloudfront.net
Software: / BC
Resource Hash: ab4155daede24740dc715eee71a4648f6c9e79ecd219b8d670b4bcce33034be4

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 29 Dec 2018 22:59:34 GMT
Via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
Age: 38553
X-Powered-From: us-east-1c
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: ZwiL5cVEPFIxi-3mrt9NYQ8NlnG24UnRLsCW8lvXz-0KScEgOY9_-g==

GET
H/1.1 200
OK IMG_7715.JPG
www.heraldonline.com/latest-news/cqni5r/picture223517620/alternates/LANDSCAPE_768/ 26 KB
27 KB 86ms
80ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/latest-news/cqni5r/picture223517620/alternates/LANDSCAPE_768/IMG_7715.JPG
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 54671070d2d0bca21b819b6907e2127727c8df07e62bc3e8e110b238872ce328

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 21310
Connection: keep-alive
Content-Length: 26826
Last-Modified: Mon, 24 Dec 2018 16:51:03 GMT
Server: MI
ETag: "3fb9ed60ddf147cb93d5639bfe5c5086"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 753010500, 23167243 778635313
Access-Control-Allow-Origin: *
Cache-Control: max-age=190723
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK Congo_Elections_27642.jpg
www.mcclatchy-wires.com/incoming/nlrk8/picture223736025/alternates/LANDSCAPE_480/ 21 KB
21 KB 6478ms
11ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/nlrk8/picture223736025/alternates/LANDSCAPE_480/Congo_Elections_27642.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0967f48ff44ab7c9d11c3159efe55346d4a9568c17337072ce33940baaff2e19

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:14 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 1127
Connection: keep-alive
Content-Length: 21264
Last-Modified: Sun, 30 Dec 2018 07:40:01 GMT
Server: MI
ETag: "2f90011c791a4c889560a3f51babb27d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 951060985, 962268039 966001275
Access-Control-Allow-Origin: *
Cache-Control: max-age=597517
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK TK-rain%20122818.jpg
www.heraldonline.com/latest-news/n43h6d/picture223677835/alternates/LANDSCAPE_768/ 46 KB
47 KB 10ms
9ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/latest-news/n43h6d/picture223677835/alternates/LANDSCAPE_768/TK-rain%20122818.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 02b629a6f9cd7d94dbabe1aff0b1c5d1ce80d0389385b21de008c643f53ff25d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 251
Connection: keep-alive
Content-Length: 47596
Last-Modified: Fri, 28 Dec 2018 19:21:59 GMT
Server: MI
ETag: "ee9a6faa130dd19916a2eaa51f6f0510"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 287342793 267913282
Access-Control-Allow-Origin: *
Cache-Control: max-age=466791
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK TK-Winthrop%20basketball_lead_122918.jpg
www.heraldonline.com/latest-news/bzwvfp/picture223715110/alternates/LANDSCAPE_768/ 49 KB
50 KB 12ms
11ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/latest-news/bzwvfp/picture223715110/alternates/LANDSCAPE_768/TK-Winthrop%20basketball_lead_122918.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6629feac927e3a8bd68ee60ab8e8c6e2f1abd7d84f4dc693962ac215c6cb7837

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 388
Connection: keep-alive
Content-Length: 50558
Last-Modified: Sat, 29 Dec 2018 17:59:31 GMT
Server: MI
ETag: "527cbbbb34d1d09da38db424e25a81b3"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 332148141 415074739
Access-Control-Allow-Origin: *
Cache-Control: max-age=557268
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK police%20lights.jpg
www.heraldonline.com/latest-news/4sxd97/picture223623635/alternates/LANDSCAPE_768/ 20 KB
20 KB 19ms
17ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/latest-news/4sxd97/picture223623635/alternates/LANDSCAPE_768/police%20lights.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 947cc62b088ff49ec61dc03688bc9dad70d3fe30fc41ff3f68515c3f4007e28c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 6725
Connection: keep-alive
Content-Length: 20315
Last-Modified: Thu, 27 Dec 2018 18:18:46 GMT
Server: MI
ETag: "d6078dc2ff6ec82f00f3bb5d085d51dd"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 495059189, 560894437 484346926
Access-Control-Allow-Origin: *
Cache-Control: max-age=563112
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK woodpecker1.jpg
www.newsobserver.com/latest-news/m0v9hc/picture223553480/alternates/LANDSCAPE_768/ 29 KB
29 KB 340ms
17ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/m0v9hc/picture223553480/alternates/LANDSCAPE_768/woodpecker1.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d401c04895467e4adb2d7dde49e317a3ff0e8991493b71844544ed33f1c288b4

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 69
Connection: keep-alive
Content-Length: 29260
Last-Modified: Tue, 25 Dec 2018 22:02:31 GMT
Server: MI
ETag: "677361afbb6edfb3b46f7202ab563afb"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 888899952 873271592
Access-Control-Allow-Origin: *
Cache-Control: max-age=280035
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 01
www.newsobserver.com/sports/college/acc/unc/yhdd5o/picture223719845/alternates/LANDSCAPE_768/ 96 KB
97 KB 366ms
11ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/sports/college/acc/unc/yhdd5o/picture223719845/alternates/LANDSCAPE_768/01
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9d47dcbbc9ef464fca4a2358baef4011b16be4ed4ad2d5c3215430151d732219

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 330
Connection: keep-alive
Content-Length: 98410
Last-Modified: Sat, 29 Dec 2018 21:06:24 GMT
Server: MI
ETag: "280488f1a6a2d882e347304315fd498f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 429786760 397382608
Access-Control-Allow-Origin: *
Cache-Control: max-age=559423
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 01
www.newsobserver.com/sports/college/acc/nc-state/ma25s0/picture223709170/alternates/LANDSCAPE_768/ 50 KB
50 KB 392ms
13ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/sports/college/acc/nc-state/ma25s0/picture223709170/alternates/LANDSCAPE_768/01
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 105e77447e832782ef84da76460d4e44e7e3381925d6cec20c7565bc785f61e6

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 228
Connection: keep-alive
Content-Length: 51129
Last-Modified: Sat, 29 Dec 2018 03:46:27 GMT
Server: MI
ETag: "dca054813c829cf8623fb38c9e367bdf"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 709263514 673156198
Access-Control-Allow-Origin: *
Cache-Control: max-age=497112
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 0101-pett.jpg
pics.mcclatchyinteractive.com/incoming/m8tct0/picture223691340/alternates/LANDSCAPE_768/ 46 KB
46 KB 3568ms
9ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.mcclatchyinteractive.com/incoming/m8tct0/picture223691340/alternates/LANDSCAPE_768/0101-pett.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 93bd176d9a5b0cd94d27e730a9796a97502b08b25b33185e7ddaab5b6affb5cd

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:11 GMT
Content-Type: image/jpeg
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 95
Connection: keep-alive
Content-Length: 46863
Last-Modified: Fri, 28 Dec 2018 22:03:50 GMT
Server: MI
ETag: "678417c81ec02ef4cde64690118ce3ed"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 384139701, 401245026 399442665
Access-Control-Allow-Origin: *
Cache-Control: max-age=476556
Access-Control-Allow-Credentials: false
MI-Cache: HIT
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK Isle%20of%20Dogs.JPG
www.charlotteobserver.com/entertainment/arts-culture/inh320/picture223670085/alternates/LANDSCAPE_768/ 52 KB
52 KB 3493ms
16ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/entertainment/arts-culture/inh320/picture223670085/alternates/LANDSCAPE_768/Isle%20of%20Dogs.JPG
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5143e5f121350980f8a20ebdc99b657a506ead6ebfe6463d411768728223682a

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:11 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 21257
Connection: keep-alive
Content-Length: 53175
Last-Modified: Fri, 28 Dec 2018 17:02:21 GMT
Server: MI
ETag: "e13805d531bf1f62ebea49724444f508"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 423396100 109712544
Access-Control-Allow-Origin: *
Cache-Control: max-age=458387
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK IMG_1220kwanzaa_2_1_S02233UE.JPG
www.heraldonline.com/latest-news/d28slc/picture223559660/alternates/LANDSCAPE_768/ 37 KB
38 KB 61ms
58ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/latest-news/d28slc/picture223559660/alternates/LANDSCAPE_768/IMG_1220kwanzaa_2_1_S02233UE.JPG
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0ec2f4d8ab5bdbb94d3048b392e31c6c3982ac485cb1d7978f8df9fed98ea016

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 38
Connection: keep-alive
Content-Length: 38107
Last-Modified: Thu, 27 Dec 2018 13:05:23 GMT
Server: MI
ETag: "ee7f5baec326ffb22499ac28163427fa"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 860495164 917701839
Access-Control-Allow-Origin: *
Cache-Control: max-age=357851
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK Houdini_Great_Nephew_99295.jpg
www.mcclatchy-wires.com/incoming/jctbji/picture223614915/alternates/LANDSCAPE_768/ 36 KB
37 KB 6219ms
10ms Image
image/jpeg 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/jctbji/picture223614915/alternates/LANDSCAPE_768/Houdini_Great_Nephew_99295.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: cf33f1531e36b0c3b84862da7c184f35c1427e085a92d7b4cc5fd186a233113f

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:14 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 449
Connection: keep-alive
Content-Length: 37030
Last-Modified: Thu, 27 Dec 2018 15:04:02 GMT
Server: MI
ETag: "ad34302367cb08ec2c60c44b3369224a"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 985141882, 978387910 966067381
Access-Control-Allow-Origin: *
Cache-Control: max-age=364961
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK apple-touch-icon-57-precomposed.png
www.heraldonline.com/wps/build/images/heraldonline/ 2 KB
3 KB 165ms
10ms Image
image/png 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldonline.com/wps/build/images/heraldonline/apple-touch-icon-57-precomposed.png
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 29e62e43d61b64dff371b6f1de613919de497acfc8c04446d9ae2e78485cab26

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldonline.com/
Cookie: ntvSession={}; AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CMCMID%7C21150055866784635393236581072216117930%7CMCAAMLH-1546767728%7C6%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 50458
Connection: keep-alive
Content-Length: 2166
Last-Modified: Thu, 13 Dec 2018 20:55:00 GMT
Server: MI
ETag: W/"876-167a959e4a0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 912064749 12816625, 1067221182 981371803
Access-Control-Allow-Origin: *
Cache-Control: max-age=428870
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/png;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK escenic_s_code.js Show response
media.heraldonline.com/mistats/products/ 87 KB
30 KB 642ms
450ms Script
text/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldonline.com/mistats/products/escenic_s_code.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f749695dc1a73ea532c6da0db6b2d4942cbd795af89317d10d39dd03ac8f888d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 15:51:00 GMT
Server: Apache
ETag: "15b02-57ce9480181ca"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30488

GET
H/1.1 200
OK escenic.js Show response
media.heraldonline.com/mistats/products/ 58 KB
14 KB 503ms
411ms Script
text/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldonline.com/mistats/products/escenic.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f44d4fd30d4a26f5e0d1bb290b4bc529abd76d0fd8b2550ecf1ee682fc20a958

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Dec 2018 23:22:19 GMT
Server: Apache
ETag: "e671-57cef96032c8b"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13824

GET
H/1.1 200
OK finalizestats.js Show response
media.heraldonline.com/mistats/ 56 KB
15 KB 413ms
413ms Script
text/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldonline.com/mistats/finalizestats.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8b70a327a05ea292ce0994cf29f8b36c2bc690652df32cde1fcb0e58a0d603b1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Dec 2018 01:12:21 GMT
Server: Apache
ETag: "e03d-57d7df06681cd"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15466

GET
H/1.1 200
OK mi-footer-bee306a8b0.js Show response
www.heraldonline.com/wps/build/js/ 84 KB
26 KB 16ms
14ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/js/mi-footer-bee306a8b0.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3e597aee75562efdd689260646b85619b3a02fba76f031eac46db1d71352b918

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 297807
Connection: keep-alive
Content-Length: 26096
Last-Modified: Wed, 19 Dec 2018 17:07:55 GMT
Server: MI
ETag: W/"150fb-167c77025f8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 159913568 273681411, 602151169 286820136
Access-Control-Allow-Origin: *
Cache-Control: max-age=56755
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 233 KB
80 KB 88ms
40ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cdfed4db5adb540d074a90924a8ccccf5aa1ab4907a8196543e94712a120771c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 81947
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:07 GMT

GET
H2 200 iris.adaptive.js Show response
ovp.iris.tv/libs/adaptive/v2/ 203 KB
204 KB 112ms
8ms Script
application/javascript 2600:9000:200c:7c00:15:d134:4e40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cf156abf52b17d124f0c9e7a0cee77d87b6ad62ec6686f0cf845eaedcf5b610

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: IyELjauZPpD2Vd2h2MeH.avLd2vOMfkn
via: 1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)
last-modified: Tue, 02 Oct 2018 18:52:46 GMT
server: AmazonS3
age: 139347
etag: "b62032bb93b7538f029c1206368b5a43"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
date: Sat, 29 Dec 2018 20:28:42 GMT
accept-ranges: bytes
content-length: 208043
x-amz-cf-id: r13Sk3mW0pXe_UxuH7oVOwHX33kkSa19c43VE2hsrErMHtgOjKwJlg==

GET
H/1.1 200
OK brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js Show response
www.heraldonline.com/wps/build/webpack/ 754 KB
209 KB 16ms
14ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8011db78bbaa1d854361c6494923a5f3ba5912251b1a23b34800fa633e99e050

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 13253
Connection: keep-alive
Content-Length: 213469
Last-Modified: Wed, 19 Dec 2018 17:08:51 GMT
Server: MI
ETag: W/"bc8c7-167c77100b8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 288425150 108037813
Access-Control-Allow-Origin: *
Cache-Control: max-age=160021
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 121ms
18ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9196
x-xss-protection: 1; mode=block
server: cafe
etag: 9569188893343377890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Dec 2018 09:42:07 GMT

GET
H/1.1 200
OK md5.min.js Show response
www.heraldonline.com/wps/source/scripts/libs/ 4 KB
2 KB 63ms
51ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/scripts/libs/md5.min.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dd96583d1c1525e48d9f7ccce5e741a352252297d6395962871d316e71454cc9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 455694
Connection: keep-alive
Content-Length: 1553
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"10da-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 352649387 139853950, 614859081 335414474
Access-Control-Allow-Origin: *
Cache-Control: max-age=324987
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/7462/ 35 KB
10 KB 148ms
0ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/7462/cc.js?ns=_cc7462
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.184.220.113 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E2) /
Resource Hash: a9e6ceba819527f181dec3c2fcbdbb02efcacacd16a6af839de301dd3c91a6ec

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:07 GMT
content-encoding: gzip
last-modified: Wed, 23 May 2018 20:25:02 GMT
server: ECS (fcn/40E2)
etag: "5b05ce1e-8c56+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 10432
expires: Mon, 31 Dec 2018 09:42:07 GMT

GET
H/1.1 200
OK videoStory.bundle-f1def058c6bd16ff8454.js Show response
www.heraldonline.com/wps/build/webpack/ 2 MB
307 KB 19ms
18ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/webpack/videoStory.bundle-f1def058c6bd16ff8454.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f32478d55741415b469abb35d976cc5b99fa1981db2a3e64489855225eca5f6b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 0
Connection: keep-alive
Content-Length: 313823
Last-Modified: Thu, 13 Dec 2018 20:55:54 GMT
Server: MI
ETag: W/"1d764f-167a95ab790"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 1019577926, 518456271 511314721
Access-Control-Allow-Origin: *
Cache-Control: max-age=169937
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK footer.bundle-1defef39339f4b4dfc4a.js Show response
www.heraldonline.com/wps/build/webpack/ 22 KB
6 KB 18ms
15ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/build/webpack/footer.bundle-1defef39339f4b4dfc4a.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6404b14edb7c6ca4aa7fcc217a0dd67c12f928aef365cba8f8a514bf19bd4775

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 144404
Connection: keep-alive
Content-Length: 5531
Last-Modified: Thu, 13 Dec 2018 20:55:08 GMT
Server: MI
ETag: W/"57d1-167a95a03e0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 600768572, 452072518 426082649
Access-Control-Allow-Origin: *
Cache-Control: max-age=273704
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK identityModulev3.min.js Show response
www.heraldonline.com/wps/source/scripts/libs/ 35 KB
12 KB 38ms
25ms Script
application/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/scripts/libs/identityModulev3.min.js?misv=e450407
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/source/scripts/libs/require.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: ntvSession={}; AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg=1; AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CMCMID%7C21150055866784635393236581072216117930%7CMCAAMLH-1546767728%7C6%7CMCAAMB-1546767728%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1546170128s%7CNONE%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 117
Connection: keep-alive
Content-Length: 11142
Last-Modified: Thu, 20 Dec 2018 18:06:00 GMT
Server: MI
ETag: W/"8dbb-167cccbaf40"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 310387250, 288292965 289570883
Access-Control-Allow-Origin: *
Cache-Control: max-age=313315
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK common.js Show response
media.heraldonline.com/misites/all/ 2 KB
1 KB 18ms
8ms Script
text/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldonline.com/misites/all/common.js
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/misites/rhh/heraldonline.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fbf44b00f5debb1c2319c7cfc0fd6487f6fbb770bca2ea65974f8cbb48603a7b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jun 2018 11:30:12 GMT
Server: Apache
ETag: "8b1-56dcf41bb3900"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 800

