urlscan.io logo urlscan.io
SecurityTrails logo

www.register-herald.com Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.register-herald.com/
Submission: On November 25 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 5 countries across 83 domains to perform 430 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.register-herald.com.
TLS certificate: Issued by WR1 on October 14th 2024. Valid for: 3 months.
This is the only time www.register-herald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 192.104.182.209 10668 (LEE-ASN)
51 104.16.132.24 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:280... 16509 (AMAZON-02)
1 108.139.29.105 16509 (AMAZON-02)
2 34.171.47.125 396982 (GOOGLE-CL...)
8 104.18.20.206 13335 (CLOUDFLAR...)
4 216.17.34.107 10242 (USINTERNET)
2 2600:141b:1c0... 20940 (AKAMAI-AS...)
1 1 3.171.139.11 16509 (AMAZON-02)
1 52.88.187.56 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
3 54.82.174.208 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 142.251.40.163 15169 (GOOGLE)
2 18.164.116.7 16509 (AMAZON-02)
11 34.160.152.31 396982 (GOOGLE-CL...)
1 18.238.55.62 16509 (AMAZON-02)
2 9 34.235.58.193 14618 (AMAZON-AES)
2 108.138.128.128 16509 (AMAZON-02)
3 4 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
52 142.251.40.194 15169 (GOOGLE)
4 2620:116:800b... 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
1 130.211.10.17 396982 (GOOGLE-CL...)
1 27 54.192.199.162 16509 (AMAZON-02)
8 142.251.40.168 15169 (GOOGLE)
2 34.111.152.239 396982 (GOOGLE-CL...)
1 2600:9000:21d... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
1 2600:9000:247... 16509 (AMAZON-02)
7 142.250.80.46 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 172.64.144.166 13335 (CLOUDFLAR...)
1 44.198.22.224 14618 (AMAZON-AES)
2 5 35.244.193.51 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 162.19.138.120 16276 (OVH OVH SAS)
1 4 35.71.131.137 16509 (AMAZON-02)
5 13.249.86.140 16509 (AMAZON-02)
1 35.186.247.156 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.40.195 15169 (GOOGLE)
2 44.205.122.38 14618 (AMAZON-AES)
5 108.138.112.90 16509 (AMAZON-02)
1 34.120.58.62 396982 (GOOGLE-CL...)
3 141.95.33.120 16276 (OVH OVH SAS)
9 2600:9000:266... 16509 (AMAZON-02)
1 108.138.106.59 16509 (AMAZON-02)
3 18.173.140.223 16509 (AMAZON-02)
2 35.244.159.8 396982 (GOOGLE-CL...)
1 2 54.83.69.204 14618 (AMAZON-AES)
2 104.18.25.111 13335 (CLOUDFLAR...)
22 2607:f8b0:400... 15169 (GOOGLE)
15 25 18.238.80.80 16509 (AMAZON-02)
1 18.173.132.98 16509 (AMAZON-02)
1 2 2600:9000:251... 16509 (AMAZON-02)
1 108.138.128.124 16509 (AMAZON-02)
1 104.18.28.101 13335 (CLOUDFLAR...)
1 23.51.57.13 16625 (AKAMAI-AS)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 1 2600:9000:266... 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
1 18.233.192.61 14618 (AMAZON-AES)
3 3 35.211.202.130 15169 (GOOGLE)
4 4 142.251.35.162 15169 (GOOGLE)
16 18.164.124.48 16509 (AMAZON-02)
1 1 35.214.208.189 19527 (GOOGLE-2)
2 2 104.18.26.193 13335 (CLOUDFLAR...)
2 3 35.71.139.29 16509 (AMAZON-02)
1 2 69.173.151.100 26667 (RUBICONPR...)
2 2001:4998:14:... 14777 (YAHOO)
3 5 68.67.160.24 29990 (ASN-APPNEX)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 1 23.199.48.23 16625 (AKAMAI-AS)
1 1 63.251.28.210 26558 (FREEWHEEL)
2 2 80.77.87.163 46636 (NATCOWEB)
1 1 23.105.14.100 30633 (LEASEWEB-...)
1 37.157.6.231 198622 (ADFORM Ad...)
1 1 18.212.103.81 14618 (AMAZON-AES)
5 6 69.194.240.13 26120 (RHYTHMONE)
1 1 2620:112:f008... 26120 (RHYTHMONE)
1 1 137.184.29.95 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.251.40.130 15169 (GOOGLE)
2 2600:9000:251... 16509 (AMAZON-02)
1 35.160.151.220 16509 (AMAZON-02)
1 2 98.82.158.241 14618 (AMAZON-AES)
1 2600:9000:266... 16509 (AMAZON-02)
3 98.83.224.108 14618 (AMAZON-AES)
2 34.160.128.112 396982 (GOOGLE-CL...)
1 142.250.81.225 15169 (GOOGLE)
1 142.251.40.162 15169 (GOOGLE)
21 24 34.170.123.2 396982 (GOOGLE-CL...)
1 1 2600:9000:284... 16509 (AMAZON-02)
1 141.226.224.48 200478 (TABOOLA-A...)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 34.111.113.62 396982 (GOOGLE-CL...)
1 1 13.226.94.26 16509 (AMAZON-02)
1 1 2600:9000:21f... 16509 (AMAZON-02)
1 1 8.28.7.83 62713 (AS-PUBMATIC)
1 1 8.28.7.82 62713 (AS-PUBMATIC)
1 1 207.65.37.182 62713 (AS-PUBMATIC)
1 2 172.111.38.86 63023 (AS-GLOBAL...)
2 3 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 2 34.229.3.43 14618 (AMAZON-AES)
1 3.82.182.220 14618 (AMAZON-AES)
1 23.46.225.71 16625 (AKAMAI-AS)
1 3.220.46.253 14618 (AMAZON-AES)
1 1 142.250.80.98 15169 (GOOGLE)
1 1 142.251.40.98 15169 (GOOGLE)
1 1 142.251.35.164 15169 (GOOGLE)
6 18.164.116.41 ()
430 95
12    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.us-midwest-1.vip.tn-cloud.net
www.register-herald.com
51    104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
2    2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2807:a000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    108.139.29.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-105.jfk50.r.cloudfront.net
cdn-gateflipp.flippback.com
2    34.171.47.125 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 125.47.171.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
8    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
4    216.17.34.107 (United States)

ASN10242 (USINTERNET, US)
register-herald-cnhi-pw.newsmemory.com
2    2600:141b:1c00:1f98::279f (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
interactives.ap.org
1    3.171.139.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-11.jfk52.r.cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
1    52.88.187.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-187-56.us-west-2.compute.amazonaws.com
casmp.adperfect.com
2    2607:f8b0:4006:80d::2014 (United States)