GET
H/1.1 200
OK micb.js Show response
media.heraldonline.com/mistats/ 83 KB
25 KB 10ms
9ms Script
text/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldonline.com/mistats/micb.js
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/misites/rhh/heraldonline.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6f99bf01e90c798fbdbbca30d203132220a2c06780d210973fd17f2dc8f14cdb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Dec 2018 20:44:12 GMT
Server: Apache
ETag: "14b88-57e1b202756b8"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25341

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 173ms
40ms XHR
application/json 52.51.131.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&ts=1546162927433
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/micb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.131.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 968be18c3b5491567df2601aaefadb051f8d33a9e1a44dec090967b2ca22c99f

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v013-0b313b839.edge-irl1.demdex.com 5.45.0.20181217095029 5ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: I0jP5vF9TD0=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 931
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 18 KB
8 KB 88ms
22ms Script
application/x-javascript 2600:9000:200c:6a00:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/micb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b48ef5a7bc3d64c9e962bd440b6071266a0b7fa786f5c9556e283d025ead506b

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 08:57:53 GMT
content-encoding: gzip
last-modified: Thu, 25 Oct 2018 02:07:51 GMT
server: nginx
age: 2655
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-id: wDA1Fj6UCQybvzIoHsfnUIYfntZyuSakwP6yCLD3vYPhHzIGHiGwKA==
via: 1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
expires: Sun, 30 Dec 2018 10:57:53 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 717 B
1 KB 364ms
37ms XHR
application/json 185.33.223.200
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.200 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

3756f8d553773f63ebfa15b805ac8e803d41fc80f1eb99836b9a68528585919b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 30 Dec 2018 09:42:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 83.97.23.53; 83.97.23.53; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4b89fbe1-8e3b-4653-afac-a2c359b2adbf
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK aardvark Show response
bidder.rtk.io/CkGd/HjZw_quFl_quFl_HjZw_c1Gg_c1Gg/ 822 B
1 KB 1863ms
503ms XHR
text/html 69.164.212.247
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.rtk.io/CkGd/HjZw_quFl_quFl_HjZw_c1Gg_c1Gg/aardvark?version=1&jsonp=false&rtkreferer=https%3A%2F%2Fwww.heraldonline.com%2F&categories=_HomePage&HjZw=1274d1f059cd5bf&quFl=11db36936c9b374&c1Gg=14d99ba07418d76&
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.164.212.247 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li127-247.members.linode.com
Software: RTK AdStorm/1.0 /
Resource Hash: 59a4415db792c2a9960215fbd93888f166b16b259ca6d4cdaa1a331ade6983ed

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:09 GMT
Content-Encoding: gzip
Server: RTK AdStorm/1.0
Etag: "f7072b01fec537d340b7dc68d2a1da670be14fc1"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Rtk-Nid: li1846-222.members.linode.com:121
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
Content-Length: 184
Expires: 0

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
218 B 946ms
231ms XHR
text/plain 182.161.72.73
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=11&wv=1.22.0&cb=17573533162
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 182.161.72.73 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.heraldonline.com
Date: Sun, 30 Dec 2018 09:42:07 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Timing-Allow-Origin: *
Vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 257 B
2 KB 296ms
94ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80328&zone_id=493126&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.heraldonline.com%2F&tk_flint=pbjs_lite_v1.22.0&x_source.tid=31a5bc0f-a39e-409b-acfe-cc2b26fe2d58&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4165021822553554
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: a0119af86e6c98dfe8bed8a34234e867d159e33970f4b03194ac73e73bb47936

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:08 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=3
Content-Length: 257
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 258 B
2 KB 444ms
144ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80328&zone_id=493126&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.heraldonline.com%2F&tk_flint=pbjs_lite_v1.22.0&x_source.tid=e3ed344f-aa58-4921-b303-6f1a88812c3c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.48877447820948006
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 84020dd783ae58c433e467114179b874069f0b231e6326b982f8248051e9dd6c

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:08 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=7
Content-Length: 258
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 258 B
2 KB 609ms
162ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80328&zone_id=493126&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.heraldonline.com%2F&tk_flint=pbjs_lite_v1.22.0&x_source.tid=ce7ee9d2-ba9f-491e-a8d8-16a2743f39e4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2963130904328648
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: fe8f146e376d45dbf742856ba5f10b6105d06f0c9a1c9191d3c3b9aac3c06604

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:08 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 258
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 257 B
2 KB 695ms
86ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80328&zone_id=493126&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.heraldonline.com%2F&tk_flint=pbjs_lite_v1.22.0&x_source.tid=bb562740-c432-4417-b667-835d2732338e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.17539407038888366
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 945751c2660178588fb3622367fc497295c5947e90e185a25f82df5787c4111a

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:08 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=5
Content-Length: 257
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 238 B
2 KB 797ms
101ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80328&zone_id=493126&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.heraldonline.com%2F&tk_flint=pbjs_lite_v1.22.0&x_source.tid=c5022e39-32cf-4440-a62a-4efd82f30e00&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.05540077810839095
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: aa04644741387aff29d34111a2f6d6c217b2a900b4848977214d372d14308f38

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:08 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 238 B
2 KB 947ms
103ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80328&zone_id=493126&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.heraldonline.com%2F&tk_flint=pbjs_lite_v1.22.0&x_source.tid=fe4a764d-64ea-4988-8910-77f232fcaff3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3393552843916965
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 8271c41d682033bf882f902ef51faa5c80558c02cbf626c658114518b57d5196

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:08 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET cygnus
as-sec.casalemedia.com/ 0
0

GET arj
mcclatchy-d.openx.net/w/1.0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20970x250;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4867228/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20728x90;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866270/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x250;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866271/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x600;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866273/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x250;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866271/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x600;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866273/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20970x250;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4867228/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20728x90;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866270/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x250;misc=1546162927835;
adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866271/0/0/ 0
0

POST /
colossusssp.com/ 0
0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 522 B
707 B 123ms
25ms XHR
text/html 2a02:fa8:8806:13::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 31c38f5664e51b52b0ae132135ce81c84b890c1dadf7956d04ab297ab10295c1

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:07 GMT
server: nginx
status: 200
content-type: text/html
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 522
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 730 B
1 KB 415ms
70ms XHR
application/json 185.33.223.200
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.200 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

63003d454d1380d85b6792ccd59d2f7650c544bd0f1c0ca910f1ea96e5f92308

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 30 Dec 2018 09:42:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 83.97.23.53; 83.97.23.53; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.174:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 778075da-9f00-4b48-8dca-a41f3b67d203
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK McClatchySans-Semibold.woff
www.heraldonline.com/wps/source/fonts/mcclatchy-sans/ 23 KB
24 KB 207ms
191ms Font
application/font-woff 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/fonts/mcclatchy-sans/McClatchySans-Semibold.woff
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 214ea8fb2010180998f98d056622e9b254a60f122a53fbc3405cc5bf31dba622

Request headers

Pragma: no-cache
Origin: https://www.heraldonline.com
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 2875
Connection: keep-alive
Content-Length: 23488
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"5bc0-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 969933991 937886158
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK McClatchySans-Medium.otf
www.heraldonline.com/wps/source/fonts/mcclatchy-sans/ 77 KB
32 KB 198ms
182ms Font
font/opentype 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/fonts/mcclatchy-sans/McClatchySans-Medium.otf
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8f064015340fe266718bfde6a129ca5fd0b354831b7fc989a630ce1534d30516

Request headers

Pragma: no-cache
Origin: https://www.heraldonline.com
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 1008
Connection: keep-alive
Content-Length: 32131
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"132ec-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 27656205, 951563 22773773
Access-Control-Allow-Origin: *
Cache-Control: max-age=111
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: font/opentype;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK McClatchySans-Regular.woff
www.heraldonline.com/wps/source/fonts/mcclatchy-sans/ 39 KB
39 KB 199ms
166ms Font
application/font-woff 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/fonts/mcclatchy-sans/McClatchySans-Regular.woff
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 324fcd78238de4fa8e2b800b451e568a61143478c04e42b07fbc20186a5d3062

Request headers

Pragma: no-cache
Origin: https://www.heraldonline.com
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 784
Connection: keep-alive
Content-Length: 39644
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"9adc-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 664797255 593761914
Access-Control-Allow-Origin: *
Cache-Control: max-age=118
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.heraldonline.com/wps/source/fonts/font-awesome/ 55 KB
56 KB 383ms
173ms Font
application/font-woff2 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Pragma: no-cache
Origin: https://www.heraldonline.com
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 467
Connection: keep-alive
Content-Length: 56780
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"ddcc-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 39682054, 9142799 61014024
Access-Control-Allow-Origin: *
Cache-Control: max-age=117
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff2;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK McClatchySerif-Semibold.woff
www.heraldonline.com/wps/source/fonts/mcclatchy-serif/ 28 KB
29 KB 376ms
165ms Font
application/font-woff 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/fonts/mcclatchy-serif/McClatchySerif-Semibold.woff
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6702fc378bfb6217cb783182307916c6e1ea3adf75b765a4fe42f830099ee467

Request headers

Pragma: no-cache
Origin: https://www.heraldonline.com
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 1014
Connection: keep-alive
Content-Length: 28708
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"7024-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 2392074, 23659375 51150850
Access-Control-Allow-Origin: *
Cache-Control: max-age=111
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK McClatchySerif-Regular.woff
www.heraldonline.com/wps/source/fonts/mcclatchy-serif/ 45 KB
46 KB 396ms
176ms Font
application/font-woff 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldonline.com/wps/source/fonts/mcclatchy-serif/McClatchySerif-Regular.woff
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 051e1751a6613c5bbc96e6c6d63970979e637ff34af19c4be515d96e7d956937

Request headers

Pragma: no-cache
Origin: https://www.heraldonline.com
Accept-Encoding: gzip, deflate, br
Host: www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CvVersion%7C3.1.0; ntvSession={}
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/wps/build/css/main2018-896d23ba0f.css
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 614
Connection: keep-alive
Content-Length: 46024
Last-Modified: Thu, 13 Dec 2018 20:50:46 GMT
Server: MI
ETag: W/"b3c8-167a9560470"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 46531097 3932168
Access-Control-Allow-Origin: *
Cache-Control: max-age=117
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK Cookie set dest5.html
mcclatchy.demdex.net/ Frame F62C 0
0 181ms
41ms Document
text/html 34.243.36.162
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/micb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.36.162 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-243-36-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: mcclatchy.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldonline.com/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=21270680339052163883185305171053520157
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Sat, 22 Dec 2018 23:46:11 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=21270680339052163883185305171053520157;Path=/;Domain=.demdex.net;Expires=Fri, 28-Jun-2019 09:42:08 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: 8nM2d+wTSGg=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK id Show response
mcclatchy.sc.omtrdc.net/ 3 B
485 B 136ms
23ms XHR
application/x-javascript 172.82.228.19
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=21150055866784635393236581072216117930&ts=1546162928189

Requested by

Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/micb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.228.19 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 30 Dec 2018 09:42:08 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC/2.0.0
xserver: www171
Vary: Origin
X-C: ms-6.5.1
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: https://www.heraldonline.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 3
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=21270680339052163883185305171053520157
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XCiS8wAADmgkLjx0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XCiS8wAADmgkLjx0

42 B
769 B

58ms
34ms

Image
image/gif

52.51.131.19
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XCiS8wAADmgkLjx0
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.131.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v013-0d1c7f74d.edge-irl1.demdex.com 5.45.0.20181217095029 5ms
Pragma: no-cache
X-TID: ZRneN5YWQrg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: YdCdvSIlRuU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XCiS8wAADmgkLjx0
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1545073489967/ 259 KB
91 KB 64ms
11ms Script
text/javascript 2a00:1450:4001:81b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1545073489967/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

05a4fbe67fc787e95c8f7014c830424b4441dcbfef8449b7b69108251c0d659c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Dec 2018 21:15:00 GMT
server: sffe
age: 957700
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 92535
x-xss-protection: 1; mode=block
expires: Thu, 19 Dec 2019 07:40:28 GMT

GET
H/1.1 200
OK .js Show response
s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/json/client/11/www.heraldonline.com/ 621 B
720 B 518ms
117ms Script
application/json 52.216.232.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/json/client/11/www.heraldonline.com/.js?t=0.7013566385807919
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.232.149 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ea11db6fb3b765046ee83fb54dd410f95a88fcd8f61329672f2d5645870f50d1

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:09 GMT
Content-Encoding: gzip
x-amz-expiration: expiry-date="Sun, 31 Mar 2019 00:00:00 GMT", rule-id="Automatically Delete Files 90 days or older"
Last-Modified: Sun, 30 Dec 2018 09:41:46 GMT
Server: AmazonS3
x-amz-request-id: 0391F8F956B0797C
ETag: "76717ded637d9a60a628a60c9bec62cf"
Content-Type: application/json; charset=utf-8
Accept-Ranges: bytes
Content-Length: 200
x-amz-id-2: uW+wP4Pf1oCRMXbJYAz22CXcQKcWb0LSlbJrstGyHORe/amEJB601mgQyLsAa7vnyxshGPfRTyA=

GET
H/1.1 200
OK oPS.js Show response
s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/external_json/ 16 KB
17 KB 685ms
174ms Script
application/javascript 52.216.232.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/external_json/oPS.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.232.149 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee4b194049893c0195d2069b63df5751aed20f433f1986070a3f421bf93fc216

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:09 GMT
Last-Modified: Fri, 21 Dec 2018 05:23:14 GMT
Server: AmazonS3
x-amz-request-id: F5194934F6FE40D3
ETag: "d19fafea54b3eff77144888c42e1d689"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 16811
x-amz-id-2: jh5TK+xrQXshYcKZq0W3iab+NOzKiQ1dAqNEVkeDoNurEp05O6QDgRFQTp+Ih/IN61pqGxLLvmE=

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 28 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/js/mi-header-8c560c29fe.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "36 / 538 of 1000 / last-modified: 1544734874"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 9687
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:08 GMT

GET
H2

200

sp.br.js Show response
js.matheranalytics.com/static/2_2_18-c/
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930704/sp.js?cb=1491
https://js.matheranalytics.com/static/2_2_18-c/sp.br.js

78 KB
25 KB

30ms
7ms

Script
application/x-javascript

107.178.250.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/2_2_18-c/sp.br.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.250.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a58ba34bed301592d50d32ce51e71807daf498091882f26e383d0f735179c7a

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 15:21:09 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2017 13:59:57 GMT
server: nginx
age: 66062
etag: "19732a99d1d74db4753d52d10ec4330e"
vary: Accept-Encoding
x-cache: HIT Mon, 03 Dec 2018 16:23:29 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 25396
via: 1.1 google

Redirect headers

date: Sun, 30 Dec 2018 09:42:11 GMT
via: 1.1 google
server: nginx
location: https://js.matheranalytics.com/static/2_2_18-c/sp.br.js
vary: Accept-Encoding
status: 301
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 1-gc-euw1-10909

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/finalizestats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 1667
date: Sun, 30 Dec 2018 09:14:21 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Sun, 30 Dec 2018 11:14:21 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 1088ms
9ms Script
application/x-javascript 18.197.206.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/finalizestats.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.206.194 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-197-206-194.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:09 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30-Dec-2018 09:42:09 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Sun, 06 Jan 2019 09:42:09 GMT

GET
H/1.1 200
OK mi_content_tracker.js Show response
media.heraldonline.com/mistats/ 4 KB
2 KB 145ms
144ms Script
text/javascript 104.109.59.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldonline.com/mistats/mi_content_tracker.js
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/misites/rhh/heraldonline.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.109.59.81 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-59-81.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: media.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldonline.com/
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17896%7CMCMID%7C21150055866784635393236581072216117930%7CMCAAMLH-1546767728%7C6%7CMCAAMB-1546767728%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1546170128s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jun 2014 15:41:43 GMT
Server: Apache
ETag: "11ff-4fb04771acb56"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1432

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/&rp=&ts=compact&rnd=1546162928517
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/&rp=&ts=compact&rnd=1546162928517&ja=1

44 B
332 B

31ms
28ms

Image
image/gif

52.209.20.178
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/&rp=&ts=compact&rnd=1546162928517&ja=1
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.20.178 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-209-20-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:09 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:09 GMT
server: nginx
access-control-allow-origin: *
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldonline.com/&rp=&ts=compact&rnd=1546162928517&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 302
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 20 KB
5 KB 1295ms
195ms Script
text/javascript 54.154.94.173
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.heraldonline.com%2F
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.94.173 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-94-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 6f2e5492b49d354e7ae7627c9a1a302919490af3826217069b56c904ba5137b1

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:10 GMT
content-encoding: gzip
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 4415
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js Show response
assets.adobedtm.com/ 129 KB
43 KB 1070ms
16ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/micb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 519e21c72475614a00a867178a4eee5f1fa56ff3decbff6c187263a66fa7f32b

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 15:21:31 GMT
Server: Apache
ETag: "55faa2435604df5cf422a070a6d8ace5:1545060091"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Expires: Sun, 30 Dec 2018 10:42:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldonline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldonline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
63 KB 101ms
53ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:09 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 163 B
474 B 173ms
104ms XHR
application/json 2a04:4e42::714
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=heraldonline.com&domain=heraldonline.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: b9ac332257f2a4dc08689ccae29c3e1ed6111a3a43cb0f23f5abf22f88e93dde

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:09 GMT
content-encoding: gzip
x-cacheable: YES
x-backend: default
age: 0
x-cache: MISS, MISS
status: 200
x-cache-hits: 0
x-restarts: 0
content-length: 128
x-served-by: cache-fra19128-FRA
access-control-allow-origin: *
x-timer: S1546162929.982885,VS0,VE98
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 28 Dec 2018 09:42:09 GMT

POST
H2 204 pack Show response
rb.adnxs.com/ 0
271 B 381ms
18ms XHR
text/plain 37.252.167.211
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.211 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 30.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

status: 204
date: Sun, 30 Dec 2018 09:42:11 GMT
access-control-allow-credentials: true
server: nginx/1.10.1
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 14ms
14ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1290538781&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldonline.com%2F&dh=heraldonline.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YFDAAAABC~&jid=1598986471&gjid=1855646714&cid=586799177.1546162929&tid=UA-48284889-1&_gid=1619175332.1546162929&_r=1&cd1=RHH&cd2=Herald%20Online&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=Herald%20Online&cg2=Homepage&z=1271894751

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 18ms
14ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1290538781&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldonline.com%2F&dh=heraldonline.com&ul=en-us&de=UTF-8&dt=Home%3A%20Homepage&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YFDAAAABC~&jid=383074382&gjid=1144833144&cid=586799177.1546162929&tid=UA-48280268-1&_gid=1619175332.1546162929&_r=1&cd1=RHH&cd2=Herald%20Online&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd5=Unregistered&cd6=Homepage&cg1=Herald%20Online&cg2=Homepage&z=1727994460

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 pack Show response
rb.adnxs.com/ 0
271 B 111ms
17ms XHR
text/plain 37.252.167.211
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.211 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 30.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

status: 204
date: Sun, 30 Dec 2018 09:42:11 GMT
access-control-allow-credentials: true
server: nginx/1.10.1
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 3466ms
110ms XHR
text/xml 52.94.237.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/external_json/oPS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.94.237.36 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: adcf75e8e48ceba6645216cacbec916f7bd9d5c158595de41145a0b20b83c55b

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 30 Dec 2018 09:42:12 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: bd4b695a-ddda-5198-93d0-3df848eee3cd
Content-Length: 378
Content-Type: text/xml

GET 8b828af8-f9d2-4898-939d-572259935a89
https://www.heraldonline.com/ 0
0

OPTIONS
H/1.1 200
OK 5984460491001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998033001/videos/ 0
769 B 4055ms
99ms XHR
text/plain 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998033001/videos/5984460491001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: accept

Response headers

BCOV-instance: i-09b9d76f923d1fc10, 6e0a9f1, 2018-12-30 09:42:13.508Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 7068256c-e830-4331-a7b3-f61877809cd6
Date: Sun, 30 Dec 2018 09:42:13 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
access-control-allow-methods: HEAD,GET,OPTIONS
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998033001/videos/5984460491001
access-control-allow-origin: *
access-control-max-age: 86400
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
Connection: keep-alive
access-control-allow-headers: accept
Content-Length: 0
X-Amz-Cf-Id: 9CaJ0LQPP2Zg8vhmkCldQ6yGsCP_J5tnierbfShJnclh-vHVlHwVLQ==

OPTIONS
H/1.1 200
OK 5984492474001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/ 0
769 B 4153ms
99ms XHR
text/plain 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984492474001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: accept

Response headers

BCOV-instance: i-0aab5cb1478dedafa, 6e0a9f1, 2018-12-30 09:42:13.614Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: dbec4206-8883-4711-a199-f84dc0a80306
Date: Sun, 30 Dec 2018 09:42:13 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
access-control-allow-methods: HEAD,GET,OPTIONS
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984492474001
access-control-allow-origin: *
access-control-max-age: 86400
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
Connection: keep-alive
access-control-allow-headers: accept
Content-Length: 0
X-Amz-Cf-Id: JxTwT5xA56yK1z75pcEjw2iRy0UXGZX5xBw3_h9TvabfP5EjgPQ7-w==

OPTIONS
H/1.1 200
OK 5984495430001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/ 0
769 B 4250ms
97ms XHR
text/plain 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984495430001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: accept

Response headers

BCOV-instance: i-05fdb5d84b6a3f39c, 6e0a9f1, 2018-12-30 09:42:13.705Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 76ff130d-ab10-4a01-bc8f-d2a9cbac7c60
Date: Sun, 30 Dec 2018 09:42:13 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
access-control-allow-methods: HEAD,GET,OPTIONS
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984495430001
access-control-allow-origin: *
access-control-max-age: 86400
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
Connection: keep-alive
access-control-allow-headers: accept
Content-Length: 0
X-Amz-Cf-Id: pHSrjiuxG-nE4rmNvmE0pXpSa1IUwEx9gtI07wMfidQrNIwvLOrTqA==

OPTIONS
H/1.1 200
OK 5984478808001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/ 0
769 B 4350ms
101ms XHR
text/plain 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984478808001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Access-Control-Request-Method: GET
Origin: https://www.heraldonline.com
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: accept

Response headers

BCOV-instance: i-06ceb380341a2fa93, 6e0a9f1, 2018-12-30 09:42:13.812Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 83d0c740-668e-401d-9990-cfddfec027ab
Date: Sun, 30 Dec 2018 09:42:13 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
access-control-allow-methods: HEAD,GET,OPTIONS
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984478808001
access-control-allow-origin: *
access-control-max-age: 86400
Cache-Control: max-age=0, no-cache, no-store
X-Cache: Miss from cloudfront
Connection: keep-alive
access-control-allow-headers: accept
Content-Length: 0
X-Amz-Cf-Id: KdoUKQS63koxPIMGS6g6dHKsBdMbf_7uHxnjr2pgh6lmQ8dLYRoA-g==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968074018/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968074018/?random=1546162929504&cv=9&fst=1546162929504&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heraldonline.com%2F&tiba=Rock%20Hill%20SC%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20The%20Herald&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0d7a2fc91818a8014ef4d5319c96c0efcbb0374e30521554fdde609f27fabfcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 974
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 5a32c69b-50cb-42ee-bd3b-fda52aea8945
https://www.heraldonline.com/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/968074018/ 42 B
146 B 22ms
22ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/968074018/?random=1546162929504&cv=9&fst=1546160400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heraldonline.com%2F&tiba=Rock%20Hill%20SC%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20The%20Herald&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=619584513&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/968074018/ 42 B
135 B 23ms
22ms Image
image/gif 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/968074018/?random=1546162929504&cv=9&fst=1546160400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heraldonline.com%2F&tiba=Rock%20Hill%20SC%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20The%20Herald&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=619584513&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 170 KB
32 KB 623ms
622ms XHR
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3518421458843722&correlator=3444583998660324&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061864%2C21061763%2C21062453&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=7675%2CRHL.site_heraldonline%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C960x30%7C970x90%7C728x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C970x90%7C970x250%7C728x90%2C300x250%2C300x250%2C1600x600%2C285x70&ists=256&prev_scp=id%3D7045%26vl%3D0%7Catf%3Dy%26vl%3D0%26optimera%3DD4%2CJ5%2CD3%2CJ0%2CE1%26id%3D7045%26pkg%3Da%7Catf%3Dy%26vl%3D0%26optimera%3DA6%2CB3%26id%3D7045%26pkg%3Db%7Catf%3Dn%26vl%3D0%26optimera%3DA6%2CB3%26id%3D7045%26pkg%3Dc%7Catf%3Dn%26vl%3D0%26optimera%3DD4%2CJ0%2CE1%26id%3D7045%26pkg%3Dnone%7Catf%3Dn%26vl%3D0%26optimera%3DA6%26id%3D7045%26pkg%3De%7Catf%3Dn%26vl%3D0%26optimera%3DA6%26id%3D7045%26pkg%3Df%7Catf%3Dy%26vl%3D0%26optimera%3D0%26id%3D7045%7Catf%3Dn%26vl%3D0%26optimera%3DJ0%26id%3D7045&eri=1&cust_params=lpid%3D%26pl%3Dhomepage%26swgt%3Dna%26sect%3Decefrontpage%26ref%3D&cookie_enabled=1&bc=15&abxe=1&lmt=1546162919&dt=1546162930133&dlt=1546162927046&idt=2849&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C313%2C262%2C1022%2C308%2C1022%2C1022%2C0%2C0&adys=0%2C170%2C1090%2C2699%2C4194%2C4814%2C6377%2C0%2C0&adks=781883906%2C325458224%2C4142552454%2C4142552472%2C3781669509%2C1831282235%2C2903094828%2C252044613%2C3436781732&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldonline.com%2F&dssz=61&icsg=17603594751183&mso=32&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x75%7C1140x30%7C379x300%7C379x300%7C1140x90%7C379x628%7C349x250%7C1600x650%7C300x-1&msz=0x0%7C1140x30%7C349x250%7C349x250%7C1140x90%7C349x250%7C349x250%7C0x0%7C0x-1&ga_vid=586799177.1546162929&ga_sid=1546162930&ga_hid=1290538781&fws=128%2C0%2C0%2C0%2C0%2C0%2C0%2C128%2C128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

080ffb8251e493ef18b7af8e819640d9628b65779e0e514ab0ff3cf98edbabb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 32346
x-xss-protection: 1; mode=block
google-lineitem-id: -2,-1,-1,-1,-1,4887514991,4882308209,-2,4876847251
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,138254197933,138253312124,-2,138252759793
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.heraldonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ 57 KB
22 KB 50ms
45ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:10 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ 1 KB
992 B 270ms
207ms Script
application/x-javascript 2600:9000:200c:d200:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:d200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:14:51 GMT
content-encoding: gzip
last-modified: Mon, 26 Mar 2018 17:43:26 GMT
server: AmazonS3
age: 1640
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: cCXz7ZrfAsXakTMlNDF_r2g-dv86XBFkdCG_Rx7090mntAQL3xBbvA==
via: 1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)

POST
H2 204 pack Show response
rb.adnxs.com/ 0
271 B 42ms
17ms XHR
text/plain 37.252.167.211
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.211 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 30.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

status: 204
date: Sun, 30 Dec 2018 09:42:12 GMT
access-control-allow-credentials: true
server: nginx/1.10.1
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS

GET
H2 200 json Show response
mcclatchy.tt.omtrdc.net/m2/mcclatchy/mbox/ 4 KB
2 KB 112ms
19ms XHR
application/json 66.117.29.3
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.tt.omtrdc.net/m2/mcclatchy/mbox/json?mbox=target-global-mbox&mboxSession=0883afd6edb84f9d995bdda03a177dfc&mboxPC=&mboxPage=53212cec7fcf4ea6a950a00599f7042b&mboxRid=d20076037309462aa07292ddc2108d27&mboxVersion=1.3.0&mboxCount=1&mboxTime=1546162930463&mboxHost=www.heraldonline.com&mboxURL=https%3A%2F%2Fwww.heraldonline.com%2F&mboxReferrer=&browserHeight=1200&browserWidth=1585&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageName=Home%3A%20Homepage&pageType=homepage&profile.subscriptionStatus=na&mboxMCSDID=3180B412D99E8C03-47CA3E7EB9BAFA4B&vst.trk=mcclatchy.sc.omtrdc.net&vst.trks=mcclatchy.sc.omtrdc.net&mboxMCGVID=21150055866784635393236581072216117930&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.117.29.3 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: adf74c592440345f08ebe01fd6b7699337f1b6ea2c655b70e1b7e8152ec71e6b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:10 GMT
content-encoding: gzip
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldonline.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: d20076037309462aa07292ddc2108d27

GET
H/1.1 200
OK RC98ea2cd265414c6090e5060ef9d016cc-source.min.js Show response
assets.adobedtm.com/BL3eb523387cf64605a859aaf8b815a5c6/ 395 B
702 B 12ms
7ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/BL3eb523387cf64605a859aaf8b815a5c6/RC98ea2cd265414c6090e5060ef9d016cc-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a1cf45023fd10337a8b389f70bb7fa9c81471380ba4f9c412d8b05ee4b622202

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 15:21:31 GMT
Server: Apache
ETag: "20ae495ead25109c3d05e04cba228279:1545060091"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 260
Expires: Sun, 30 Dec 2018 10:42:10 GMT

GET
H/1.1 200
OK messageBanner.8a9d195c006387b0d788.js Show response
static.mcclatchyinteractive.com/yozons/ 13 KB
4 KB 114ms
8ms Script
text/javascript 2a02:26f0:64:49e::31c6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mcclatchyinteractive.com/yozons/messageBanner.8a9d195c006387b0d788.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:64:49e::31c6 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: e1f5dec9d0db65e5bd1a277183c2ba90f3a920f2c91b47108dd8723ea3b8bd81

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Aug 2018 17:01:56 GMT
Server: Apache
ETag: "3298-573e0dde23ecf"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4036

GET
H/1.1 200
OK pixel;r=978250493;labels=RHH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldonline.com%2F;fpan=1;fpa=P0-410443763-1546162930548;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1...
pixel.quantserve.com/ 35 B
479 B 141ms
8ms Image
image/gif 3.120.87.207
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=978250493;labels=RHH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldonline.com%2F;fpan=1;fpa=P0-410443763-1546162930548;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1546162930547;tzo=0;ogl=
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.87.207 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-87-207.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:10 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK s36707187815417 Show response
mcclatchy.sc.omtrdc.net/b/ss/nmrockhill,mccltAllMcClatchy/10/JS-2.8.1/ 2 KB
3 KB 52ms
50ms Script
application/x-javascript 172.82.228.19
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/b/ss/nmrockhill,mccltAllMcClatchy/10/JS-2.8.1/s36707187815417?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=30%2F11%2F2018%209%3A42%3A10%200%200&d.&nsid=0&jsonv=1&.d&sdid=3180B412D99E8C03-47CA3E7EB9BAFA4B&mid=21150055866784635393236581072216117930&aamlh=6&ce=UTF-8&pageName=D%3Dv4&g=https%3A%2F%2Fwww.heraldonline.com%2F&cc=USD&ch=D%3Dv23&server=D%3Dv24&events=event7&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv54&v1=Unregistered&h1=RHH%7CHerald%20Online%7C_HomePage%7C%7C%7C%7C%7CHomepage&c2=dev%3Aother&c3=D%3Dv7&v4=Home%3A%20Homepage&c5=meter%3Astorage_unsupported&c6=D%3Dh1&v7=Home&c10=%2F&v10=Nativo%2CPromo%20Banner%20CTA%2CNewsletter%20CTA&c11=ecidfailed%3Ano%7Cecidtimeout%3Ano%7Cmicb%3Ayes%7Crefresh%3Ano%7ChasFocus%3Ayes&c12=pageview%3Anormal&v12=no%20referrer&c13=Unregistered&c14=D%3Dv16&c15=dev%3Aother&v15=New&c17=D%3Dv8&c18=D%3Dv15&c20=D%3Dv51&c21=_HomePage&v23=Homepage&v24=heraldonline.com&c26=D%3Dv26&v26=RHH&c27=D%3Dv27&v27=Herald%20Online&c33=4%3A30AM&c34=Sunday&c35=D%3Dv13&c36=D%3Dv10&c39=D%3Dv14&c41=D%3Dv74&c43=D%3Dv55&c44=Entry%20Page&v45=loggedin%3Ano&c47=escenic%3Adesktop&c49=D%3Dv12&v54=https%3A%2F%2Fwww.heraldonline.com%2F&v55=Entry%20Page&c56=D%3Dv45&v71=1&v74=Product%3A%20Escenic&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&AQE=1

Requested by

Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/products/escenic_s_code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.82.228.19 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

e9b27c8caac94bf0eef97036e7ca999f431201017430ccebd1fbb4fcdc952206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-AAM-TID: r1rXtknrRrw=
Date: Sun, 30 Dec 2018 09:42:10 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.5.1
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 2482
X-XSS-Protection: 1; mode=block
DCS: dcs-prod-irl1-v013-0f098cdb1.edge-irl1.demdex.com 5.45.0.20181217095029 9ms
Pragma: no-cache
Last-Modified: Mon, 31 Dec 2018 09:42:10 GMT
Server: Omniture DC/2.0.0
xserver: www171
ETag: "3320359609405865984-5515644097450228725"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Expires: Sat, 29 Dec 2018 09:42:10 GMT

GET
H/1.1 200
OK bannerMessages.js Show response
static.mcclatchyinteractive.com/yozons/ 1 KB
975 B 8ms
7ms Script
text/javascript 2a02:26f0:64:49e::31c6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mcclatchyinteractive.com/yozons/bannerMessages.js?1546128000000
Requested by: Host: static.mcclatchyinteractive.com
URL: https://static.mcclatchyinteractive.com/yozons/messageBanner.8a9d195c006387b0d788.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:64:49e::31c6 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 693edca623523a34c296459aa6f3603e49fedc979120d5bf705fef4ecacc24e0

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 15:53:07 GMT
Server: Apache
ETag: "56d-573029f85e724"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 685

GET
H/1.1 200
OK publishertag.prebid.js Show response
static.criteo.net/js/ld/ 37 KB
13 KB 1161ms
47ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a06144cae26abb5c77702ad99e5fe0399acbf9851840c257c004ca0c4e33ffa6