ASN15169 (GOOGLE, US)
japfg-trending-content.appspot.com
3    54.82.174.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-208.compute-1.amazonaws.com
static.cnhionline.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)
bandborder.com
3    142.251.40.163 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net
fonts.gstatic.com
2    18.164.116.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-7.jfk50.r.cloudfront.net
consent.api.osano.com
11    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
1    18.238.55.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-62.jfk52.r.cloudfront.net
p.flipp.com
9    34.235.58.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-58-193.compute-1.amazonaws.com
photos.register-herald.com
2    108.138.128.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-128.jfk50.r.cloudfront.net
cdn-resources.prfct.cc
4    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
52    142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4    2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
6    2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    130.211.10.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.10.211.130.bc.googleusercontent.com
www.justapinch.com
27    54.192.199.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-199-162.ewr53.r.cloudfront.net
cdn.smugmug.com
www.smugmug.com
photos.smugmug.com
8    142.251.40.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net
www.googletagmanager.com
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
1    2600:9000:21dd:ae00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:24f1:6600:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:9000:247b:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    142.250.80.46 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f14.1e100.net
www.google-analytics.com
3    2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    44.198.22.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-22-224.compute-1.amazonaws.com
ping.chartbeat.net
5    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
3    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    13.249.86.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-86-140.jfk52.r.cloudfront.net
cdn.segment.com
1    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net
www.google.ca
2    44.205.122.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-122-38.compute-1.amazonaws.com
stats-new.smugmug.com
5    108.138.112.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-112-90.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
3    141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu
lb.eu-1-id5-sync.com
9    2600:9000:266a:5c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    108.138.106.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-59.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
3    18.173.140.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-140-223.jfk52.r.cloudfront.net
aax.amazon-adsystem.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
justapinch-com-d.openx.net
us-u.openx.net
2    54.83.69.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-69-204.compute-1.amazonaws.com
ap.lijit.com
2    104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)
bandborder.com
22    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com
tpc.googlesyndication.com
25    18.238.80.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-80.jfk52.r.cloudfront.net
live.primis.tech
1    18.173.132.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-98.jfk52.r.cloudfront.net
api.intentiq.com
2    2600:9000:2512:7400:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    104.18.28.101 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    2600:9000:266a:d400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:2512:e400:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.233.192.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-192-61.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
3    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
4    142.251.35.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
cm.g.doubleclick.net
16    18.164.124.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-48.jfk50.r.cloudfront.net
sync.intentiq.com
1    35.214.208.189 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 189.208.214.35.bc.googleusercontent.com
csync.loopme.me
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
ups.analytics.yahoo.com
5    68.67.160.24 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    2600:1f18:612b:4264:184f:183c:f286:1539 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mb9eo.publishers.tremorhub.com
1    23.199.48.23 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-48-23.deploy.static.akamaitechnologies.com
cs.media.net
1    63.251.28.210 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    23.105.14.100 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.100.rdns.racklot.com
ssbsync-global.smartadserver.com
1    37.157.6.231 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net
1    18.212.103.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-103-81.compute-1.amazonaws.com
match.sharethrough.com
6    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2620:112:f008:200::101 (United States)

ASN26120 (RHYTHMONE, US)
ad.turn.com
1    137.184.29.95 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.kueezrtb.com
1    2606:4700::6812:1ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.ingage.tech
2    142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
pubads.g.doubleclick.net
2    2600:9000:2511:2400:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
video.primis.tech
1    35.160.151.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-151-220.us-west-2.compute.amazonaws.com
api.segment.io
2    98.82.158.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-158-241.compute-1.amazonaws.com
s.amazon-adsystem.com
1    2600:9000:266a:2800:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
rtb.primis.tech
3    98.83.224.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-83-224-108.compute-1.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
2    34.160.128.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
1    142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net
tpc.googlesyndication.com
1    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
ep1.adtrafficquality.google
24    34.170.123.2 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:2840:b000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync.taboola.com
1    2600:1f18:612b:4200:341b:e3d9:6b0a:5e23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
1    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    13.226.94.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-94-26.jfk52.r.cloudfront.net
aa.agkn.com
1    2600:9000:21f9:6000:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    207.65.37.182 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    172.111.38.86 (Reston, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 86-38-111-172.clients.gthost.com
tracker.rtb.admanmedia.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
pbid.pro-market.net
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
1    3.82.182.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-182-220.compute-1.amazonaws.com
sync.bfmio.com
1    23.46.225.71 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-225-71.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    3.220.46.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-46-253.compute-1.amazonaws.com
ce.lijit.com
1    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
www.googleadservices.com
1    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.35.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f4.1e100.net
www.google.com
6    18.164.116.41 (None, )