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"5c1224f0-957d"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 31 Dec 2018 09:42:11 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011812051624460/ 19 KB
8 KB 63ms
7ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f5a1ce1e8d7115ab62a8270aa6c91276761d22291ac6d3a90b282c9888d87b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 791558
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7754
x-xss-protection: 1; mode=block
server: sffe
date: Fri, 21 Dec 2018 05:49:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858d6f79c108609a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2019 05:49:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 9AD3 0
0 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-31/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1737
date: Fri, 07 Dec 2018 13:54:49 GMT
expires: Sat, 07 Dec 2019 13:54:49 GMT
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 1972041
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 71 KB
26 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 08:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26696
x-xss-protection: 1; mode=block
server: cafe
etag: 10366987592970477111
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Dec 2018 09:42:56 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame E5D2 0
0 34ms
6ms Document
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-31/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1737
date: Fri, 07 Dec 2018 13:54:49 GMT
expires: Sat, 07 Dec 2019 13:54:49 GMT
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 1972042
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011812051624460/ Frame 01C3 268 KB
85 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 874097
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 86897
x-xss-protection: 1; mode=block
server: sffe
date: Thu, 20 Dec 2018 06:53:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "492d4f08a6978e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2019 06:53:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 01C3 129 KB
40 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 873679
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 41338
x-xss-protection: 1; mode=block
server: sffe
date: Thu, 20 Dec 2018 07:00:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "87cac6d139ce71e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2019 07:00:52 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 01C3 3 KB
2 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 1023771
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1602
x-xss-protection: 1; mode=block
server: sffe
date: Tue, 18 Dec 2018 13:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08ba1591bee48831"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 13:19:20 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame 01C3 35 KB
12 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 791927
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 12653
x-xss-protection: 1; mode=block
server: sffe
date: Fri, 21 Dec 2018 05:43:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c6931f03758769d2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2019 05:43:24 GMT

GET
DATA 200
OK truncated
/ Frame 01C3 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 071817ea9b0e63a5d43180a816a2d6bd3fee9692b7b3059e334e4a4603d2d0c1

Request headers

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011812051624460/ Frame CC02 268 KB
85 KB 50ms
0ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 874097
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 86897
x-xss-protection: 1; mode=block
server: sffe
date: Thu, 20 Dec 2018 06:53:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "492d4f08a6978e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2019 06:53:54 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame CC02 129 KB
40 KB 56ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 873679
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 41338
x-xss-protection: 1; mode=block
server: sffe
date: Thu, 20 Dec 2018 07:00:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "87cac6d139ce71e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2019 07:00:52 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame CC02 3 KB
2 KB 53ms
4ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 1023771
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1602
x-xss-protection: 1; mode=block
server: sffe
date: Tue, 18 Dec 2018 13:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08ba1591bee48831"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 13:19:20 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011812051624460/v0/ Frame CC02 35 KB
12 KB 50ms
1ms Script
text/javascript 2a00:1450:4001:816::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011812051624460/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 791927
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 12653
x-xss-protection: 1; mode=block
server: sffe
date: Fri, 21 Dec 2018 05:43:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c6931f03758769d2"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2019 05:43:24 GMT

GET
DATA 200
OK truncated
/ Frame CC02 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b15fb7fe56319cfa6731732e1f98392355ddcbaba1de6cd485b6e4a891220975

Request headers

Response headers

Content-Type: image/png

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20181205/r20110914/ Frame 9E98 32 KB
12 KB 35ms
0ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/abg_lite.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8992a5f44d63a4134a96b8c3cf8ca710e061be0201ab6e255aabac6b8225929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 04:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 968108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 12246
x-xss-protection: 1; mode=block
server: cafe
etag: 16589058008777368676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jan 2019 04:47:03 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/ Frame 9E98 3 KB
1 KB 39ms
0ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2518069e8bb56d7d922d27e89e19b714fefbf4410c83964aa09d571f6aeb4a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 21 Dec 2018 06:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1255
x-xss-protection: 1; mode=block
server: cafe
etag: 5672849149211090809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 06:27:30 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E98 73 KB
27 KB 78ms
35ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:11 GMT

GET
H2 200 12723898133782163635
tpc.googlesyndication.com/simgad/ Frame 9E98 19 KB
19 KB 39ms
0ms Image
image/jpeg 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12723898133782163635

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8557964080aadd399ce94fd6e8d774b1a16a83d0ad47e0decb21e0e1019be26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 12:15:02 GMT
x-content-type-options: nosniff
age: 941229
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 19675
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Dec 2018 06:09:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2019 12:15:02 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20181205/r20110914/ Frame 2CC7 32 KB
12 KB 102ms
0ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/abg_lite.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8992a5f44d63a4134a96b8c3cf8ca710e061be0201ab6e255aabac6b8225929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 04:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 968108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 12246
x-xss-protection: 1; mode=block
server: cafe
etag: 16589058008777368676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Jan 2019 04:47:03 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/ Frame 2CC7 3 KB
1 KB 147ms
0ms Script
text/javascript 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20181205/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2518069e8bb56d7d922d27e89e19b714fefbf4410c83964aa09d571f6aeb4a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 21 Dec 2018 06:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1255
x-xss-protection: 1; mode=block
server: cafe
etag: 5672849149211090809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jan 2019 06:27:30 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CC7 73 KB
27 KB 146ms
0ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2CC7 0
54 B 162ms
0ms Image
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRncx_cJN-zdaptI4aXsR5JCbMiOeSKkgOod88oqoV6uUh4LmBQ_OgLccEB2MIGVACaTzpK
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 775265698358317076
tpc.googlesyndication.com/simgad/ Frame 2CC7 94 KB
94 KB 153ms
0ms Image
image/jpeg 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/775265698358317076

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a3a18f680ba9c854dfd17f1948325a5f35b409314e258f41cabf538e6eb0a141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 24 Dec 2018 11:05:27 GMT
x-content-type-options: nosniff
age: 513404
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 95973
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Dec 2018 08:31:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2019 11:05:27 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D823 73 KB
27 KB 157ms
0ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 12:16:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27407
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:11 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame D823 42 KB
42 KB 62ms
26ms Image
image/jpeg 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb-Y-5ogEQARgBMghwp6qNolReSA

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c4cffde1820fa6e882260909315e6b7ef9c8289b3337ca148fa8f5419f9206ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 Dec 2018 05:05:06 GMT
x-content-type-options: nosniff
server: cafe
age: 362225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/jpeg
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 43175
x-xss-protection: 1; mode=block
expires: Wed, 02 Jan 2019 05:05:06 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame D823 24 KB
24 KB 103ms
99ms Image
image/jpeg 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDb-ffvlQEQARgBMgiPaOCLcHe35A

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

47630344535e8261afc0e5e31fc9d2a8a1baeccc0e3b6949fd148b4dc30be90c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 29 Dec 2018 10:22:18 GMT
x-content-type-options: nosniff
server: cafe
age: 83993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/jpeg
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 24931
x-xss-protection: 1; mode=block
expires: Sat, 05 Jan 2019 10:22:18 GMT

GET
H2 200 3069860630165062103
tpc.googlesyndication.com/daca_images/simgad/ Frame 01C3 87 KB
87 KB 49ms
47ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3069860630165062103

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb289f2a9e4d78780397cd385e6b253c05879a7924f223adccf694fa294cacdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 04:35:16 GMT
x-content-type-options: nosniff
age: 968815
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 89102
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Sep 2018 18:39:50 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2019 04:35:16 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 01C3 2 KB
3 KB 26ms
25ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 08:07:35 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 5676
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2502
x-xss-protection: 1; mode=block
expires: Mon, 31 Dec 2018 08:07:35 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 01C3 295 B
405 B 131ms
0ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 06:47:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 10453
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 295
x-xss-protection: 1; mode=block
expires: Mon, 31 Dec 2018 06:47:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 01C3 0
54 B 34ms
33ms Image
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSywXFY2jNc7M79RrWjLwGLt7a1S7Qbrj6Gfoojw5IHma1Ov6UP-q-oNe6YUPB0VHL2whTd
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 01C3 0
46 B 145ms
0ms Image
text/html 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGHIs8pIoXIGfFJbC7gPi07eQAZ60kt9UscHegsgHv-EeEAEgmOLIG2CV-vCBjAegAdmIkfgCyAECqQILlPdm_jKzPuACAKgDAcgDCKoEzAFP0D_pNTaLWos4vraTc4oLAFp85bJLAnWTtn4u9WRe1yXE-0PrU1Xs_0VBaavbgVSPO7SLW2uWievW_d_p2A-GvzyOgUiBmQZrTeZipm6fPcM4eGIRRv3oGZC-1pFleuqAEo5cnafcYHbKhIemAedtnmoRvES1uK1wYZu_Rbij0yfBHLefPimWBcJDyhXiiM2U0H3qAp_UzkNOjvddasPi5djBEiR1ppX9MlS6EFurKJU_Q88jCyPDxkUs99f4QafcE1VacUpIEXEzbqnABLr3gMziAeAEAZIFBAgEGAGSBQQIBRgEoAYCgAeP9-6HAagHjs4bqAfVyRuoB6gGqAe50huoB7oGqAfZyxuoB8_MG6gHpr4b2AcB8gcEEOTAB9IICQiA4YBwEAEYAYAKA9gTCg&sigh=bVv9egR2LSc&tpd=AGWhJmt6ZM8mb0I7G98HXtitAU86q4eDFQ77guiIqKeTj_Wnhw
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 11595097971271976803
tpc.googlesyndication.com/daca_images/simgad/ Frame CC02 111 KB
111 KB 157ms
0ms Image
image/jpeg 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11595097971271976803

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

12858ed395213193961408e1f661d00023554e125862c1e61cca70a9b7fb44d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 09:54:56 GMT
x-content-type-options: nosniff
age: 1036035
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 113470
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Sep 2018 18:38:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2019 09:54:56 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CC02 2 KB
3 KB 135ms
4ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 08:07:35 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 5676
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2502
x-xss-protection: 1; mode=block
expires: Mon, 31 Dec 2018 08:07:35 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame CC02 295 B
362 B 53ms
5ms Image
image/png 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 06:47:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 10453
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 295
x-xss-protection: 1; mode=block
expires: Mon, 31 Dec 2018 06:47:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CC02 0
54 B 41ms
19ms Image
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSPNzzjEtm3s1LGAsS85vq3r9KILgNf_yF7LXqa6nEC2vo5O9pn_oiYnhW-UPwBeu63k5V
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:820::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CC02 0
74 B 138ms
0ms Image
text/html 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz9v28pIoXMaoFIyg3wP8uYrQDZ60kt9U-cLegsgHv-EeEAEgmOLIG2CV-vCBjAegAdmIkfgCyAECqQILlPdm_jKzPuACAKgDAcgDCKoEzAFP0HAXuXjEWCbCrAYso7t0W-jNSudhz1LyrSxveQz5zHGpPPJk-sg3GXPtlMYsW2ujtLhxCS1tuJ-VmB2yu2cHb-RySw3-r-BlS9IS5cnAbUGQ6t0d5PVm0p53SIUJA7OP-0AliyzcwGJIOFcWtt9sOvYr5mzjV701LXSEKhRO18QCRFWlxTsRAaMny6o8_BCoiwu5adwv8ixgh5unxTbk2lVvVDhdksBmSXd0m5flm2P1pt_44g3XqmSOLDSsrCV9W0TfJFcuP1NdzKLABLr3gMziAeAEAZIFBAgEGAGSBQQIBRgEoAYCgAeP9-6HAagHjs4bqAfVyRuoB6gGqAe50huoB7oGqAfZyxuoB8_MG6gHpr4b2AcB8gcEEJGmCNIICQiA4YBwEAEYAYAKA9gTCg&sigh=UsRjIBPMGxQ&tpd=AGWhJmsmy0QjbJfifQXsLH59WCy2Jxd6v752b7SVsaw_o9LMTA
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9E98 0
56 B 142ms
0ms Image
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoxqZ5RPSfN4wefS1BYFBp_kCKo2qhPkyPfrsHEs0Y2r1fIR5sdUM_iSV8rzN-bEpQo4ubBZdQn7trbGUJr0DZHTrlcY9we4NfmGYAQc1br7lD_XC5J6Pgn1x4Yb01IgTec9Jw3exVor6QtyWCnhOcXp5gL51hiXe8jxjsZjw_tRlrlaRy2bsQQSQiHYKq2vvmQFIsjQ5uqbUoR5he9xvoZBOV8j1h9zVX54g-nTGXAYd1e8ty-ZaUBfbO8FAQ3Mtegyirpk42UVGvJq-Bb9jXuCUMZPEG&sai=AMfl-YRIu9KJTUq1ggk0ujcSIiRrXU53vO6zuc2rKAegIptAjv7dLf59LmEk1VcikIevojPBtdxlN5yVm1rKJQRgIwTHTXSaFr3bN5MYxeeZUzjCxpDCgDlUMDYqlfE&sig=Cg0ArKJSzEp5WwcRVkHDEAE&adurl=

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2CC7 0
63 B 137ms
0ms Image
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0GDX7_ItkoWOqGJ-Wefa2Gdml7nnOTe9bJgZ858au3BnhGZ-Qv6FElnHm3wZUNs1ooJr5jgaqfe2TT_S8F3KKGRXFjedV8gGBxJhZHu-o8GdLmNK0D50vvpjnnH8ff215OnSotS5nW3X94GjDYVgnGGm7-I7pgje3Rw2g5QofZbcdxiUiGi2xQ9PzVQNFbJBIXBjwaGvkXGcE9g2AgEk-NOGS5JnTq8HQOQjOcXtZengGnMAXw_g5VH4k0BqIc-ewNa_BypP4Iz7ZwMpbg7bAy_C_o-As&sai=AMfl-YRAvpkQTqDsUgUcpdVHAbxf6aoJZ8Cd7JTra-B2cLwkaBg7JMhz2pUdU7vTU3snYxN4D_3HlsPVuJumSrnX5T1utUjOn5PAapJWGJ6gW8nsF-MHhGjLzswYhm0&sig=Cg0ArKJSzFuLSlDZ2b7HEAE&adurl=

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D823 0
47 B 140ms
0ms Image
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQXOIZoLP8dzH6Ls0NPq0LWsxBeduEuxPR1SI2o2a0sBcMxOfQcsDTJx4mhQ7kpW2o-Ylo5tSY1EMRTnsokcgwa-rZ7Uxwn9DKukZSDvifwmr8Mu89CuNdj9kjhT_0Fd_GqY9_rtdvgxbZg0riJu8bn9tkyyxZ5WaGdDA6vxjvM0hdu9xJWSAsStgT8f2T7G0z_GCx_2i8x8Ns6VJnv9yY5FxeRzx0484Od8WwIvoPUy7XThWhhn8_QzGMQtAjQ6_QXVQNwVtHrrM9rcPCrCp8HekBqsFOZcIq&sai=AMfl-YRFuTnGaKljXQGMYr0YTHFTRrV4VyOkrXEI0Kjg0kfeTYL_-qUYxsQPPHpXLlMjMdqvDgEDCbMEEhkzK1vG7aO7uar9wemY0-aaHrNCTiHyUeyM2BO8DdV3IrE&sig=Cg0ArKJSzDLwnAFCeCD7EAE&urlfix=1&adurl=

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 204 pack Show response
rb.adnxs.com/ 0
271 B 192ms
35ms XHR
text/plain 37.252.167.211
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.252.167.211 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 30.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

status: 204
date: Sun, 30 Dec 2018 09:42:13 GMT
access-control-allow-credentials: true
server: nginx/1.10.1
access-control-allow-origin: https://www.heraldonline.com
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: POST, OPTIONS

GET
H2

200

sp.br.js Show response
js.matheranalytics.com/static/2_2_18-c/ Frame 2CC7
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930704/sp.js?cb=1491
https://js.matheranalytics.com/static/2_2_18-c/sp.br.js

78 KB
25 KB

35ms
14ms

Script
application/x-javascript

107.178.250.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/2_2_18-c/sp.br.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.250.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a58ba34bed301592d50d32ce51e71807daf498091882f26e383d0f735179c7a

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Dec 2018 15:21:09 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2017 13:59:57 GMT
server: nginx
age: 66062
etag: "19732a99d1d74db4753d52d10ec4330e"
vary: Accept-Encoding
x-cache: HIT Mon, 03 Dec 2018 16:23:29 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 25396
via: 1.1 google

Redirect headers

date: Sun, 30 Dec 2018 09:42:11 GMT
via: 1.1 google
server: nginx
location: https://js.matheranalytics.com/static/2_2_18-c/sp.br.js
vary: Accept-Encoding
status: 301
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 7-gc-euw1-10907

GET
DATA 200
OK truncated
/ Frame 2CC7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 455e4447425f22d41120139d98b4e5ce3046290eff3f3dfbe9674409b6d50b36

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D823 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a699042df3738982a25b88547375f8d3ef73d312bac478889043d2fd32224a86

Request headers

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9E98 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e880cf6325fed75982a13fdc05b22a1bcd5ac51762cd8c31e237df2b11e0fbb

Request headers

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 01C3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
160 B

23ms
23ms

Image
text/html

2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Dec 2018 09:42:12 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame CC02
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
137 B