ASN- ()
video.primis.tech
Apex Domain
Subdomains		 Transfer
51 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 26052
685 KB
50 googlesyndication.com
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
609 KB
44 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1757
video.primis.tech — Cisco Umbrella Rank: 6811
rtb.primis.tech — Cisco Umbrella Rank: 5526
3 MB
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
pubads.g.doubleclick.net — Cisco Umbrella Rank: 438
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
342 KB
29 smugmug.com
cdn.smugmug.com — Cisco Umbrella Rank: 69903
www.smugmug.com — Cisco Umbrella Rank: 132669
stats-new.smugmug.com — Cisco Umbrella Rank: 76761
photos.smugmug.com — Cisco Umbrella Rank: 52696
1 MB
26 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 5206
i.simpli.fi — Cisco Umbrella Rank: 4244
um.simpli.fi — Cisco Umbrella Rank: 878
15 KB
21 register-herald.com
www.register-herald.com
photos.register-herald.com
register-herald.com Failed
177 KB
20 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2238
sync.intentiq.com — Cisco Umbrella Rank: 1052
16 KB
19 pub.network
a.pub.network — Cisco Umbrella Rank: 4296
d.pub.network — Cisco Umbrella Rank: 4761
c.pub.network — Cisco Umbrella Rank: 4319
336 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
aax.amazon-adsystem.com — Cisco Umbrella Rank: 468
s.amazon-adsystem.com — Cisco Umbrella Rank: 337
97 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
914 KB
6 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1453
cdn-ima.33across.com — Cisco Umbrella Rank: 1329
7 KB
6 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
56 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
6 KB
5 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1935
43 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
2 KB
4 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1018
tracker.rtb.admanmedia.com — Cisco Umbrella Rank: 5261
3 KB
4 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 570
image2.pubmatic.com — Cisco Umbrella Rank: 886
image8.pubmatic.com — Cisco Umbrella Rank: 684
image4.pubmatic.com — Cisco Umbrella Rank: 1437
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
id.crwdcntrl.net — Cisco Umbrella Rank: 2708
14 KB
4 openx.net
justapinch-com-d.openx.net — Cisco Umbrella Rank: 73315
u.openx.net — Cisco Umbrella Rank: 761
us-u.openx.net — Cisco Umbrella Rank: 525
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
2 KB
4 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1734
277 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1536
pixel.quantserve.com — Cisco Umbrella Rank: 1059
10 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
api.rlcdn.com Failed
914 B
4 bandborder.com
bandborder.com — Cisco Umbrella Rank: 181677
30 KB
4 newsmemory.com
register-herald-cnhi-pw.newsmemory.com
205 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2363
pbid.pro-market.net — Cisco Umbrella Rank: 9760
1 KB
3 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6558
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784
1006 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 780
ce.lijit.com — Cisco Umbrella Rank: 973
1 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
883 B
3 google.com
analytics.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 3 Failed
24 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
2 KB
3 gstatic.com
fonts.gstatic.com
87 KB
3 cnhionline.com
static.cnhionline.com — Cisco Umbrella Rank: 183779
62 KB
3 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5209
consent.api.osano.com — Cisco Umbrella Rank: 9761
98 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 2185
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 550
d.agkn.com — Cisco Umbrella Rank: 758
1 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 4765
827 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246
883 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
201 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
3 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 521
1 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
127 B
2 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1519
499 B
2 optimise.net
optimise.net — Cisco Umbrella Rank: 5183
1 KB
2 prfct.cc
cdn-resources.prfct.cc — Cisco Umbrella Rank: 112025
3 KB
2 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 44760
3 KB
2 ap.org
interactives.ap.org — Cisco Umbrella Rank: 27373
895 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
23 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 2213
27 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
421 B
1 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
766 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1304
375 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 574
533 B
1 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
13 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1510
181 B
1 ingage.tech
sync.ingage.tech — Cisco Umbrella Rank: 4498
582 B
1 kueezrtb.com
sync.kueezrtb.com — Cisco Umbrella Rank: 2103
570 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 959
435 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 530
348 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1505
476 B
1 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1817
376 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
547 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1071
922 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
266 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 1720
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 128672
103 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 137
326 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1656
202 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 639
482 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1941
15 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1552
643 B
1 justapinch.com
www.justapinch.com — Cisco Umbrella Rank: 70519
22 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
573 B
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 13081
1 adperfect.com
casmp.adperfect.com — Cisco Umbrella Rank: 163732
4 KB
1 cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
550 B
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 12664
30 KB
0 ipredictive.com Failed
sync.ipredictive.com Failed
430 83
Domain Requested by
51 bloximages.chicago2.vip.townnews.com www.register-herald.com
35 live.primis.tech 16 redirects cmp.osano.com
live.primis.tech
www.register-herald.com
27 pagead2.googlesyndication.com live.primis.tech
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
25 securepubads.g.doubleclick.net cmp.osano.com
securepubads.g.doubleclick.net
www.register-herald.com
pagead2.googlesyndication.com
24 um.simpli.fi 21 redirects
21 cdn.smugmug.com www.register-herald.com
photos.register-herald.com
cdn.smugmug.com
19 sync.intentiq.com 1 redirects www.register-herald.com
cmp.osano.com
18 tpc.googlesyndication.com cmp.osano.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.register-herald.com
12 www.register-herald.com www.register-herald.com
10 c.pub.network a.pub.network
10 www.google-analytics.com cmp.osano.com
www.googletagmanager.com
www.google-analytics.com
www.register-herald.com
10 www.googletagmanager.com www.register-herald.com
cmp.osano.com
9 photos.register-herald.com 2 redirects cmp.osano.com
cdn.smugmug.com
8 video.primis.tech www.register-herald.com
live.primis.tech
8 a.pub.network www.register-herald.com
cmp.osano.com
6 lh3.googleusercontent.com www.register-herald.com
5 ib.adnxs.com 3 redirects live.primis.tech
5 eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com cmp.osano.com
5 c.amazon-adsystem.com cmp.osano.com
c.amazon-adsystem.com
live.primis.tech
5 cdn.segment.com cmp.osano.com
cdn.segment.com
5 lexicon.33across.com 2 redirects www.register-herald.com
cdn-ima.33across.com
4 sync.1rx.io 4 redirects
4 cm.g.doubleclick.net 4 redirects
4 photos.smugmug.com www.register-herald.com
4 match.adsrvr.org 1 redirects a.pub.network
live.primis.tech
4 cdn.confiant-integrations.net cmp.osano.com
4 idsync.rlcdn.com 3 redirects
4 bandborder.com cmp.osano.com
bandborder.com
4 register-herald-cnhi-pw.newsmemory.com www.register-herald.com
cmp.osano.com
register-herald-cnhi-pw.newsmemory.com
3 eb2.3lift.com 2 redirects
3 x.bidswitch.net 3 redirects
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 lb.eu-1-id5-sync.com a.pub.network
live.primis.tech
3 id5-sync.com a.pub.network
live.primis.tech
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
3 static.cnhionline.com www.register-herald.com
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 tracker.rtb.admanmedia.com 1 redirects
2 us-u.openx.net cmp.osano.com
2 api.floors.dev a.pub.network
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 s.amazon-adsystem.com 1 redirects cmp.osano.com
2 pubads.g.doubleclick.net live.primis.tech
2 sync.targeting.unrulymedia.com 1 redirects
2 cs.admanmedia.com 2 redirects
2 mb9eo.publishers.tremorhub.com 2 redirects
2 ups.analytics.yahoo.com www.register-herald.com
2 pixel.rubiconproject.com 1 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 ap.lijit.com 1 redirects www.americanhometownmedia.com
2 stats-new.smugmug.com cdn.smugmug.com
2 www.google.ca www.register-herald.com
2 analytics.google.com www.googletagmanager.com
2 www.smugmug.com 1 redirects cdn.smugmug.com
2 id.hadron.ad.gt a.pub.network
2 pixel.quantserve.com www.register-herald.com
2 optimise.net a.pub.network
2 secure.quantserve.com cmp.osano.com
2 cdn-resources.prfct.cc cmp.osano.com
2 consent.api.osano.com cmp.osano.com
2 japfg-trending-content.appspot.com www.register-herald.com
cmp.osano.com
2 interactives.ap.org www.register-herald.com
2 fonts.googleapis.com www.register-herald.com
cmp.osano.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 ce.lijit.com
1 stags.bluekai.com
1 sync.bfmio.com
1 pbid.pro-market.net
1 image4.pubmatic.com 1 redirects
1 image8.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 pixel.tapad.com
1 simplifi.partners.tremorhub.com
1 sync.taboola.com
1 s.ad.smaato.net 1 redirects
1 i.simpli.fi cmp.osano.com
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 id.crwdcntrl.net live.primis.tech
1 www.google.com securepubads.g.doubleclick.net
1 rtb.primis.tech live.primis.tech
1 api.segment.io cdn.segment.com
1 sync.ingage.tech www.register-herald.com
1 sync.kueezrtb.com 1 redirects
1 ad.turn.com 1 redirects
1 match.sharethrough.com 1 redirects
1 cm.adform.net www.register-herald.com
1 ssbsync-global.smartadserver.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 cs.media.net 1 redirects
1 csync.loopme.me 1 redirects
1 cs-server-s2s.yellowblue.io cmp.osano.com
1 u.openx.net 1 redirects
1 ads.pubmatic.com cmp.osano.com
1 cdn-ima.33across.com cmp.osano.com
1 tags.crwdcntrl.net cmp.osano.com
1 api.intentiq.com live.primis.tech
1 justapinch-com-d.openx.net www.americanhometownmedia.com
1 config.aps.amazon-adsystem.com cmp.osano.com
1 www.americanhometownmedia.com cmp.osano.com
1 td.doubleclick.net cmp.osano.com
1 sentry.io cdn.smugmug.com
1 ping.chartbeat.net www.register-herald.com
1 static.adsafeprotected.com www.register-herald.com
1 static.chartbeat.com cmp.osano.com
1 rules.quantcount.com cmp.osano.com
1 www.justapinch.com www.register-herald.com
1 pippio.com www.register-herald.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 d.pub.network www.register-herald.com
1 casmp.adperfect.com www.register-herald.com
1 d1gzrgn7m19oq9.cloudfront.net 1 redirects
1 tag.simpli.fi www.register-herald.com
1 cdn-gateflipp.flippback.com www.register-herald.com
1 cmp.osano.com www.register-herald.com
0 sync.ipredictive.com Failed
0 register-herald.com Failed cmp.osano.com
0 api.rlcdn.com Failed a.pub.network
live.primis.tech
430 122
Subject Issuer Validity Valid
register-herald.com
WR1		 2024-10-14 -
2025-01-12		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2024-03-12 -
2025-04-12		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M02		 2024-09-17 -
2025-10-16		 a year crt.sh
flippback.com
Amazon RSA 2048 M02		 2024-08-18 -
2025-09-16		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-13 -
2025-12-14		 a year crt.sh
pub.network
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-05 -
2025-04-05		 a year crt.sh
ap.org
GeoTrust RSA CA 2018		 2024-08-05 -
2025-08-07		 a year crt.sh
*.appspot.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
static.cnhionline.com
ZeroSSL RSA Domain Secure Site CA		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
bandborder.com
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.api.osano.com
Amazon RSA 2048 M02		 2024-08-27 -
2025-09-25		 a year crt.sh
d.pub.network
WR3		 2024-11-08 -
2025-02-06		 3 months crt.sh
flipp.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-28		 a year crt.sh
ssl.smugmug.com
R11		 2024-10-23 -
2025-01-21		 3 months crt.sh
*.adperfect.com
Amazon RSA 2048 M02		 2024-02-14 -
2025-03-14		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
quantserve.com
R11		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2024-04-29 -
2025-05-31		 a year crt.sh
smugmug.com
Amazon RSA 2048 M02		 2024-09-26 -
2025-10-25		 a year crt.sh
optimise.net
WR3		 2024-11-06 -
2025-02-05		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
confiant-integrations.net
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
c.pub.network
WR3		 2024-11-04 -
2025-02-02		 3 months crt.sh
id.hadron.ad.gt
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
id5-sync.com
E6		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-03 -
2025-07-22		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.ca
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
stats.smugmug.com
Amazon RSA 2048 M03		 2024-02-23 -
2025-03-22		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2024-05-13 -
2025-06-14		 a year crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.primis.tech
Amazon RSA 2048 M03		 2024-08-24 -
2025-09-22		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2024-02-11 -
2025-03-12		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M03		 2024-03-26 -
2025-04-24		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M03		 2024-03-18 -
2025-04-16		 a year crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-11-22 -
2025-05-21		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-27 -
2025-06-18		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2024-08-01 -
2025-08-11		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2024-11-13 -
2025-12-13		 a year crt.sh
lexicon.33across.com
WR3		 2024-11-02 -
2025-01-31		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
api.floors.dev
WR3		 2024-10-22 -
2025-01-20		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 26 frames:

Primary Page: https://www.register-herald.com/
Frame ID: 8189324C3B23DA9C7B2E3B794AEDBE7A
Requests: 241 HTTP requests in this frame

Frame: https://interactives.ap.org/election-results/customers/layouts/organization-layouts/published/45783/20072.html
Frame ID: B89EDAEEBBAC2EA01C35F5500CDC79E0
Requests: 1 HTTP requests in this frame

Frame: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Frame ID: 4AAF8B4CAE1E760579B5CC2497F92008
Requests: 34 HTTP requests in this frame

Frame: https://www.smugmug.com/include/js/cookiemonster.mg?smsess=8d6b14c75270e0b092c6fd7f9ecdde98&skey=f5f0da46bbcaa7b03c36e8d1d84da628
Frame ID: 33D43ABC0AEFCF874860B4E3FAE7870C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: C2ED828C647FF53FF49B84E9810887F8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=868779135.1732523755&gtm=45je4bk0v887101457z8861227858za200zb861227858&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=756625953
Frame ID: 8DBFC9A2C7C67D590BA383D4C831C778
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 51A27C6E96937ECD7D753003FB65F43E
Requests: 49 HTTP requests in this frame

Frame: https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A0C27F38F5941812691CAD016CC6A71B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 63B8AD39CF80F11B539DC58D0C94769E
Requests: 1 HTTP requests in this frame

Frame: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc452fd1-0edc-022f-3c4f-f293c4a0d149
Frame ID: EE9D68B674B9CA98734E14EA5F5D2511
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={{gdpr}}&gdpr_consent={{gdpr_consent}}&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D150%26advUuid%3D%7BpartnerId%7D
Frame ID: 5FFE2820E52A1176F25F8EB8F0099E85
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-cadent_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-nativo_n-Outbrain_n-minuteMedia_n-adMediaV1_snb_n-Beeswax_n-inmobi_cnv_n-sharethrough_rbd_ppt_an-db5_3lift&dcc=t
Frame ID: D3F1A57756625521A9704842FC8D9BB0
Requests: 1 HTTP requests in this frame

Frame: https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9807374D5255B1C746921F76AAAC2E60
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2AUvXhI5DQ79wqtaUGssfOrSv2fCIbOoqko6C1EbVp4upZIuA_LjLK1drUNwGTiZsVgZC4m5AqTiXV7VzIBw64iy_mW8IDZsxjcbhlblQ8zY7Vg2CsEE70Ek4PKLb-zYurLzLSi8_y9WBWOqoAGtocwgoHVMoOE7Wo_DAuEHGigABWPV5laHVjnn4vx9ui14xDPXRLWZCGX0QKSrClJQnX6Fb4r70jjzIT5liZ-gBkZ9P9BPZo1bycWX9VoyvqTuwMnaIeeDBhMrUUMo9j7ajcx-IdGRYJ1HfiwlxIV3P3KbAjd6PHX_uakC6AbbCdbfvbxXU7WCQWJMwRcOYJgLGgCN-iQ0X2Tm1TSvb3LF9DxX9C-6BUbm8aPn25eJZ_skeenluPFGDoc8iPm67k0kYtg-pmmJAq-0La2Dbzuo8AD2bRRv6dshPajZrOTRmsV7dZYoJuhmam725M1o&sai=AMfl-YRMeqijXa0vPMCwIVzAdotPMkKJ-wxXSGk3CsFgFOlCo6jW9e4oyAb8Gz_SaA3gm6_W41_Hz69EGRu38Ft9UyrV4Zb_Zq0xeMu233nCg9yjyKwTjkJyZlpFLx9d&sig=Cg0ArKJSzOkK9ohFVzAiEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C1811222B114F7406CE1367976622BF1
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0SEgSmjZzkKeQz5Mt01AePf0yA7wp83gfYMDO4SReS8vhMfFlbCge4Yrkly-zh5IQiZWORKrgDYEBDRm6SiASBgyasNbBPOWp0tZ1yPMo8c6MKIgJWmSgQhzPL31Z8VoZ8BdhANhu7Xy6Be_iK2HvVgLaXjNVevULbXXaaPuEibbkbCyzCOmDY7h-ICU33JL12LL33Y8MRtCF-Q_EbPxDLphYmXNqHDdvCi6DSxopyx8PYJeT6WAnOlIlTzMqC_11sSzFTujWVAaDypOPVVn61GbI_EhHpMIl-BG2ieBbu_5FLrNFeEnAMbEOJWYpRrj5_-D4miRWegvdGGQ8LyoCXHV_eptRavWoMi4xAB7I98jJEg4ci-VQ5_oc2PMIoDgUKdoM5U10T8O2NeVPEfCd40H6V8GdJg23EuevrBzPNjFFssINoU7ZTP6_ZE62RDYTAEU6sEFJ2B5pQKM&sai=AMfl-YSmm4BVRKsFUgS8l5DzziJExqfOp6khSAmSKX0tt7v33b7MnDQJ4UPyjyS9hmXHk-lIc1z57CIl5e6cqBGxXfq1075LezngfqZc-ma8IMOM50MdMeyVzRCkTCJs&sig=Cg0ArKJSzBhF6bgHJkZ6EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F30B3856721E946526D732CDD4AA4EE4
Requests: 10 HTTP requests in this frame