15ms
14ms

Image
text/html

2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

date: Sun, 30 Dec 2018 09:42:12 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 500ms
106ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.heraldonline.com%2F&page=Rock%20Hill%20SC%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20The%20Herald&sec=Homepage&prem=0&ptype=Home&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=248cd66f-80bb-46bd-bd47-6734ba239a66&pid=6ad8ba11-d8db-4d2a-8af2-127aee662393&dtm=1546162932399&qnm=_matherq&vp=1600x1200&ds=1585x7724&tofa=1546162932&vid=1&duid=4f1dcac6fff49cf6&fp=3998842399&cid=ma12095&mrk=74930704&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJfSG9tZVBhZ2V8fHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE1NDYxNjI5MjU4NjAiLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMzEuNjc5MzY4bWIiLCJoZWFwVCI6IjQ1LjA3NzE3Nm1iIiwiZmV0Y2hTIjoiMTA4OSIsImRvbWFpblMiOiIxMDkwIiwiZG9tYWluRSI6IjExMjIiLCJjb25uUyI6IjExMjIiLCJjb25uRSI6IjExNjkiLCJzc2xTIjoiMTEzMCIsInJlcXVTIjoiMTE3MCIsInJlc3BTIjoiMTE4MCIsInJlc3BFIjoiMTE5OCIsImRvbUxvYWQiOiIxMTg2IiwiZG9tSW50ZXIiOiIzODk0IiwiZG9tTG9hZFMiOiIzODk0IiwiZG9tTG9hZEUiOiIzOTA5In0sImtleXdvcmRzIjpbIk5ld3MiLCJSb2NrIEhpbGwiLCJUaGUgSGVyYWxkIiwiU0MiLCJTb3V0aCBDYXJvbGluYSIsIllvcmsiLCJGb3J0IE1pbGwiLCJDbG92ZXIiLCJMYWtlIFd5bGUiLCJDaGVzdGVyIiwiTGFuY2FzdGVyIiwiaGVhZGxpbmUiLCJzdG9yaWVzIiwiYXJ0aWNsZXMiLCJvcGluaW9uIiwibmV3c3BhcGVyIl19
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:12 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D823 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWCpRLjQlN_YFXcWR-vIrDOzwKP0Uo68JYzn2XHeOq9ZVUhcL-S2F7VpUxgl1kh3LdgB0vg7qAfMg5ML7mUxcaBzB9mH1SKdwKmhY&sig=Cg0ArKJSzGHzrejO997QEAE&adk=3436781732&tt=-1&bs=1585%2C1200&mtos=0,1065,1065,1065,1065&tos=0,1065,0,0,0&p=1091,313,1201,1273&mcvt=1065&rs=3&ht=0&tfs=285&tls=1350&mc=0.99&lte=0.99&bas=0&bac=0&avms=geo&rst=1546162931133&rpt=622&isd=0&msd=0&lm=2&oseid=3&ps=1585%2C7724&ss=1600%2C1200&pt=-1&deb=1-7-7-19-11-82-45-3&tvt=1285&r=v&id=osdim&uc=6&upc=5&tgt=DIV&cl=1&cec=12&clc=0&cac=0&cd=960x0&v=20181207

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 r Show response
amp-error-reporting.appspot.com/ Frame CC02 2 B
155 B 165ms
117ms XHR
text/plain 2a00:1450:4001:824::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://amp-error-reporting.appspot.com/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:824::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 30 Dec 2018 09:42:13 GMT
via: 1.1 google
x-powered-by: Express
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 105ms
105ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDg4MjMwODIwOSIsImVidXkiOiIyNDQyMDYyMTE2IiwiZWFkdiI6IjQ2NjA3ODc2ODMiLCJlY2lkIjoiMTM4MjUzMzEyMTI0IiwiZWVudiI6ImoiLCJlcGlkIjoiMTQ5NDMwNTQiLCJlc2lkIjoiMTQ5NDI5MzQifQ&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=e9f5fa03-b773-4b0a-8a14-1d3862df3b66&pid=6ad8ba11-d8db-4d2a-8af2-127aee662393&dtm=1546162932424&qnm=_matherq&vp=1600x1200&ds=1585x7724&tofa=1546162932&vid=1&duid=4f1dcac6fff49cf6&fp=3998842399&cid=ma12095&mrk=74930704&url=https%3A%2F%2Fwww.heraldonline.com%2F
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:13 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 105ms
104ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDg3Njg0NzI1MSIsImVidXkiOiIyNDM5NzY4Njc1IiwiZWFkdiI6IjI0ODMzODE0IiwiZWNpZCI6IjEzODI1Mjc1OTc5MyIsImVlbnYiOiJqIiwiZXBpZCI6IjE0OTQzMDU0IiwiZXNpZCI6IjE0OTQyOTM0In0&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=34ca9fee-ab0e-473d-aa62-235986455d24&pid=6ad8ba11-d8db-4d2a-8af2-127aee662393&dtm=1546162932426&qnm=_matherq&vp=1600x1200&ds=1585x7724&tofa=1546162932&vid=1&duid=4f1dcac6fff49cf6&fp=3998842399&cid=ma12095&mrk=74930704&url=https%3A%2F%2Fwww.heraldonline.com%2F
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:13 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

POST
H2 200 r Show response
amp-error-reporting.appspot.com/ Frame 01C3 2 B
64 B 116ms
115ms XHR
text/plain 2a00:1450:4001:824::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://amp-error-reporting.appspot.com/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:824::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 30 Dec 2018 09:42:13 GMT
via: 1.1 google
x-powered-by: Express
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 2

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 106ms
105ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDg4NzUxNDk5MSIsImVidXkiOiIyNDQ1MjkwMTAxIiwiZWFkdiI6IjQ2MjE2Mjk1MDciLCJlY2lkIjoiMTM4MjU0MTk3OTMzIiwiZWVudiI6ImoiLCJlcGlkIjoiMTQ5NDMwNTQiLCJlc2lkIjoiMTQ5NDI5MzQifQ&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=8fe1cc31-d8c7-4c95-a8fe-d80d076bad2b&pid=6ad8ba11-d8db-4d2a-8af2-127aee662393&dtm=1546162932428&qnm=_matherq&vp=1600x1200&ds=1585x7724&tofa=1546162932&vid=1&duid=4f1dcac6fff49cf6&fp=3998842399&cid=ma12095&mrk=74930704&url=https%3A%2F%2Fwww.heraldonline.com%2F
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:13 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK 5984460491001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998033001/videos/ 6 KB
6 KB 401ms
115ms XHR
application/json 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998033001/videos/5984460491001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

08bc35041145b3556253b8f7fa926eb3d08469adb571989bc61c9fc3a4553da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM1_OVHv23HKJSrzYCXs_MPsJqBEnnc6hBl1S71c9c9C-fgiRy2iG_tXiwoOzJ12WA3d1RznR8F_w4wEsQrs6emKxlv1lC5HQGobccKcGMP-drD8RNm4JJYnHYP_zKk_tCohO0mE
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

BCOV-instance: i-071428eb9e048daf2, 6e0a9f1, 2018-12-30 09:42:13.914Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: cba2af88-daee-4d85-9081-23095faf35d1
Date: Sun, 30 Dec 2018 09:42:13 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998033001/videos/5984460491001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=618
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: cI1YMWz9z-FGGs5bmSvNaZRFCcl8JrqA1rGAxmLaRPzTYyJO1xjFdQ==

GET
H/1.1 200
OK 5984492474001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/ 6 KB
6 KB 512ms
114ms XHR
application/json 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984492474001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

a51bb932fb26a179057e6ab9ca37ced9162592ba4003b1f455180bcef4da9b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM3nsZVax238_ZcMlYHlD4P3-dWZpT0ZFph3eHuyyfrPVUlM42Zyw6OnK8JS4clkzSfx8v3tlhm3GDBQjXL0dOvT7nbBPHsoeOOUi6mjMMvP1n7qiwaKKX3TtsqRKIom1Huw5Mfg
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

BCOV-instance: i-06ceb380341a2fa93, 6e0a9f1, 2018-12-30 09:42:14.123Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: f1069b36-fab3-415d-9f18-4d5bca07625a
Date: Sun, 30 Dec 2018 09:42:14 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984492474001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=453
Connection: keep-alive
Content-Length: 5667
X-Amz-Cf-Id: A-NoiSddZ1RXOo2p4FiWMCM4Bb2t3NFxCV58ws_8W1Ib0NG1vS-Xzg==

GET
H/1.1 200
OK 5984495430001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/ 5 KB
6 KB 532ms
117ms XHR
application/json 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984495430001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

3545fda95d8712ba01b5f141b7d321e31d259619ffbcefd7ccf48dae8e5c4042

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM3nsZVax238_ZcMlYHlD4P3-dWZpT0ZFph3eHuyyfrPVUlM42Zyw6OnK8JS4clkzSfx8v3tlhm3GDBQjXL0dOvT7nbBPHsoeOOUi6mjMMvP1n7qiwaKKX3TtsqRKIom1Huw5Mfg
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

BCOV-instance: i-00229e6c40957a6c8, 6e0a9f1, 2018-12-30 09:42:14.238Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 0116fdc3-aaf9-49e9-8ac9-3d6cd5114898
Date: Sun, 30 Dec 2018 09:42:14 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984495430001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=369
Connection: keep-alive
Content-Length: 5368
X-Amz-Cf-Id: onXB6j0Loi5RrPbXCgrQSa7HFTkIvaa7KH508wv-SrrIy1hYU0nY9A==

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8F1F 0
0 7ms
7ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldonline.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Mon, 30 Dec 2019 09:42:13 GMT
Date: Sun, 30 Dec 2018 09:42:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 706F 0
0 73ms
13ms Document
text/html 104.94.183.192
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.94.183.192 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-94-183-192.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldonline.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 06 Dec 2018 12:00:00 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=81907
Expires: Mon, 31 Dec 2018 08:27:20 GMT
Date: Sun, 30 Dec 2018 09:42:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set cs
sync.rtk.io/ Frame C919 0
0 483ms
96ms Document
text/html 69.164.212.247
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.rtk.io/cs
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.164.212.247 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li127-247.members.linode.com
Software: RTK CookiePixel/v1.0.4-2-g64a2e4a /
Resource Hash

Request headers

Host: sync.rtk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldonline.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

Date: Sun, 30 Dec 2018 09:42:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 932
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Server: RTK CookiePixel/v1.0.4-2-g64a2e4a
Set-Cookie: rtkuuid=3b7f1f10-fccc-4293-b6cd-42389ae00709; Path=/; Domain=rtk.io; Expires=Sat, 30 Mar 2019 09:42:14 GMT
X-Rtk-Nid: li131-159.members.linode.com:8002

GET
H2

200

pd
u.openx.net/w/1.0/ Frame E612
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

0
0

67ms
15ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.117.2 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldonline.com/
accept-encoding: gzip, deflate, br
cookie: i=7681486a-fabb-4b91-ab4e-79a01ae6ae20|1546162933
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

status: 200
vary: Accept
set-cookie: i=7681486a-fabb-4b91-ab4e-79a01ae6ae20|1546162933; Version=1; Expires=Mon, 30-Dec-2019 09:42:14 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1546162934|mOgikimWiygu; Version=1; Expires=Mon, 14-Jan-2019 09:42:14 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.117.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 30 Dec 2018 09:42:14 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

status: 302
set-cookie: i=7681486a-fabb-4b91-ab4e-79a01ae6ae20|1546162933; Version=1; Expires=Mon, 30-Dec-2019 09:42:13 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.117.2
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Sun, 30 Dec 2018 09:42:13 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 55CE 0
0 140ms
7ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_sc-ga1/pb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldonline.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Mon, 30 Dec 2019 09:42:14 GMT
Date: Sun, 30 Dec 2018 09:42:14 GMT
Connection: keep-alive

GET
H/1.1

200
OK

hms.gif
sync.colossusssp.com/
Redirect Chain

https://colossusssp.com/?c=o&m=cookie
https://sync.colossusssp.com/hms.gif?puid=8a483e45670fc703dc0853b54bb94243716192d7

42 B
382 B

420ms
126ms

Image
image/gif

88.214.194.105
NatCoWeb Corp.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.colossusssp.com/hms.gif?puid=8a483e45670fc703dc0853b54bb94243716192d7
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.194.105 , United Kingdom, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:48:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: https://sync.colossusssp.com/hms.gif?puid=8a483e45670fc703dc0853b54bb94243716192d7
Date: Sun, 30 Dec 2018 09:42:22 GMT
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 5984478808001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/ 5 KB
6 KB 546ms
114ms XHR
application/json 54.192.93.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984478808001

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.192.93.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-93-144.fra2.r.cloudfront.net

Software

Resource Hash

4088a6482c6e4fd4f634b00dd1cdabc6db21af111e5875318aa31acd03332095

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM3nsZVax238_ZcMlYHlD4P3-dWZpT0ZFph3eHuyyfrPVUlM42Zyw6OnK8JS4clkzSfx8v3tlhm3GDBQjXL0dOvT7nbBPHsoeOOUi6mjMMvP1n7qiwaKKX3TtsqRKIom1Huw5Mfg
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

BCOV-instance: i-09dd2d664ca56d76e, 6e0a9f1, 2018-12-30 09:42:14.351Z
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 64d235cd-6ac5-4488-af81-b72c748b33aa
Date: Sun, 30 Dec 2018 09:42:14 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998035001/videos/5984478808001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=497
Connection: keep-alive
Content-Length: 5487
X-Amz-Cf-Id: LZ44oyeOjXRlCobFhv6FCZB3yo0BCnweaF9G294syTgxykW9ECp7AA==

GET
DATA 200
OK truncated
/ 4 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 160b7aa56dbf29ae9d6fda2ddadd4d48f1894b8bb2d7c1b733bce0f40d059ee0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.heraldonline.com

Response headers

Content-Type: application/font-woff;charset=utf-8

GET 5b30802a-4532-46e4-9dac-44914a58d871
https://www.heraldonline.com/ 0
0

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/10s/ 4 KB
4 KB 7320ms
18ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/10s/master.m3u8?fastly_token=NWM0ZDgwNDRfZWIxYmVlZGRkN2I1N2UyZTVmNGJmNTY2MmUwYTBhYjExOTAxODVkY2JlZWJmMTRmYWI4ZjczZTZmNTQ3N2NkZQ%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 1f41826bce531f6b74075656eae6bfdb7e1ced0715c0bac3387ab8314ae92a2a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 46146
x-powered-by: BC
x-cache: HIT
status: 200
x-bolt-device-group: unknown
content-length: 3717
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.552045,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/ 16 KB
4 KB 32ms
5ms Stylesheet
text/css 2600:9000:200c:7c00:15:d134:4e40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/IrisUpNext.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b174642e60d1a7682f2e323e163d99d14305e50e77bfdc520a8cf7529146208a

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: zDVOqy3ytDgUM1eQWtYhuxx6YUL7O87x
content-encoding: gzip
last-modified: Tue, 20 Mar 2018 17:27:25 GMT
server: AmazonS3
age: 39014
date: Sun, 30 Dec 2018 07:16:47 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: fjyN2g-PKx6kOWULWyFR6Koz2PP_7AthOh0GfIOYKpWhVZYaOKr8eA==
via: 1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)

GET
H2 200 IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 6 KB
4 KB 32ms
5ms Stylesheet
text/css 2600:9000:200c:7c00:15:d134:4e40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7c00:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7e243a7ee23df78d32cf91c469c13315f0e4b78de0fb303229ded90e37b46bc

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: PLLOiCJUglxWch4pBH71CApSb.4q4_4z
content-encoding: gzip
last-modified: Wed, 14 Nov 2018 22:50:26 GMT
server: AmazonS3
age: 39002
date: Sun, 30 Dec 2018 06:51:37 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: 5o8EvlD5_-bZnzdIjj6TT2zk9o2BQjenBmU2zoSuL7GEifvm8yYaXA==
via: 1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)

GET
H2 200 bridge3.266.0_en.html
imasdk.googleapis.com/js/core/ Frame 03B2 0
0 10ms
7ms Document
text/html 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.266.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 172331
date: Thu, 13 Dec 2018 17:59:34 GMT
expires: Fri, 13 Dec 2019 17:59:34 GMT
last-modified: Thu, 13 Dec 2018 17:52:10 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 1438960
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10523
x-xss-protection: 1; mode=block
expires: Sun, 30 Dec 2018 09:42:14 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/main/1280x720/20s983ms/match/ 179 KB
180 KB 195ms
11ms Image
image/jpeg 54.192.93.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/main/1280x720/20s983ms/match/image.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.93.152 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-93-152.fra2.r.cloudfront.net
Software: / BC
Resource Hash: 0149c293648c98bc3677531900cb8e4e7ef18a04b8ae7cf46c4a95c9c7c6f790

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

Date: Sat, 29 Dec 2018 21:29:48 GMT
Via: 1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront)
Age: 43946
X-Powered-From: us-east-1d
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: SZhrvvklUE11dZDqhEO3fCW7QM76_SUa-LfIHaqXOsitCArUIW1UaA==