Frame: https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4283817EAFA3FFFE6A041EC081176439
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf8CCeFFJ3Wh9_F6_JlVLjuif1rPgFtKx9TteBOuSy7UlZgREYfCqb4TptpntQpFqtKjRO7UffnUpbfo7vLg9QNSgxbEC6mxMsoI_QqNgo3CBIuBnjtKM4Snty4oy8iRj4eWQoKXn46dSpOjhS9ZJEZmosJaMtZfPYjhN9cgTIkfIwi-7RR2cn9KHpEeDq_9QqzpwBpLAMf3D06NrVk-LA9BlJDKACSEsATrrfQ63OUdh5qRKD62Ix7nVjhx0ycyL3Ikev2T8aUS6PD_rxgtDPYFFVnGQbqMhrJAkjQvuH_JTocX8yQtynj5zK5lrHaHsAWvmQnxLHwaiWkktr5vT91It1JNgDq91NWr4jLesfhnDK_TUIFa55xkO_nhp0NJqZwVRhzeO-55ElJCXuznP8h_AHQBAgiFiMgGCwPmvQKAYuFCXj41SZf1HUL5kRA80AaEjXIUT-a6sfboE&sai=AMfl-YSu0PJKBVhnJBainNbw1YiaVODx4hqYle7A2QZWBUsRlRrTZ5HUgBnJpHgt_81wKHE6kv_O37JxW1tdclYVxZ46vvG7oMRKxmp93vZ8GZaiGqx0OA_yzrNW7sc_&sig=Cg0ArKJSzKOc92-FOro6EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 40FAC5F177922D07C551EEE0248246DA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubTmiDbuNraP6-x1hPkcwDtehd35HHbfNZp7zX2E1KqhJPH0pAJhq6mE2DDpJ6xHN369tkDVm0MXaqSDMSIqnxzuJq2Pdp7B3aw1cLTS6qyTBUDhhclwxdpSMqAg37rDBe9a-h8o9xbd-hx2MvVm_daXq70UHPFxUv4b-H2lQ1iEG3-j4P0Zb1tFk4NeWqYt2r-rohLvslRYM0q2-3CKc9c6REH-E2rZ-o4v20YSJTtQZ1VhHNtsfSJafvUbBSDHk74ktYb_-eWk6S9vcqg9kIjn9UxJ48KP2DfXHh33fmvFnLVvrHRuVz_2iJ8kqxG8on0z8OUWjPBPru2a3l1qcILi1DS8ocQxScBao0uPYEtZ_mAnLAGnoz4kVX3PndaAkkauU33NlSJD91sQRaxjBJuhw-D0MlM46K5WkCuQSgNDcxKU0FUY8wbDQFwHaPNBoI2BMWpz6cqBY-Jnk&sai=AMfl-YTfYAILKHExBNb-ySpMWrqC82N9liAkN_ZHpW6BU-feLAE_5skxXEreVGfK9uPxJOPU9i3mOtMDAJYnvk_aKw9aZyOErPPWQ75KBvranlY1v_ZT-Dzuld-ZUl3G&sig=Cg0ArKJSzBXM8NFGfhCAEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 740732C28531B3163A035F3BD919EB6B
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthnsTaFQJMNtwXgaz7kbyHqYUVlhcGEuQN_ZsR4Qx8nfUarUC-Hw7Ohkf0dlEZ2oyFYQ2R6DSXb8xQs23icK9tsLrskBsPzDBLQUexG4O2ArZ83sOZ1OZmObk0Usslwxr1KL3hc_Bi9YUh1gcIbxw2MMTNYm_rLpaffAaOQTlXF78yKYlOStA4wN0y37EvyMJkvOdVBrMUeQYM5QbJGyI-pwM4V-ytHeO3iUNEh7ubc5gBNQhMFqoG2c8A3wuhg9Nc1HAzczEJvvzjHPU4rde4rAr57xPwjwOUx5ic52oXdUMnVGRIW-Kh8myzfadrJQ4R65292SbNPJnQ8MwhCuwusBchxZXLqLezm_MrQvDZftVLRrnru1OxVzBlgEiMWsrVvXHE5Ws5xShirhNuTtk1XZzQIYg28OR_dw4_e6yQNwSYSymUaEZx0LqAgt22EGDQXR1IZF1Y6WCdcv4&sai=AMfl-YQgWo3jGaUfGNx62dJEJJ1uafezTOWr-7YoBbVJD8wR9XPstNSxn1yQZJGgxODLSHK5rl9wCceYlQkklHnmld6T-G5c6YgZAgqTTKy1LrFdO3jLa-TY6S7thNbd&sig=Cg0ArKJSzGgO2rsmSLz-EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9FB614937638DA414641A662421BDC8D
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzXeLFFZj7JDXjdzwj46URiw_MqZ7fzgdIowBu_ZUctdoMosGmcYChZSGWupvl-HvlrcW37d1qekLKsJTnabBQxA8hs-Z9HFG-fj-Jd9jONcZzCBpn3dhy0g6fO_GdgxgAvKnAC4Qn0bPuA_-cblQCCMDk48nzP0YxLvYOgtStz5slv0RCZqaq8T0utQPtY-a_C5PCX6pRISvtsSQ7in5pAbHpDcpnNf5WWxAvC54nnCPugzwFaWhMzuu5GUOMQxci35uGZsPgsY46c0rU4QHJ8pqIzstfsaWi-HkpRq6mmVyUpsDBBW-wahL_y8MH2v_1fYhWrclNbf_vRSjJrnR3oI3WjCa1Wsny6EhUfHXTP8QunfuR5lg9vo5Na3D6BbZGStcud2HkI9ExZ0jA1uhwBONxSLjn3_whDtV-UnBa-my1Lf50BXdGo4UIotM_OUSM4O2ld5gk51BELBk&sai=AMfl-YShrw8wGaGSo-vbOiVvXVf1uLi6AX8vcrnjywNUD88JEE1mDHjD23UnUOcQqnOEldpO5-0PIoUxb4eaz11v8H1WfgJkfL6P84dXHGpv4pdbW1VuzX9I5lo21djO&sig=Cg0ArKJSzE12N57OXIigEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6F7DD1133B52146A6DB1DD3995355E02
Requests: 9 HTTP requests in this frame

Frame: https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC7DBFB033BFCBB2904705DFEE738BA5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/LVEN46HQ.html
Frame ID: 1DC363ABC4284791BEAC55E780B96BED
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts1pd1iq4QWZD2ei8FehpppokuzWr5o4VaxzF8yhEnW83co3FdF045SAG3BbjBXED9UvVO8qQzQZ3Ya5o3gzzOsCQBFSKk0uJu9riqSwYGbw6FUMst4dL_S-k17KYeuOiccdeFCgZrdnNqpUyFgvNcE1kbBPvJjnrAdnOHhpZoBK3W8H_x-fy8XfohEfABBjtkOSgWQfuZTp5B7Q8Z4yQY-bKIG1AH-lcuAWWNH8A2fPoG34kzK1xhQkVXnnuMvWUnpdsj-m0erFCr3OCRdnUdn19LYoL88reKer_rmYh8ZNtsCwLgreH5b3JXyOVlgh52nThhex8pnXjKqXzQPS-V9C8YEVInJTG3uFIOM5PuHA0RomiQgG1FsfAGta350aGZzA8KFQ-BN3T_ddk2vmvWCUPB2EVkDCBIzWktMvMWZm8zNuLB0qEx0mhDGw94TuujwLpj&sai=AMfl-YTS1bgJXiIwjmzA15wnBRu8GpWGLCJnXjk42MwO_zjao86leKPlrdiQvUEiNc96xB7ArrmC5pS-fbM1KiSWsNHc1fW66_8-_hNXvwpbnZBAj1j9uZaYMfpYH3zQ&sig=Cg0ArKJSzH7yWRwne8XzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8FA2A1DC9F8A957A8BBB1F72A118E2A7
Requests: 8 HTTP requests in this frame

Frame: https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A3F439124754EF1ED31623ABE432445C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrzClJWW7nz3hxGCjMzw8ebDPwnA-DB3ycC9UvGpR_RuUnTmTzpBq-CHS_AgSGCiJZdXFOAdnV7zmcOzw4b0cGt6w-AASwsa4HiCKJPkV5JgBn4331oFX8GA3sccGChwrZJ7_0TPeVnKb5WLGFm_24rvhNiAB_glPkh3-twA-_oUuIw_Nrw8S1L-1iVqS4IPznZgSzKTsVzCaGTeb28Z9jJ7sQScnWLfWm3ir6lWFsAfZmHqp2Uv_8DAQQtWhbu5fdgOn1yGyA2QuYYD2snDjUcIdR8GjmXuMa3MoXjokNOYTmp7TQ2mzI84BUkgvtUkGiWizLu1l9fc2gG_K6ufbb-R0LnidZ5XRNr59nUCovvmGHYHWSWhMNlWulpqCQBKQJEJHntrXn38YXLt4algA15kE7Ja33rM7XB08OHK5kclRSDkOZMziA_--LApbkm5zqEObo&sai=AMfl-YRo9uwuuEXHe7LADR-korvTqApPs_gCFhcILkKc0PHlBbcSHlu4M85Ms1LGwMzgLzpx57FY42lHHLlHieJmU5HYwULohKTt-qUy-OoOrNxgVc254o2Y4wm3kQ4&sig=Cg0ArKJSzAwjZ4pI9jY9EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 09692F10AF46CD0C244966FEFBC37348
Requests: 8 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Frame ID: C2D227EA04F680ED43A342B2E78F305D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

register-herald.com | In Print. Online. Anytime.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