GET b0377f07-76eb-45fb-ae33-c92d161af1c6
https://www.heraldonline.com/ 0
0

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/10s/ 4 KB
4 KB 7061ms
12ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/10s/master.m3u8?fastly_token=NWM0ZDdmZDlfOGIzMDhjNTFmMzUyNGY3MGZjM2ZjZDQ4ZWIwMGUzMmM2MTEzMmI3ZWM1YWNhY2Y5YTMxODk3MjBhZTg5YTQ4MA%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: d30f42d5fc9fc2ade5620c6a4e1be60282a972defbca78eb7ae370d09d300448

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 26571
x-powered-by: BC
x-cache: HIT
status: 200
x-bolt-device-group: unknown
content-length: 3717
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.552055,VS0,VE1
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET 6b89c612-3e2d-412a-b702-3f45611762da
https://www.heraldonline.com/ 0
0

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/10s/ 4 KB
4 KB 6983ms
11ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/10s/master.m3u8?fastly_token=NWM0ZDdmYjlfZmE2MmYwYWY3NWZjYjQ1Y2JlN2RiMjZjODUyOWI3YTBjNjgzZjAyYTVhZjQ2ZTNmY2RhN2RkNTQ3YzU1ODViYQ%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 3a64cdf4ce971147ff0225bff51cac0180e46f87b6a5f1c92862ee7c8bda853e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 26571
x-powered-by: BC
x-cache: HIT
status: 200
x-bolt-device-group: unknown
content-length: 3717
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.552135,VS0,VE0
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 bridge3.266.0_en.html
imasdk.googleapis.com/js/core/ Frame 8F9C 0
0 39ms
20ms Document
text/html 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.266.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 172331
date: Thu, 13 Dec 2018 17:59:34 GMT
expires: Fri, 13 Dec 2019 17:59:34 GMT
last-modified: Thu, 13 Dec 2018 17:52:10 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 1438960
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/42ebe5e1-9c53-48a2-99af-8544a2325678/1280x720/match/ 179 KB
179 KB 149ms
26ms Image
image/jpeg 54.192.93.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/42ebe5e1-9c53-48a2-99af-8544a2325678/1280x720/match/image.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.93.152 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-93-152.fra2.r.cloudfront.net
Software: / BC
Resource Hash: 8918fdfbf7c5d7bcd1df9032421202255a43dada01662e72f9cd40cba65c1d31

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 02:23:28 GMT
Via: 1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront)
Age: 26326
X-Powered-From: us-east-1c
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: vOw-n-_SURJV5087MVY2ffhTxLn0j5BMHHIOoJtmRdGLO_EtD88JDA==

GET d9cc0953-5974-47f7-b43e-1de274dacdeb
https://www.heraldonline.com/ 0
0

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/10s/ 4 KB
4 KB 6959ms
12ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/10s/master.m3u8?fastly_token=NWM0ZDdmYjlfYTgxMTljYmM5NDZkZjRjZWI5NTk3ODY4ZjZmYTBmODlkOGQ2YmY0ZjY3OTZjZDZlNTE4ZmFiYmU1NDZkNzJlMg%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 1465e13a34f71f69e41f161383402b9cc570247bb6673af5a3fd7b3b4dc1a12a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 34223
x-powered-by: BC
x-cache: HIT
status: 200
x-bolt-device-group: unknown
content-length: 3717
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.552154,VS0,VE1
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 bridge3.266.0_en.html
imasdk.googleapis.com/js/core/ Frame E78A 0
0 98ms
80ms Document
text/html 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.266.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 172331
date: Thu, 13 Dec 2018 17:59:34 GMT
expires: Fri, 13 Dec 2019 17:59:34 GMT
last-modified: Thu, 13 Dec 2018 17:52:10 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 1438960
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/ccf2c8ce-d93a-400d-86f0-d2a830e35a69/1280x720/match/ 1 MB
1 MB 192ms
10ms Image
image/jpeg 54.192.93.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/ccf2c8ce-d93a-400d-86f0-d2a830e35a69/1280x720/match/image.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.93.152 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-93-152.fra2.r.cloudfront.net
Software: / BC
Resource Hash: 92a8d9da1ad82261ce194c81af713d6972bf783296be78ec74e26bb5cfa44b3b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 02:23:29 GMT
Via: 1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront)
Age: 26325
X-Powered-From: us-east-1a
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: gQT1Efbqw7o6rFveMpaNqnJziqXRLvp_kQ97ldOERNovsRmuBv4WBg==

GET
H2 200 bridge3.266.0_en.html
imasdk.googleapis.com/js/core/ Frame C7B6 0
0 63ms
48ms Document
text/html 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.266.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.266.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldonline.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 172331
date: Thu, 13 Dec 2018 17:59:34 GMT
expires: Fri, 13 Dec 2019 17:59:34 GMT
last-modified: Thu, 13 Dec 2018 17:52:10 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 1438960
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/main/1280x720/13s235ms/match/ 135 KB
136 KB 326ms
10ms Image
image/jpeg 54.192.93.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/main/1280x720/13s235ms/match/image.jpg
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.93.152 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-93-152.fra2.r.cloudfront.net
Software: / BC
Resource Hash: 72226e62c622e35a1bf4468b5511dcab871a4db4d3377797dfbac579101e14e8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

Date: Sun, 30 Dec 2018 00:11:59 GMT
Via: 1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront)
Age: 34215
X-Powered-From: us-east-1d
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: S-oIymzqDgJk08rKbyejkvKTitI6WGbe3Q9Fl8WCAFvZ21-eC8uTFw==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
49 B 14ms
14ms Image
image/gif 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?error=1010&vis=1&lid=7&sdkv=h.3.266.0&id=ima_html5&c=1209271534979727&domain=www.heraldonline.com

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Dec 2018 09:42:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/dec69f2e-e3fa-4171-b919-624c1daeaffe/10s/ 6 KB
6 KB 9ms
8ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/dec69f2e-e3fa-4171-b919-624c1daeaffe/10s/rendition.m3u8?fastly_token=NWM0ZDE5NTVfMDI2YWQ2ZjE2N2RmZmNiNDFkNWViOWM0ZDZiNmI5M2U5OTNlMzdlYjA0YjcxODg5ZGNiMGQ4NzMyNzFhZGIzZQ%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 82ced12ce45a3629da9896a7d19f6e100cefbee482114f5083150c1a25ab1a56

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 26570
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 5633
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.565962,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/e86ab6d5-1417-4064-8fef-c189ccf08b66/10s/ 4 KB
4 KB 9ms
8ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/e86ab6d5-1417-4064-8fef-c189ccf08b66/10s/rendition.m3u8?fastly_token=NWM0ZDE5MjFfZWU3OGY3NzQ1NDY3MzU3ZmUxMzZmNDllZGEyMGNmNmY3YmFkNDQ4MjcxM2MzMWE3Yjg3ODRmMmVlMGZjYjcxNg%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: ec9dcef4edd1e87ad95b09760ccc8b1c5f666bd6c3c7b7eafe48881eeaf0112a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 25552
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 4053
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.568271,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/a5ac77c3-1a2e-4bb4-a61d-2f6e1c55179d/10s/ 1 KB
1 KB 8ms
7ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/a5ac77c3-1a2e-4bb4-a61d-2f6e1c55179d/10s/rendition.m3u8?fastly_token=NWM0Y2ZhZjFfZDk4YzBkZDI3ZjBhYmNjYjI1MDVmNDNiZmU4YTc1NWEzMmVhYjE5ZjUyYTkwZDc1YmNiNGU5YTExZjg2N2EzMA%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 415f95852bae1053ec251b68800b326b48af91b4202cb12eaccf48ac23ae56a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 30788
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 1295
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.569374,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/8d9b5365-6700-43f5-8997-cca7c606af49/10s/ 2 KB
2 KB 9ms
8ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/8d9b5365-6700-43f5-8997-cca7c606af49/10s/rendition.m3u8?fastly_token=NWM0Y2NjNzBfOTZiZDc3NzU0MjVlZTFkMjc5NjExY2RlMzcxODc2NDhlODY1ZWNkODExNGQyZmUzYWMyZmI4ZGNjMzQ0MjJlMg%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 2cc237f82121cf3c362cdc0e01e19a447b61614c67bc6e3a0b8c64681dd8ee56

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 38565
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 2083
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.571552,VS0,VE1
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/48b0b8db-5669-464b-aa61-6cf0baa17159/10s/ 5 KB
6 KB 8ms
8ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/c4a5bb3a-e05d-4bcb-9002-1a6d5939eefe/48b0b8db-5669-464b-aa61-6cf0baa17159/10s/rendition.m3u8?fastly_token=NWM0ZDE5NTVfZTM1YjUyMWM5NDdmMDMxMTlkMWJiM2JlMzcwMTdlNzE2MDFmOWZmZjI1NGRlMWM3YTVmMjMzNzgzZjQ5ZGE3NQ%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: f36f25106ecb8f4da8d8036a8d51617b7be20508eed421fb8dc721eebefbb70b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 26570
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 5620
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.581025,VS0,VE1
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/9de19a4f-83fd-4893-8d09-8c2b2ef743a6/10s/ 4 KB
4 KB 8ms
7ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/527479ec-dede-49c5-9e06-75c2d9696fbc/9de19a4f-83fd-4893-8d09-8c2b2ef743a6/10s/rendition.m3u8?fastly_token=NWM0ZDE5MjFfYjEyZTRhNjRkOGU5Y2VhOTZkYTMyZWRlY2QwOGFmMGQyMmQ0NWQ3N2M5ODJkNjE4OGFiNmRlMTIwZGU2YTg2NA%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 02ab3ffba68ec001af4937b08293fbba1cad5667e8229bd65ead24ed7f32711f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 25552
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 4044
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.583743,VS0,VE1
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/19731ec9-74dd-44c0-8b19-a50f75eec1b2/10s/ 1 KB
2 KB 8ms
7ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998035001/f61d4235-6cf2-41b4-87e7-5fae19bcb8d7/19731ec9-74dd-44c0-8b19-a50f75eec1b2/10s/rendition.m3u8?fastly_token=NWM0Y2ZhZjFfY2UwY2EwMjExMmNlMWRkNjFhODA2NGVjYWYxNGY1OGM5MTQ4MjhhMTUxZTZlOWU2OTA2NWI1ZTBlZjc3NDY5YQ%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: f3afc6d9d91f3138bd5d392aec34f51dded47d33c6a93990151bc7bb80e1d8dd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 30787
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 1293
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.586991,VS0,VE1
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/984ada46-cf29-4b72-abbc-bc09d952e3dc/10s/ 2 KB
2 KB 8ms
8ms XHR
application/x-mpegurl 151.101.2.27
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998033001/a0e5949d-0bc6-48a9-ba66-98753f630520/984ada46-cf29-4b72-abbc-bc09d952e3dc/10s/rendition.m3u8?fastly_token=NWM0Y2NjNzBfMTIzOWJlYTExZTQ3YzY0MjE3ZTI5ZDk1OTAzY2Y1NjU0NDI1OTU4NzYxMmNjMGU0NjdlZTQ1MGEzZTlhYmNjMQ%3D%3D
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: b3f692785f8dd6de732d372d41002e3d6f0957f748f212fc926a779a6064f2a9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/
Origin: https://www.heraldonline.com

Response headers

date: Sun, 30 Dec 2018 09:42:21 GMT
via: 1.1 varnish
age: 38565
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 1686
x-served-by: cache-hhn1532-HHN
x-timer: S1546162942.589827,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 110ms
109ms Image
image/gif 54.144.48.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_privb=n%2Fa&tid=cd4cbaa0-8a9e-4359-b434-82c1cbb0de63&pid=6ad8ba11-d8db-4d2a-8af2-127aee662393&dtm=1546162942397&qnm=_matherq&vp=1600x1200&ds=1585x7724&tofa=1546162942&vid=1&duid=778d63e2ff1bf67b&fp=3998842399&cid=ma12095&mrk=74930704&url=https%3A%2F%2Fwww.heraldonline.com%2F&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU0NjE2MjkyNTg2MCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI0NC4xNDU4ODhtYiIsImhlYXBUIjoiNjQuNzIxNDRtYiIsImZldGNoUyI6IjEwODkiLCJkb21haW5TIjoiMTA5MCIsImRvbWFpbkUiOiIxMTIyIiwiY29ublMiOiIxMTIyIiwiY29ubkUiOiIxMTY5Iiwic3NsUyI6IjExMzAiLCJyZXF1UyI6IjExNzAiLCJyZXNwUyI6IjExODAiLCJyZXNwRSI6IjExOTgiLCJkb21Mb2FkIjoiMTE4NiIsImRvbUludGVyIjoiMzg5NCIsImRvbUxvYWRTIjoiMzg5NCIsImRvbUxvYWRFIjoiMzkwOSJ9fQ
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.48.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-48-113.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:22 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK / Show response
api.ipify.org/ 64 B
248 B 1528ms
107ms Script
application/javascript 54.221.234.215
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery110207483833602547509_1546162927192&_=1546162927193
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/wps/source/scripts/libs/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.234.215 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-221-234-215.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 75cc74bd22687861103029f1ed1b4aa59d1d288aca289e8335b462166dac36ae

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:32 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 64
Vary: Origin
Content-Type: application/javascript

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 66 KB
23 KB 12ms
12ms Script
application/x-javascript 2600:9000:200c:6a00:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: media.heraldonline.com
URL: https://media.heraldonline.com/mistats/products/escenic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:6a00:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: abee416f8b877ee3fbfa6aad1f1279f3478a5da8c1aa380eb414370f1abfc9a0

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 08:42:10 GMT
content-encoding: gzip
last-modified: Thu, 04 Oct 2018 02:21:49 GMT
server: nginx
age: 3620
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-id: O2MHlvQBoUebm27rwTDTMMWwErGtjN6P845EKLZBR25k10u6wcnreA==
via: 1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront)
expires: Sun, 30 Dec 2018 10:42:10 GMT

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C%20The%2... Frame FF18
Redirect Chain

https://bcp.crwdcntrl.net/5/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C%20Th...
https://bcp.crwdcntrl.net/5/ct=y/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C...

0
0

45ms
45ms

Document
text/html

52.18.169.38
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C%20The%20Herald%2C%20SC%2C%20South%20Carolina%2C%20York%2C%20Fort%20Mill%2C%20Clover%2C%20Lake%20Wyle%2C%20Chester%2C%20Lancaster%2C%20headline%2C%20stories%2C%20articles%2C%20opinion%2C%20newspaper/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/7462/cc.js?ns=_cc7462
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.169.38 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-18-169-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldonline.com/
Accept-Encoding: gzip, deflate, br
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 30 Dec 2018 09:42:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 26-Sep-2019 09:42:32 GMT _cc_id=2ad7139eef789a3af7dfae57a7d4539a;Path=/;Domain=crwdcntrl.net;Expires=Thu, 26-Sep-2019 09:42:32 GMT _cc_cc="ACZ4nGNQMEpMMTc0tkxNTTO3sEw0TkwzT0lLTDU1TzRPMTE1tkxkAIIYjckcDHAgt%2FzHdl7GZVYM%2FxkZGZ59RbB3fECwm7pfc8HYVx%2FvhIvf%2FIhQc%2BbIRxEY%2BzQSe%2FmXL3xw9a8Q6jch2bsRib0Oib0aib0Cid3eiXBP1weEe3Yd1IUxdyKY9zp%2Bw10wDcmUC4vnsMDYh5HYD6b2MMLYj18sl4Cx3zXcF4C74OFscRj7A5L4GyT2pVOP2GBsAKeWiMU%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 26-Sep-2019 09:42:32 GMT;Max-Age=23328000 _cc_aud="ABR4nGNgYGCI0ZjMwQADTAyMd1VADMa7d4AkADH4A94%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Thu, 26-Sep-2019 09:42:32 GMT;Max-Age=23328000
Vary: Accept-Encoding
X-Server: 10.26.14.220
Content-Length: 709
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Sun, 30 Dec 2018 09:42:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://bcp.crwdcntrl.net/5/ct=y/c=7462/rand=969621856/pv=y/int=%23OpR%2366617%23www.heraldonline%20%3A%20Total%20Site%20Traffic/med=%23OpR%2368729%23Meta%20keyword%20%3A%20News%2C%20Rock%20Hill%2C%20The%20Herald%2C%20SC%2C%20South%20Carolina%2C%20York%2C%20Fort%20Mill%2C%20Clover%2C%20Lake%20Wyle%2C%20Chester%2C%20Lancaster%2C%20headline%2C%20stories%2C%20articles%2C%20opinion%2C%20newspaper/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net
X-Server: 10.26.13.214
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK RC2ef3180eb9314cd28a1216de88ed14fa-source.min.js Show response
assets.adobedtm.com/BL3eb523387cf64605a859aaf8b815a5c6/ 415 B
718 B 2302ms
7ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/BL3eb523387cf64605a859aaf8b815a5c6/RC2ef3180eb9314cd28a1216de88ed14fa-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4715a70834ef8ea7f5192ed2043b684fbe1c54dd829e9ca15f34a2509c6a8a83