430
Requests

80 %
HTTPS

26 %
IPv6

83
Domains

122
Subdomains

95
IPs

5
Countries

8240 kB
Transfer

21607 kB
Size

320
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.register-herald.com HTTP 301
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
Request Chain 89
  • https://idsync.rlcdn.com/712559.gif?partner_uid=9b872c74-6666-4beb-91e5-30ccb23ef27c HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDliODcyYzc0LTY2NjYtNGJlYi05MWU1LTMwY2NiMjNlZjI3YxAAGg0I6e2QugYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=dd40ca2a5a216874b6d7e6f2f725ad40896871eeac6fd3d20902bc91f041e92f791426b5417dce21&_=2
Request Chain 168
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=37vnl4QqM3VmczY1f3HWgMRH2ZLlObzJbHG8pho%2FN7A%3D
Request Chain 173
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=eiSfNDzrcKcy1gF%2BbWyhZVh84PHEuaNEQEazasoK0FA%3D
Request Chain 183
  • https://www.smugmug.com/include/js/cookiemonster.mg?returnTo=https://photos.register-herald.com HTTP 302
  • https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com HTTP 302
  • https://www.smugmug.com/include/js/cookiemonster.mg?smsess=8d6b14c75270e0b092c6fd7f9ecdde98&skey=f5f0da46bbcaa7b03c36e8d1d84da628
Request Chain 219
  • https://photos.register-herald.com/img/spacer.gif HTTP 301
  • https://cdn.smugmug.com/img/spacer.gif
Request Chain 248
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=755304&iiqidtype=2&iiqpcid=98a1ab6a-f01f-4847-b8a3-d14fd46f1a96&iiqpciddate=1732523757364&tsrnd=735_1732523757367&vrref=https%3A%2F%2Fwww.register-herald.com%2F&jsver=5.09 HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=755304&iiqidtype=2&iiqpcid=98a1ab6a-f01f-4847-b8a3-d14fd46f1a96&iiqpciddate=1732523757364&tsrnd=735_1732523757367&vrref=https%3A%2F%2Fwww.register-herald.com%2F&jsver=5.09&ckls=true&ci=vxlxynLvKL&nc=false&trid=-268474300
Request Chain 256
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=dc452fd1-0edc-022f-3c4f-f293c4a0d149 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc452fd1-0edc-022f-3c4f-f293c4a0d149
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=7277627c-a64f-4188-b086-cdca26283cfd&google_hm=NzI3NzYyN2MtYTY0Zi00MTg4LWIwODYtY2RjYTI2MjgzY2Zk&gdpr_consent=&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFKIf7VbLLRexDdZANuJZgg&google_cver=1&ssp=sekindo&bsw_param=7277627c-a64f-4188-b086-cdca26283cfd&gdpr_consent=&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=15108dd9-63fb-4f19-b602-b08a9c84d63a HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=15108dd9-63fb-4f19-b602-b08a9c84d63a
Request Chain 262
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=674436ecca7ca&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=e8e89820-78a3-4a2a-829f-578334a1b058&csuuid=674436ecca7ca&gdpr=0&gdpr_consent=
Request Chain 263
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=a92cb8ae-2a69-46a0-8e70-ff7ce51ec47f&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=a92cb8ae-2a69-46a0-8e70-ff7ce51ec47f
Request Chain 264
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=Z0Q27dHM5zgAAAmvAjbDJwAA%261365 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0Q27dHM5zgAAAmvAjbDJwAA%261365
Request Chain 265
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=819027098221802988696 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=819027098221802988696
Request Chain 266
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=M3WRWV6I-1U-KHY1&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3WRWV6I-1U-KHY1
Request Chain 268
  • https://ib.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526advId%253D105%2526advUuid%253D%2524UID%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=105&advUuid=810980635046800621&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1186917411&3rdpcid=810980635046800621
Request Chain 269
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=be170c4c4653422798dab2010cff0c7f HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=be170c4c4653422798dab2010cff0c7f
Request Chain 270
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=674436ecca7ca&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3755253571978305000V10&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755253571978305000V10
Request Chain 271
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=JuZDABZHAKyXLV27RzSAj9yf HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JuZDABZHAKyXLV27RzSAj9yf
Request Chain 272
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=fec76b34a81542c7c8bb56dc2ecf64&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=fec76b34a81542c7c8bb56dc2ecf64
Request Chain 273
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=5a61301c-73bf-46b7-892b-0f7fdcb6e151 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
Request Chain 274
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=4438851394020492166&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4438851394020492166
Request Chain 276
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=6e2beac2-3e6f-48a6-a40b-68839b55bdae&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=6e2beac2-3e6f-48a6-a40b-68839b55bdae
Request Chain 277
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1732523758081 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005&rndcb=3017954061 HTTP 302
  • https://sync.1rx.io/usersync/turn/7684957197179181433?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
Request Chain 278
  • https://sync.kueezrtb.com/api/user/pixel/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D151%26advUuid%3D%24%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=151&advUuid=6a845be6-b181-da96-e6ba-3063afd0e60b&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=6a845be6-b181-da96-e6ba-3063afd0e60b
Request Chain 295
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-cadent_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-nativo_n-Outbrain_n-minuteMedia_n-adMediaV1_snb_n-Beeswax_n-inmobi_cnv_n-sharethrough_rbd_ppt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-cadent_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-nativo_n-Outbrain_n-minuteMedia_n-adMediaV1_snb_n-Beeswax_n-inmobi_cnv_n-sharethrough_rbd_ppt_an-db5_3lift&dcc=t
Request Chain 406
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=364CFF4A1CB34C47A26FFA78C50922CF HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=43360bbe03&gdpr=0&gdpr_consent=
Request Chain 407
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/364CFF4A1CB34C47A26FFA78C50922CF HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
Request Chain 408
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=364CFF4A1CB34C47A26FFA78C50922CF&dongle=yf3
Request Chain 409
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 410
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 411
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=364CFF4A1CB34C47A26FFA78C50922CF HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1732523762770&ip=167.114.209.103&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212600605077009885144 HTTP 302
  • https://um.simpli.fi/aa_px?sk=212600605077009885144 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 412
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 413
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:364CFF4A1CB34C47A26FFA78C50922CF HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=158481&pmc=1&pr=https%3A%2F%2Ftracker.rtb.admanmedia.com%2Fsync%3Fid%3D1&uid=%24%7BPUBMATIC_UID%7D HTTP 302
  • https://tracker.rtb.admanmedia.com/sync?id=1 HTTP 302
  • https://cs.admanmedia.com/1ec842ea24536b0173f75e91dc0e3a4d.gif?puid=b5b68df0-4cfb-70dc-3438-bfe26ab6afbb&redir=https%3A%2F%2Ftracker.rtb.admanmedia.com%2Fsync%3Fid%3D6%26uid%3D%7BUID%7D HTTP 302
  • https://tracker.rtb.admanmedia.com/sync?id=6&uid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
Request Chain 414
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=364CFF4A1CB34C47A26FFA78C50922CF HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=fec76b34a81542c7c8bb56dc2ecf64&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d%26gdpr_consent%3d&26865=364CFF4A1CB34C47A26FFA78C50922CF HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume4016_7441696988127931396&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmVjNzZiMzRhODE1NDJjN2M4YmI1NmRjMmVjZjY0&gdpr=&gdpr_consent=&gdpr=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEN5OcoTEt_xJuVeT5-91X08&google_cver=1&gdpr=&gdpr_consent=&gdpr=null HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=&gdpr_consent=&gdpr=null HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AATp2U7OiG4AABbIeuzZiQ&dataProviderId=817&gdpr=null HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/fec76b34a81542c7c8bb56dc2ecf64?gdpr=&gdpr_consent=&gdpr=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-duG5JNpE2oMH_XMQoNwEA9NN1KI9aOXPo9NElt1p~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e8e89820-78a3-4a2a-829f-578334a1b058&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=810980635046800621&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=819027098221802988696 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1592%26userId%3D%23PMUID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1592&userId=C2D9FF3A-462C-4565-A74E-96CF084FA79D HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=B8d2sRSQ1TfuzB5 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4947274&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
Request Chain 415
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=364CFF4A1CB34C47A26FFA78C50922CF;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=364CFF4A1CB34C47A26FFA78C50922CF;mimetype=img;sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTY4ODg5OTI4MzY5MTkyMTI4MjY= HTTP 302
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOMESkEWqh29SXPsNzPhx3Q&google_cver=1
Request Chain 416
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=364CFF4A1CB34C47A26FFA78C50922CF&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=364CFF4A1CB34C47A26FFA78C50922CF&j=0&xl8blockcheck=1
Request Chain 417
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 418
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 419
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 420
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 421
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 422
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=364CFF4A1CB34C47A26FFA78C50922CF HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=810980635046800621
Request Chain 423
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732523762444&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMIzpi6-4n3iQMV2lBHAR2vEBFQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5yZWdpc3Rlci1oZXJhbGQuY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMIzpi6-4n3iQMV2lBHAR2vEBFQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5yZWdpc3Rlci1oZXJhbGQuY29tLw&is_vtc=1&cid=CAQSKQCa7L7dm5ETyKEYvMd576EHvszjbnVAfw5YD5G6RIlfFY_wyzVtydYH&random=3739319226 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMIzpi6-4n3iQMV2lBHAR2vEBFQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5yZWdpc3Rlci1oZXJhbGQuY29tLw&is_vtc=1&cid=CAQSKQCa7L7dm5ETyKEYvMd576EHvszjbnVAfw5YD5G6RIlfFY_wyzVtydYH&random=3739319226&ipr=y
Request Chain 425
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 426
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=364CFF4A1CB34C47A26FFA78C50922CF&expires=365
Request Chain 427
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=364CFF4A1CB34C47A26FFA78C50922CF
Request Chain 428
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESECF-1Lr_rVUKeEx0lFg0sNQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=364CFF4A1CB34C47A26FFA78C50922CF HTTP 302
  • https://um.simpli.fi/g_match?id=