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 15:21:31 GMT
Server: Apache
ETag: "bbd3f824773e298ee5b4b4b393434525:1545060091"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 276
Expires: Sun, 30 Dec 2018 10:42:33 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 299ms
96ms Image
image/gif 34.237.170.193
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldonline.com&p=%2F&u=2hUB1D_WRWYDXX0DP&d=heraldonline.com&g=62447&g0=_Other%2C%7Cheraldonline.com%2Cheraldonline_Homepage&g1=Section%3A%20Homepage&n=1&f=00001&c=0&x=0&m=0&y=7724&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=25112&t=BybQ6OBMMN17Dug2uIDKyiXhChRAln&V=109&i=Rock%20Hill%20SC%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20The%20Herald&tz=0&sn=1&sv=D4Q1q6Ch4zuvBh8HZ8BnoBk6BvASL8&sd=1&im=062b0733&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.170.193 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-237-170-193.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 30 Dec 2018 09:42:31 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK quarantine.18f727dc45938ae6a1a5.js Show response
static.mcclatchyinteractive.com/yozons/ 5 KB
2 KB 8ms
7ms Script
text/javascript 2a02:26f0:64:49e::31c6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mcclatchyinteractive.com/yozons/quarantine.18f727dc45938ae6a1a5.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:64:49e::31c6 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: df55e87eb067b7336c0dc48d3d05fcd68c5386b591b792f5775ce941c2ef8dae

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:33 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Nov 2018 20:46:57 GMT
Server: Apache
ETag: "150a-57a4173c604c7"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H/1.1 200
OK r7ny5y1e6.js Show response
cdn.krxd.net/controltag/ 16 KB
5 KB 1044ms
8ms Script
text/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/r7ny5y1e6.js
Requested by: Host: static.mcclatchyinteractive.com
URL: https://static.mcclatchyinteractive.com/yozons/quarantine.18f727dc45938ae6a1a5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: ab372800b64bcb9bc060f9349496be9836d222031004b0b77611da883d177624

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date: Sun, 30 Dec 2018 09:42:34 GMT
Content-Encoding: gzip
Age: 1022
X-Cache: MISS, HIT, HIT
X-Request-Backend: krux_scala_config_webservice
X-App-Cache: HIT
Connection: keep-alive
Content-Length: 4325
X-Served-By: config-service-a005.krxd.net, cache-iad2148-IAD, cache-hhn1536-HHN
X-Response-Time: 0
Accept-Ranges: bytes
X-Do-Esi: esi
X-Timer: S1546162954.361586,VS0,VE0
ETag: "723dbd4be48932ee3f02423e8392e0b788be3a10"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Cache-Control: public, max-age=1200
X-Age: 0
X-Cache-Hits: 0, 3, 4

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 09A2 1 KB
1 KB 9ms
8ms Script
application/x-javascript 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Mon, 31 Dec 2018 09:42:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame B8F7 51 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldonline.com
URL: https://www.heraldonline.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14861
x-xss-protection: 0
pragma: public
x-fb-debug: xaolfm8kcuro1EfjycCDd7XsSTF/Mx0N6Kvd2OoWS1RCPwZ0KESVIKqEiLrqp6/F6XiPcWvVhR9ASa5e7lOWCA==
date: Sun, 30 Dec 2018 09:42:33 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a-01ef.min.js Show response
b-code.liadm.com/ Frame 816F 23 KB
8 KB 186ms
132ms Script
application/javascript 2a02:26f0:6c00:19c::63cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01ef.min.js
Requested by: Host: www.heraldonline.com
URL: https://www.heraldonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19c::63cc , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 9a59c26640c38d05852ffa1fa1393b633a255e37e4d535e7edeabeb584decf40

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:33 GMT
content-encoding: gzip
last-modified: Wed, 19 Sep 2018 14:18:57 GMT
etag: "a36960f9d4df002fc8d7d5bf50633722"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 8122

GET
H/1.1 200
OK Cookie set cs
sync.rtk.io/ Frame 14EA 0
0 97ms
95ms Document
text/html 69.164.212.247
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.rtk.io/cs
Requested by: Host: static.mcclatchyinteractive.com
URL: https://static.mcclatchyinteractive.com/yozons/quarantine.18f727dc45938ae6a1a5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.164.212.247 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li127-247.members.linode.com
Software: RTK CookiePixel/v1.0.4-2-g64a2e4a /
Resource Hash

Request headers

Host: sync.rtk.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldonline.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldonline.com/

Response headers

Date: Sun, 30 Dec 2018 09:42:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 932
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Server: RTK CookiePixel/v1.0.4-2-g64a2e4a
Set-Cookie: rtkuuid=599d9f34-4818-46c7-afb3-2d918ff310ee; Path=/; Domain=rtk.io; Expires=Sat, 30 Mar 2019 09:42:33 GMT
X-Rtk-Nid: li909-202.members.linode.com:8002

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 09A2
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035363&ns__t=1546162953339&ns_c=UTF-8&ns_if=1&cv=3.1&c8=Comscore%20Pixel&c7=https%3A%2F%2Fwww.heraldonline.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1546162953339&ns_c=UTF-8&ns_if=1&cv=3.1&c8=Comscore%20Pixel&c7=https%3A%2F%2Fwww.heraldonline.com%2F&c9=

0
248 B

8ms
8ms

Image
text/plain

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1546162953339&ns_c=UTF-8&ns_if=1&cv=3.1&c8=Comscore%20Pixel&c7=https%3A%2F%2Fwww.heraldonline.com%2F&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:33 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035363&ns__t=1546162953339&ns_c=UTF-8&ns_if=1&cv=3.1&c8=Comscore%20Pixel&c7=https%3A%2F%2Fwww.heraldonline.com%2F&c9=
Pragma: no-cache
Date: Sun, 30 Dec 2018 09:42:33 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1081709588515684 Show response
connect.facebook.net/signals/config/ Frame B8F7 181 KB
43 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081709588515684?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e4bc59cb3eee046f46eb12a4ad440403cec12a954c20ac98f30a1ca15595130d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44258
x-xss-protection: 0
pragma: private
x-fb-debug: gvFMUaoug9xfR+o5E+n4L0Nb6TBTSGVEJUqgE8PB+o3DdPS4O+DTWBS8jEpGqkrb8sDuUVnkcIkAWkBYtfyVSQ==
date: Sun, 30 Dec 2018 09:42:33 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame B8F7 44 B
247 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1081709588515684&ev=PageView&dl=https%3A%2F%2Fwww.heraldonline.com%2F&rl=&if=true&ts=1546162953380&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1546162953380.1847239469&it=1546162953348&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 30 Dec 2018 09:42:33 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame B8F7 44 B
200 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1081709588515684&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldonline.com%2F&rl=&if=true&ts=1546162953382&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1546162953380.1847239469&it=1546162953348&coo=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 30 Dec 2018 09:42:33 GMT

GET
H2

200

i
c.liadm.com/ Frame 816F
Redirect Chain

https://c.liadm.com/i?e=pv&eid=02598939-b391-4270-b17c-16ff9aecf466&url=https%3A%2F%2Fwww.heraldonline.com%2F&page=LiveConnect%20Pixel&refr=&aid=a-01ef&sid=caede6a1-f1c6-4088-beb6-265eab486b7d&duid...
https://c.liadm.com/i?e=pv&&duid=a-01ef--4d4131e0-ade6-4cbe-a025-cea056c040e4&eid=02598939-b391-4270-b17c-16ff9aecf466&url=https://www.heraldonline.com/&refr=&aid=a-01ef&tna=liveIntentPublisherTrac...

43 B
333 B

100ms
99ms

Image
image/gif

52.22.2.8
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.liadm.com/i?e=pv&&duid=a-01ef--4d4131e0-ade6-4cbe-a025-cea056c040e4&eid=02598939-b391-4270-b17c-16ff9aecf466&url=https://www.heraldonline.com/&refr=&aid=a-01ef&tna=liveIntentPublisherTracker&page=LiveConnect+Pixel&tv=pub-2.1.0&n3pc=true&p=web&sid=caede6a1-f1c6-4088-beb6-265eab486b7d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.2.8 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-22-2-8.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:34 GMT
server: akka-http/10.0.9
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
status: 200
access-control-allow-credentials: true
content-type: image/gif
content-length: 43

Redirect headers

date: Sun, 30 Dec 2018 09:42:34 GMT
server: akka-http/10.0.9
access-control-allow-origin: *
location: https://c.liadm.com/i?e=pv&&duid=a-01ef--4d4131e0-ade6-4cbe-a025-cea056c040e4&eid=02598939-b391-4270-b17c-16ff9aecf466&url=https://www.heraldonline.com/&refr=&aid=a-01ef&tna=liveIntentPublisherTracker&page=LiveConnect+Pixel&tv=pub-2.1.0&n3pc=true&p=web&sid=caede6a1-f1c6-4088-beb6-265eab486b7d
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
status: 302
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK controltag.js.09ebc571a022d419934530eaf14c8a78 Show response
cdn.krxd.net/ctjs/ 247 KB
79 KB 11ms
10ms Script
application/javascript 151.101.0.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/r7ny5y1e6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 0b57722c5650587fd2bce696f64780e9bd054d8fe51aad3ac197f54c3fe03056

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Sun, 30 Dec 2018 09:42:34 GMT
Content-Encoding: gzip
Age: 915706
X-Cache: HIT
Connection: keep-alive
Content-Length: 80533
X-Served-By: cache-hhn1536-HHN
Last-Modified: Wed, 19 Dec 2018 18:55:08 GMT
X-Timer: S1546162954.373407,VS0,VE0
ETag: "09ebc571a022d419934530eaf14c8a78"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Sat, 16 Dec 2028 18:55:07 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 4963586

GET
H/1.1 200
OK 272338b9-1d0f-4e54-928f-2d4e01274039 Show response
consumer.krxd.net/consent/get/ 220 B
653 B 574ms
35ms Script
text/javascript 151.101.192.175
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/272338b9-1d0f-4e54-928f-2d4e01274039?idt=device&dt=kxcookie&callback=Krux.ns.nucleus.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c92749a39392a415cb3e8570e559d47cef307b71efde3f35a5b28b4222dc5733

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:35 GMT
Content-Encoding: gzip
Age: 0
X-Cache: MISS, MISS
X-Request-Backend: krux_scala_consumer_webservice
Connection: keep-alive
Content-Length: 182
X-Served-By: consumer-a013-dub.krxd.net, cache-hhn1534-HHN
Accept-Ranges: bytes
X-Timer: S1546162955.977545,VS0,VE28
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Via: 1.1 varnish
Cache-Control: max-age=1800
X-Age: 0
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK optout_check Show response
beacon.krxd.net/ 80 B
333 B 30ms
30ms Script
text/javascript 54.247.83.46
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.nucleus.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.83.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-83-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ceaa3a6335f46a6fd5a57c8d87f387d025d42cd22ea82cc63cf04c9f98efa959

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Dec 2018 09:42:34 GMT
Cache-Control: private, max-age=0, s-max-age=0
X-Request-Time: D=69 t=1546162954
Connection: keep-alive
X-Served-By: beacon-n007-dub.krxd.net
Content-Length: 80
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ Frame B8F7 44 B
246 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1081709588515684&ev=Microdata&dl=https%3A%2F%2Fwww.heraldonline.com%2F&rl=&if=true&ts=1546162954885&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Facebook%20Pixel%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=2&o=30&fbp=fb.1.1546162954884.39628409&it=1546162953348&coo=false&es=automatic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.heraldonline.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 30 Dec 2018 09:42:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 30 Dec 2018 09:42:34 GMT

GET a-01ef
i.liadm.com/s/c/ Frame 58DA 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=210848&v=7.2&r=%7B%22id%22%3A%222927973cd1e5db%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2230f99a1881bc759%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%223157ed8513c19cf%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2232760aa1b0fad61%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%223303e0d6440fc41%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%223436911e86f6a7%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2235d73fddc49c1f6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2236e8707c13bd9f6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22378766e37052ba7%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%22385405547627f97%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%223954de7d0f7b475%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2240e675f9cd5da19%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2241835c7a63ef4f9%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22210848%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldonline.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Domain: mcclatchy-d.openx.net
URL: https://mcclatchy-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.heraldonline.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.4&dddid=31a5bc0f-a39e-409b-acfe-cc2b26fe2d58%2Ce3ed344f-aa58-4921-b303-6f1a88812c3c%2Cce7ee9d2-ba9f-491e-a8d8-16a2743f39e4%2Cbb562740-c432-4417-b667-835d2732338e%2Cc5022e39-32cf-4440-a62a-4efd82f30e00%2Cfe4a764d-64ea-4988-8910-77f232fcaff3&nocache=1546162927833&aus=970x90%2C970x250%2C728x90%7C300x600%2C300x250%7C300x600%2C300x250%7C970x90%2C970x250%2C728x90%7C300x250%7C300x250&divIds=mn-gpt-2%2Cmn-gpt-4%2Cmn-gpt-6%2Cmn-gpt-8%2Cmn-gpt-9%2Cmn-gpt-13&auid=538786621%2C538786621%2C538786621%2C538786621%2C538786621%2C538786621&

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4867228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20970x250;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866270/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20728x90;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866271/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x250;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866273/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x600;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866271/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x250;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866273/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x600;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4867228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20970x250;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866270/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20728x90;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866271/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x250;misc=1546162927835;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11487.1/4866271/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=HeraldOnline.com%20Desktop%20HB%20300x250;misc=1546162927835;

Domain: colossusssp.com
URL: https://colossusssp.com/?c=o&m=multi

Domain: www.heraldonline.com
URL: blob:https://www.heraldonline.com/8b828af8-f9d2-4898-939d-572259935a89

Domain: www.heraldonline.com
URL: blob:https://www.heraldonline.com/5a32c69b-50cb-42ee-bd3b-fda52aea8945

Domain: www.heraldonline.com
URL: blob:https://www.heraldonline.com/5b30802a-4532-46e4-9dac-44914a58d871

Domain: www.heraldonline.com
URL: blob:https://www.heraldonline.com/b0377f07-76eb-45fb-ae33-c92d161af1c6

Domain: www.heraldonline.com
URL: blob:https://www.heraldonline.com/6b89c612-3e2d-412a-b702-3f45611762da

Domain: www.heraldonline.com
URL: blob:https://www.heraldonline.com/d9cc0953-5974-47f7-b43e-1de274dacdeb

Domain: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ef?s=&cim=&ps=true&ls=false&duid=a-01ef--4d4131e0-ade6-4cbe-a025-cea056c040e4&domainSessionId=caede6a1-f1c6-4088-beb6-265eab486b7d&ppid=0&euns=0&ci=0&version=sc-2.2.0&nosync=false&

Verdicts & Comments Add Verdict or Comment

352 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rtk.io/	1970-01-18 23:38:58	Name: rtkuuid Value: 58a05be6-209d-40c4-b686-2bea95ce212e
.adnxs.com/	1970-01-18 23:38:58	Name: anj Value: dTM7k!M4/rDYRWSF']wIg2C%sgeT=N!]tbPl@/D!9L^-[dcCql8>gE53Cvmo^gaWShdn5B68+YMf7sTN^in0=5e=1E5vuACC*gbaY8/kd%w2Bs%o%m@%p[rNb4o4x
www.heraldonline.com/	1969-12-31 23:59:59	Name: GED_PLAYLIST_ACTIVITY Value: W3sidSI6IkpydnIiLCJ0c2wiOjE1NDYxNjI5NTEsIm52IjowLCJ1cHQiOjE1NDYxNjI5MjcsImx0IjoxNTQ2MTYyOTI3fV0.

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://media.heraldonline.com/mistats/micb.js(Line 462) Message: micb: Loading MAB
console-api	log	URL: https://media.heraldonline.com/mistats/finalizestats.js(Line 1517) Message: waiting for mistats_adobe
console-api	log	URL: https://www.heraldonline.com/wps/build/js/mi-header-8c560c29fe.js(Line 3) Message: buildSlots: actual OOM header= true OOM article =false ADINFO override =false pagelevel= homepage
console-api	log	URL: https://s.ntv.io/serve/load.js(Line 4) Message: TypeError: Cannot read property 'removeItem' of null
console-api	log	URL: https://media.heraldonline.com/mistats/micb.js(Line 347) Message: mi_launchload succeeded
console-api	log	URL: https://media.heraldonline.com/mistats/finalizestats.js(Line 1526) Message: mistats request queued
console-api	log	URL: https://media.heraldonline.com/mistats/products/escenic_s_code.js(Line 151) Message: mistats request sent
console-api	log	URL: https://media.heraldonline.com/mistats/products/escenic_s_code.js(Line 170) Message: mistats request succeeded
console-api	info	URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 549) Message: Powered by AMP ⚡ HTML – Version 1812051624460
console-api	error	URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 146) Message: localStorage not supported.
console-api	info	URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 549) Message: Powered by AMP ⚡ HTML – Version 1812051624460
console-api	error	URL: https://cdn.ampproject.org/rtv/011812051624460/amp4ads-v0.js(Line 146) Message: localStorage not supported.
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 26) Message: Library Version: [IRIS Adaptive: v1.12.6]
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 20) Message: videojs autoplay
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 26) Message: Library Version: [IRIS Adaptive: v1.12.6]
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 26) Message: Library Version: [IRIS Adaptive: v1.12.6]
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 26) Message: Library Version: [IRIS Adaptive: v1.12.6]
console-api	warning	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 14) Message: AdsLoader error: AdError 1010: The ad playlist response was malformed or empty.
console-api	warning	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 14) Message: AdsLoader error: AdError 1010: The ad playlist response was malformed or empty.
console-api	warning	URL: https://www.heraldonline.com/wps/build/webpack/brightcoveVideo.bundle-dc624e1a6eedad8ddb76.js(Line 14) Message: AdsLoader error: AdError 1010: The ad playlist response was malformed or empty.
console-api	log	URL: https://www.heraldonline.com/wps/source/scripts/libs/identityModulev3.min.js?misv=e450407(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.crwdcntrl.net
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
api.ipify.org
as-sec.casalemedia.com
assets.adobedtm.com
b-code.liadm.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bidder.rtk.io
c.liadm.com
cdn.ampproject.org
cdn.krxd.net
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
colossusssp.com
connect.facebook.net
consumer.krxd.net
dpm.demdex.net
edge.api.brightcove.com
edge.quantserve.com
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
heraldonline.net
i.liadm.com
ib.adnxs.com
imasdk.googleapis.com
jadserve.postrelease.com
js.matheranalytics.com
mab.chartbeat.com
manifest.prod.boltdns.net
mcclatchy-d.openx.net
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
mcclatchy.tt.omtrdc.net
media.heraldonline.com
media.kansascity.com
ovp.iris.tv
pagead2.googlesyndication.com
pics.mcclatchyinteractive.com
ping.chartbeat.net
pixel.quantserve.com
rb.adnxs.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
static.chartbeat.com
static.criteo.net
static.mcclatchyinteractive.com
sync.colossusssp.com
sync.rtk.io
tags.crwdcntrl.net
tpc.googlesyndication.com
u.openx.net
web.hb.ad.cpe.dotomi.com
www.charlotteobserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.heraldonline.com
www.i.matheranalytics.com
www.mcclatchy-wires.com
www.newsobserver.com
adserver-us.adtech.advertising.com
as-sec.casalemedia.com
colossusssp.com
i.liadm.com
mcclatchy-d.openx.net
www.heraldonline.com
104.109.59.81
104.111.214.103
104.94.183.192
107.178.250.234
151.101.0.175
151.101.192.175
151.101.2.27
172.217.22.34
172.82.228.19
173.241.240.143
178.250.0.130
18.197.206.194
182.161.72.73
184.168.131.241
185.33.223.200
2.18.232.130
2.18.232.23
2.18.234.163
213.19.162.71
216.58.205.226
2600:9000:200c:6a00:18:1fcd:348:2461
2600:9000:200c:7c00:15:d134:4e40:93a1
2600:9000:200c:d200:6:44e3:f8c0:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:815::200e
2a00:1450:4001:816::2001
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2002
2a00:1450:4001:820::2004
2a00:1450:4001:820::2006
2a00:1450:4001:824::2014
2a02:26f0:64:49e::31c6
2a02:26f0:6c00:19c::63cc
2a02:fa8:8806:13::1460
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::714
3.120.87.207
34.237.170.193
34.243.36.162
37.252.167.211
52.18.169.38
52.209.20.178
52.216.232.149
52.22.2.8
52.49.211.192
52.51.131.19
52.94.237.36
54.144.48.113
54.154.94.173
54.192.93.144
54.192.93.152
54.221.234.215
54.247.83.46
66.117.28.86
66.117.29.3
69.164.212.247
88.214.194.105
88.214.194.54
93.184.220.113
0149c293648c98bc3677531900cb8e4e7ef18a04b8ae7cf46c4a95c9c7c6f790
02ab3ffba68ec001af4937b08293fbba1cad5667e8229bd65ead24ed7f32711f
02b629a6f9cd7d94dbabe1aff0b1c5d1ce80d0389385b21de008c643f53ff25d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
051e1751a6613c5bbc96e6c6d63970979e637ff34af19c4be515d96e7d956937
05a4fbe67fc787e95c8f7014c830424b4441dcbfef8449b7b69108251c0d659c
071817ea9b0e63a5d43180a816a2d6bd3fee9692b7b3059e334e4a4603d2d0c1
080ffb8251e493ef18b7af8e819640d9628b65779e0e514ab0ff3cf98edbabb5
08bc35041145b3556253b8f7fa926eb3d08469adb571989bc61c9fc3a4553da5
0967f48ff44ab7c9d11c3159efe55346d4a9568c17337072ce33940baaff2e19
0b57722c5650587fd2bce696f64780e9bd054d8fe51aad3ac197f54c3fe03056
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0cf156abf52b17d124f0c9e7a0cee77d87b6ad62ec6686f0cf845eaedcf5b610
0d7a2fc91818a8014ef4d5319c96c0efcbb0374e30521554fdde609f27fabfcc
0dc9542b043f4622f82261f8d3ca79bb0c29bcbdacf2056a2fc633a488922dd4
0ec2f4d8ab5bdbb94d3048b392e31c6c3982ac485cb1d7978f8df9fed98ea016
105e77447e832782ef84da76460d4e44e7e3381925d6cec20c7565bc785f61e6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12858ed395213193961408e1f661d00023554e125862c1e61cca70a9b7fb44d4
1465e13a34f71f69e41f161383402b9cc570247bb6673af5a3fd7b3b4dc1a12a
160b7aa56dbf29ae9d6fda2ddadd4d48f1894b8bb2d7c1b733bce0f40d059ee0
18c957878fa3fb648d002ee26cd4dd926b9f610f244c76c530e981e5fad8b2a2
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
1f41826bce531f6b74075656eae6bfdb7e1ced0715c0bac3387ab8314ae92a2a
214ea8fb2010180998f98d056622e9b254a60f122a53fbc3405cc5bf31dba622
2518069e8bb56d7d922d27e89e19b714fefbf4410c83964aa09d571f6aeb4a3c
26f8d8f0069807f2b1e418dbfcd720c5d6942de02bf0a76dace4e31d5fda6a57
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
29e62e43d61b64dff371b6f1de613919de497acfc8c04446d9ae2e78485cab26
2cc237f82121cf3c362cdc0e01e19a447b61614c67bc6e3a0b8c64681dd8ee56
31c38f5664e51b52b0ae132135ce81c84b890c1dadf7956d04ab297ab10295c1
324fcd78238de4fa8e2b800b451e568a61143478c04e42b07fbc20186a5d3062
3545fda95d8712ba01b5f141b7d321e31d259619ffbcefd7ccf48dae8e5c4042
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
369ef1dd27e90cf88ac0e51eb89ec1b385a681892da8e16c722095ab8102604c
3756f8d553773f63ebfa15b805ac8e803d41fc80f1eb99836b9a68528585919b
38fe2d8d8a8fd5f88d5956cccaa380ec345234fe710dd8d8c61fbe6e1164682e
3a64cdf4ce971147ff0225bff51cac0180e46f87b6a5f1c92862ee7c8bda853e
3e597aee75562efdd689260646b85619b3a02fba76f031eac46db1d71352b918
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4088a6482c6e4fd4f634b00dd1cdabc6db21af111e5875318aa31acd03332095
415f95852bae1053ec251b68800b326b48af91b4202cb12eaccf48ac23ae56a1
455e4447425f22d41120139d98b4e5ce3046290eff3f3dfbe9674409b6d50b36
4715a70834ef8ea7f5192ed2043b684fbe1c54dd829e9ca15f34a2509c6a8a83
47630344535e8261afc0e5e31fc9d2a8a1baeccc0e3b6949fd148b4dc30be90c
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
5143e5f121350980f8a20ebdc99b657a506ead6ebfe6463d411768728223682a
519e21c72475614a00a867178a4eee5f1fa56ff3decbff6c187263a66fa7f32b
54671070d2d0bca21b819b6907e2127727c8df07e62bc3e8e110b238872ce328
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5667ccb0d2c277279846ba00a5bf6ddf6f16f7f160e79530edf38836a40d72c1
59a4415db792c2a9960215fbd93888f166b16b259ca6d4cdaa1a331ade6983ed
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a58ba34bed301592d50d32ce51e71807daf498091882f26e383d0f735179c7a
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63003d454d1380d85b6792ccd59d2f7650c544bd0f1c0ca910f1ea96e5f92308
6398e331d33ae6c4721d5f1bce393e874f2785f9b498ad74bdfae03e28202a6f
6404b14edb7c6ca4aa7fcc217a0dd67c12f928aef365cba8f8a514bf19bd4775
6629feac927e3a8bd68ee60ab8e8c6e2f1abd7d84f4dc693962ac215c6cb7837
6702fc378bfb6217cb783182307916c6e1ea3adf75b765a4fe42f830099ee467
674a684b7b4aaed87a62a82c73789a868189d83eefc7004bedec3901681465a7
693edca623523a34c296459aa6f3603e49fedc979120d5bf705fef4ecacc24e0
6f2e5492b49d354e7ae7627c9a1a302919490af3826217069b56c904ba5137b1
6f99bf01e90c798fbdbbca30d203132220a2c06780d210973fd17f2dc8f14cdb
72226e62c622e35a1bf4468b5511dcab871a4db4d3377797dfbac579101e14e8
73f17f923f15d3a288aea0d028355fd4f46430de85e57a80b55e5d2b7f53e562
749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428
75cc74bd22687861103029f1ed1b4aa59d1d288aca289e8335b462166dac36ae
7efb26ad98fa7cae6616ce17f46974a68d086a8030fe3ded01641bf024ba2d86
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fdee8c41c304a899cf957052fdc1eb23dd2a0e352b5c1557293d9234b231b8c
8011db78bbaa1d854361c6494923a5f3ba5912251b1a23b34800fa633e99e050
8271c41d682033bf882f902ef51faa5c80558c02cbf626c658114518b57d5196
82ced12ce45a3629da9896a7d19f6e100cefbee482114f5083150c1a25ab1a56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84020dd783ae58c433e467114179b874069f0b231e6326b982f8248051e9dd6c
8557964080aadd399ce94fd6e8d774b1a16a83d0ad47e0decb21e0e1019be26c
8918fdfbf7c5d7bcd1df9032421202255a43dada01662e72f9cd40cba65c1d31
8992a5f44d63a4134a96b8c3cf8ca710e061be0201ab6e255aabac6b8225929f
8b70a327a05ea292ce0994cf29f8b36c2bc690652df32cde1fcb0e58a0d603b1
8f064015340fe266718bfde6a129ca5fd0b354831b7fc989a630ce1534d30516
8f29897c225a4d0c88f9e08ce53fca63a478ebbe9d5ec3f45b325dd4e54ec035
92a8d9da1ad82261ce194c81af713d6972bf783296be78ec74e26bb5cfa44b3b
93bd176d9a5b0cd94d27e730a9796a97502b08b25b33185e7ddaab5b6affb5cd
945751c2660178588fb3622367fc497295c5947e90e185a25f82df5787c4111a
947cc62b088ff49ec61dc03688bc9dad70d3fe30fc41ff3f68515c3f4007e28c
968be18c3b5491567df2601aaefadb051f8d33a9e1a44dec090967b2ca22c99f
9a59c26640c38d05852ffa1fa1393b633a255e37e4d535e7edeabeb584decf40
9aee492f3a2d4d2bd0140588c738370e5805a3d23b94e1205cd9860c3b1d388b
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d47dcbbc9ef464fca4a2358baef4011b16be4ed4ad2d5c3215430151d732219
9e880cf6325fed75982a13fdc05b22a1bcd5ac51762cd8c31e237df2b11e0fbb
a0119af86e6c98dfe8bed8a34234e867d159e33970f4b03194ac73e73bb47936
a06144cae26abb5c77702ad99e5fe0399acbf9851840c257c004ca0c4e33ffa6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1cf45023fd10337a8b389f70bb7fa9c81471380ba4f9c412d8b05ee4b622202
a3a18f680ba9c854dfd17f1948325a5f35b409314e258f41cabf538e6eb0a141
a51bb932fb26a179057e6ab9ca37ced9162592ba4003b1f455180bcef4da9b27
a699042df3738982a25b88547375f8d3ef73d312bac478889043d2fd32224a86
a9e6ceba819527f181dec3c2fcbdbb02efcacacd16a6af839de301dd3c91a6ec
aa04644741387aff29d34111a2f6d6c217b2a900b4848977214d372d14308f38
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ab372800b64bcb9bc060f9349496be9836d222031004b0b77611da883d177624
ab4155daede24740dc715eee71a4648f6c9e79ecd219b8d670b4bcce33034be4
abee416f8b877ee3fbfa6aad1f1279f3478a5da8c1aa380eb414370f1abfc9a0
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
adcf75e8e48ceba6645216cacbec916f7bd9d5c158595de41145a0b20b83c55b
adf74c592440345f08ebe01fd6b7699337f1b6ea2c655b70e1b7e8152ec71e6b
afc60b0bf665af8b6534071ea08a367fa93a36c8f405635fc047452505a97bfe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15fb7fe56319cfa6731732e1f98392355ddcbaba1de6cd485b6e4a891220975
b174642e60d1a7682f2e323e163d99d14305e50e77bfdc520a8cf7529146208a
b3f692785f8dd6de732d372d41002e3d6f0957f748f212fc926a779a6064f2a9
b48ef5a7bc3d64c9e962bd440b6071266a0b7fa786f5c9556e283d025ead506b
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b9a309f5de96b3cef007a44cd3ebaeaaea10c4a50ee22de42784ad0dac67ed14
b9ac332257f2a4dc08689ccae29c3e1ed6111a3a43cb0f23f5abf22f88e93dde
bcd38441fbb2f5f2379d3d20b988efbef03919bc0aedad5b3d893dba7f79b966
beec98d383e6249c59c306dca3810f332bb8804ef60db6c89f245a3c6fc396ca
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
c4cffde1820fa6e882260909315e6b7ef9c8289b3337ca148fa8f5419f9206ac
c635ded98a0b747002e2f0fcd000b64f5044338e48060a66b665d4e873a7e1d9
c7e243a7ee23df78d32cf91c469c13315f0e4b78de0fb303229ded90e37b46bc
c92749a39392a415cb3e8570e559d47cef307b71efde3f35a5b28b4222dc5733
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb289f2a9e4d78780397cd385e6b253c05879a7924f223adccf694fa294cacdb
cdfed4db5adb540d074a90924a8ccccf5aa1ab4907a8196543e94712a120771c
ceaa3a6335f46a6fd5a57c8d87f387d025d42cd22ea82cc63cf04c9f98efa959
cf33f1531e36b0c3b84862da7c184f35c1427e085a92d7b4cc5fd186a233113f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d30f42d5fc9fc2ade5620c6a4e1be60282a972defbca78eb7ae370d09d300448
d401c04895467e4adb2d7dde49e317a3ff0e8991493b71844544ed33f1c288b4
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f5a1ce1e8d7115ab62a8270aa6c91276761d22291ac6d3a90b282c9888d87b
dae4d33d995616958774b76553c6e7ed2ad69f4aaefb156cf51167fd812d125d
dd96583d1c1525e48d9f7ccce5e741a352252297d6395962871d316e71454cc9
df55e87eb067b7336c0dc48d3d05fcd68c5386b591b792f5775ce941c2ef8dae
df90c640192552a2d7a3840165fb374a597bd10ae690c4f6eb1921474cd324cf
e1f5dec9d0db65e5bd1a277183c2ba90f3a920f2c91b47108dd8723ea3b8bd81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bc59cb3eee046f46eb12a4ad440403cec12a954c20ac98f30a1ca15595130d
e9b27c8caac94bf0eef97036e7ca999f431201017430ccebd1fbb4fcdc952206
ea11db6fb3b765046ee83fb54dd410f95a88fcd8f61329672f2d5645870f50d1
ec9dcef4edd1e87ad95b09760ccc8b1c5f666bd6c3c7b7eafe48881eeaf0112a
ee4b194049893c0195d2069b63df5751aed20f433f1986070a3f421bf93fc216
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32478d55741415b469abb35d976cc5b99fa1981db2a3e64489855225eca5f6b
f36f25106ecb8f4da8d8036a8d51617b7be20508eed421fb8dc721eebefbb70b
f3afc6d9d91f3138bd5d392aec34f51dded47d33c6a93990151bc7bb80e1d8dd
f44d4fd30d4a26f5e0d1bb290b4bc529abd76d0fd8b2550ecf1ee682fc20a958
f749695dc1a73ea532c6da0db6b2d4942cbd795af89317d10d39dd03ac8f888d
fbf44b00f5debb1c2319c7cfc0fd6487f6fbb770bca2ea65974f8cbb48603a7b
fe5c1ece3f5f5d3712659358ae1014a1927327a3698bbd6756bda91d84dd3e11
fe8f146e376d45dbf742856ba5f10b6105d06f0c9a1c9191d3c3b9aac3c06604

www.heraldonline.com Open in urlscan Pro 104.109.59.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

229 Requests

91 %HTTPS

34 %IPv6

52 Domains

77 Subdomains

63 IPs

8 Countries

5241 kBTransfer

11438 kBSize

3 Cookies

41 Outgoing links

Page URL History

Redirected requests

229 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldonline.com Open in urlscan Pro
104.109.59.81 Public Scan

Screenshot
Live screenshot

Full Image

229
Requests

91 %
HTTPS

34 %
IPv6

52
Domains

77
Subdomains

63
IPs

8
Countries

5241 kB
Transfer

11438 kB
Size

3
Cookies

229 HTTP transactions
9 data transactions