430 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.register-herald.com/ 		598 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
cfeec6d248d6cdbfea7e9c9c928b3af3a2562e5975348be91dece3a1c653593f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
138
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
88937
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 08:33:33 GMT
etag
W/4f60e114b41b0ac050da2685f9b29655
last-modified
Mon, 25 Nov 2024 08:33:28 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.83.2; app8; 4.86s; 8.1M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.register-herald.com/tncms/xrds/
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"60e609f2-1882c"
age
546542
expires
Thu, 13 Mar 2025 18:06:14 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfceabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
38456
server
cloudflare
user.js
www.register-herald.com/shared-content/art/tncms/user/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"6740ec95-ee3"
age
3
accept-ranges
bytes
content-length
1658
date
Mon, 25 Nov 2024 08:35:49 GMT
last-modified
Fri, 22 Nov 2024 20:41:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5d726a23-9bd8"
age
16928693
expires
Thu, 13 Mar 2025 16:45:09 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfcdabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
12719
server
cloudflare
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671917af-841f"
age
214220
expires
Sun, 02 Nov 2025 05:41:04 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Wed, 23 Oct 2024 15:35:11 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd2abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14189
server
cloudflare
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-2d77"
age
12087282
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd1abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4260
server
cloudflare
application.0758030105fdd3a70dff03f4da4530e2.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6707d183-1166"
age
2343902
expires
Wed, 15 Oct 2025 19:01:05 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 13:07:15 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd0abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1636
server
cloudflare
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-9b8"
age
21507169
expires
Thu, 13 Mar 2025 16:48:12 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfcfabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
910
server
cloudflare
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66920-1ac2e"
age
16909319
expires
Thu, 13 Mar 2025 19:22:21 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:32 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfb6abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
21439
server
cloudflare
font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"653c2da1-7257"
age
23374738
expires
Thu, 31 Oct 2024 06:48:36 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Fri, 27 Oct 2023 21:37:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfb7abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7517
server
cloudflare
layout.4f2008879f13ddd758050a76c1e8672c.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		155 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4f2008879f13ddd758050a76c1e8672c.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1b7c5-26de1"
age
4707643
expires
Wed, 01 Oct 2025 19:01:14 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Mon, 23 Sep 2024 18:47:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfb8abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
34470
server
cloudflare
theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66be51f7-a358"
age
8339542
expires
Wed, 20 Aug 2025 19:02:07 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Thu, 15 Aug 2024 19:07:35 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfb9abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
9533
server
cloudflare
site.css
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/styles/site.css?_dc=1653486271
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d7c9d22bc64bec9e1ab42f298cb72b96daf3e6f0fb3ca309437b3ca962645c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"628e32bf-1728"
age
17040234
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Wed, 25 May 2022 13:44:31 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfbaabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1525
server
cloudflare
flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		1 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66925-4a3"
age
384498
expires
Thu, 13 Mar 2025 19:26:02 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfbbabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
533
server
cloudflare
jquery-ui.css
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528903338
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5b2136aa-3e62"
age
384498
expires
Sat, 20 Sep 2025 16:55:56 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Wed, 13 Jun 2018 15:22:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfbdabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3038
server
cloudflare
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66925-2021"
age
465808
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Wed, 21 Feb 2024 21:20:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbbfbcabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1823
server
cloudflare
csrf.js
www.register-herald.com/shared-content/art/tncms/api/ 		940 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/api/csrf.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"6740ec95-3ac"
age
283
accept-ranges
bytes
content-length
537
date
Mon, 25 Nov 2024 08:31:08 GMT
last-modified
Fri, 22 Nov 2024 20:41:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
access.3e0b8030b6000aa9a609.js
www.register-herald.com/shared-content/art/tncms/api/ 		71 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"67214290-11c3d"
age
283
accept-ranges
bytes
content-length
29787
date
Mon, 25 Nov 2024 08:31:08 GMT
last-modified
Tue, 29 Oct 2024 20:16:16 GMT
content-type
application/x-javascript
vary
Accept-Encoding
tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-2503"
age
391167
expires
Thu, 13 Mar 2025 16:48:12 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd4abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2877
server
cloudflare
tnt.ads.load.462138bd56c8889eca1bfd14028a582d.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.462138bd56c8889eca1bfd14028a582d.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba48dfc33fe7421ce415e24343f993c3bee5554c49dc34d2a65831f9e0db4c0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f221db-406"
age
17258536
expires
Wed, 19 Mar 2025 19:01:22 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Mar 2024 21:59:55 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed099c3abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
620
server
cloudflare
tracking.js
www.register-herald.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=10
content-encoding
gzip
service-worker-allowed
/
etag
W/"6740ec95-a3a"
age
310
accept-ranges
bytes
content-length
1157
date
Mon, 25 Nov 2024 08:30:41 GMT
last-modified
Fri, 22 Nov 2024 20:41:57 GMT
content-type
application/x-javascript
vary
Accept-Encoding
admanager.js
www.register-herald.com/shared-content/art/tncms-ad-manager/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"65ea3d44-9d42"
age
124
accept-ranges
bytes
content-length
12840
date
Mon, 25 Nov 2024 08:33:47 GMT
last-modified
Thu, 07 Mar 2024 22:18:44 GMT
content-type
application/x-javascript
vary
Accept-Encoding
impressions.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		83 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/impressions.js?_dc=1732521926
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e71b9750bed04d835845acb8610e99fdc726b81ee570b0f48e7bb843011fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67442fc6-53"
age
243
expires
Tue, 25 Nov 2025 08:11:22 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Mon, 25 Nov 2024 08:05:26 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd3abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
100
server
cloudflare
traffic.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/traffic.js?_dc=1732512918
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af69970e4bdd1dae03743c2e01cc7a78d5b3cc946517170e3ec75f6ce781908b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67440c96-5e4"
age
7235
expires
Tue, 25 Nov 2025 05:40:45 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Mon, 25 Nov 2024 05:35:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfdaabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
826
server
cloudflare
settings.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/ 		3 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/ads/settings.js?_dc=1519930389
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c07323b9f8816039655bc454c1a75563a252381a906f01d97c169659b27e63
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5a984c15-d4c"
age
17497349
expires
Wed, 19 Mar 2025 10:35:02 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Thu, 01 Mar 2018 18:53:09 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd9abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
585
server
cloudflare
tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-6d1"
age
1485630
expires
Thu, 13 Mar 2025 15:33:25 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed099c4abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
771
server
cloudflare
jquery-ui.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/libraries/flex/components/site/resources/scripts/jquery-ui.js?_dc=1468945517
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"578e546d-aad1"
age
384498
expires
Fri, 14 Nov 2025 19:04:22 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Tue, 19 Jul 2016 16:25:17 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd8abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14461
server
cloudflare
biz.js
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/live/global/resources/scripts/biz.js?_dc=1468340463
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4198d9ae65e215bbfba8a14b4e9ed754198d186ba88aed0ca37ea54ecb7701b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"578518ef-1985"
age
17040234
expires
Thu, 13 Mar 2025 16:48:12 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Tue, 12 Jul 2016 16:21:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd7abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2226
server
cloudflare
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65f221dd-cf"
age
17040234
expires
Sat, 22 Mar 2025 08:11:17 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Mar 2024 21:59:57 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbdfd6abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
176
server
cloudflare
css
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97210a6f3bb5fd736f839127b138eb7a7786cde64d5983b53743cb6816d7079e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 06:38:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fontawesome.48f6e778a25162f5c4a6977fb556155b.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		277 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66e19e2e-45518"
age
452517
expires
Wed, 17 Sep 2025 19:01:08 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Wed, 11 Sep 2024 13:42:06 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed099c5abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
117608
server
cloudflare
osano.js
cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/ 		365 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2807:a000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
dac9147c2b74fb135d2bbfaf863ae1d12921a4e47f12da60467eab962c33d60a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
"58f0212a8fe8f242dd26fa5980ef469d"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
1LTuYBN4WjkLkJNv57PPbe9E0SHZEtFwKMMBL_KMvBvv8drr79_Fdw==
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 15:59:37 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 a099b23be243d2ee8929f28860829b6a.cloudfront.net (CloudFront)
content-length
98692
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P6
server
CloudFront
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-105.jfk50.r.cloudfront.net
Software
envoy /
Resource Hash
cb58cb23cd0565f80dc68262022fd12ab1c3b28a4cff6ac14bc7cf87452373c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-store
content-encoding
gzip
x-envoy-upstream-service-time
8
via
1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
o11YKmIycekSumtc7iGlKVv3e4gWp_9cIpz7reOGYdRYsDrC4Y-U0A==
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript
vary
Origin,Origin, Accept-Encoding
server
envoy
x-amz-cf-pop
JFK50-P2
eafa8850-4d78-0136-d0af-06a9ed4ca31b
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/eafa8850-4d78-0136-d0af-06a9ed4ca31b
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.171.47.125 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
125.47.171.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
95ee6fc8810dfcbf054b898101151cb555278f15ff86e64a846cf1209c7184d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-request-id
GAspLJxw8zAduGWh_0ZC
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
cls.css
a.pub.network/register-herald-com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/register-herald-com/cls.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8908154ab78aedae0914ded4c76fff4b8310d1b82beeb00dfadb340c77d7e90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=9X94PQ==, md5=hJ3oBFY8dwOkI4E7uQRszg==
cf-cache-status
REVALIDATED
etag
W/"849de804563c7703a423813bb9046cce"
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 09:05:52 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
2627
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 12:54:52 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-guploader-uploadid
AFiumC7qFM0JfbnAORLgNYPUoIyOo_3YoyTCBV5k9APV7yEgTu9u4b5P66OGzgPtuKKhEvoWZ8g4RQ7jtw
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ecb9c28aa95-YYZ
access-control-allow-origin
*
x-goog-generation
1729601692824486
server
cloudflare
pubfig.min.js
a.pub.network/register-herald-com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/register-herald-com/pubfig.min.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a179aff94697df1272b7433e1346f780d35ae375b7cb926f3b16dcd2bfd5cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=FRPsJg==, md5=dlq4yzWkeJmHXbTYW0X6Ug==
cf-cache-status
HIT
etag
W/"765ab8cb35a47899875db4d85b45fa52"
age
212075
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 09:05:53 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43680
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:40:57 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4qAw8HazRK2RQ4vvZgwZT6InkH-SifjJFuOb-EXIHNpW81bYttRBrGepURLsGmJAEQB48
strict-transport-security
max-age=31536000; includeSubDomains; preload
link
<https://d.pub.network/v2/sites/register-herald-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ed08d75aa95-YYZ
access-control-allow-origin
*
x-goog-generation
1732034456901524
server
cloudflare
/
register-herald-cnhi-pw.newsmemory.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&v=3&service=onstop
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
689c90e3d54cd33dc799dcb8f743d21832ffb124eaacbb96ee5846f88dc533ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Expires
Mon, 25 Nov 2024 10:35:53 UTC
Access-Control-Allow-Origin
*
Content-Length
6113
Keep-Alive
timeout=2, max=300
Date
Mon, 25 Nov 2024 08:35:53 GMT
Content-Type
application/x-javascript
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
tracker.js
www.register-herald.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"66f6f794-2200"
age
3
accept-ranges
bytes
content-length
3224
date
Mon, 25 Nov 2024 08:35:49 GMT
last-modified
Fri, 27 Sep 2024 18:21:08 GMT
content-type
application/x-javascript
vary
Accept-Encoding
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95b2add8ced883d3eefbfc4e70b58fbed8de0bc9e5b3772c3c262212cb67564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"627134b3-42ce"
age
5680972
cf-cache-status
HIT
expires
Wed, 03 Sep 2025 10:53:29 GMT
cf-polished
origFmt=png, origSize=17102
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
image/webp
content-disposition
inline; filename="627134b320195.webp"
vary
Accept
last-modified
Tue, 03 May 2022 13:57:07 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbefe4abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8476
server
cloudflare
/
register-herald-cnhi-pw.newsmemory.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&v=3
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
6dc9709f3e552523547345e7df9f22b4cf773a66f66590aede2a5a24c1c5834d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
f29d2990f8bc3e72562c48abbf12e76d
Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Expires
Mon, 25 Nov 2024 10:35:53 UTC
Access-Control-Allow-Origin
*
Content-Length
4416
Keep-Alive
timeout=2, max=300
Date
Mon, 25 Nov 2024 08:35:53 GMT
Last-Modified
Thu, 17 Aug 2023 14:18:11 UTC
Content-Type
application/x-javascript
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png?resize=400%2C44
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"bdf93259bcd79bd4c05d76c1031b2fce"
age
459220
cf-cache-status
HIT
expires
Thu, 13 Nov 2025 22:48:25 GMT
cf-polished
origFmt=png, origSize=10751
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
image/webp
content-disposition
inline; filename="627134b320195.webp"
vary
Accept
last-modified
Tue, 03 May 2022 13:57:07 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbefe5abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5364
server
cloudflare
resizeClient.js
interactives.ap.org/election-results/assets/microsite/ 		621 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://interactives.ap.org/election-results/assets/microsite/resizeClient.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1f98::279f Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
187e36835b2bd991ca93ea63a3b3aa77d6fcf579ea1d30e78829c4cd4f3581dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Vary
Accept-Encoding
x-amz-replication-status
FAILED
Content-Encoding
gzip
ETag
"e35127c8f7e3d7745729c5a7f3e85784"
x-amz-version-id
0Zf8UDEYGXrHOqNcQUqrc6j3KNhfQoWY
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
362
X-Amz-Cf-Id
J_M3Mujlt-qXZ60Y0kFNYhbbXnxq_4q9IqDlkMRzT3qDchkseIeWLw==
Date
Mon, 25 Nov 2024 08:35:53 GMT
Content-Type
application/javascript
Last-Modified
Mon, 18 Nov 2024 16:03:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK52-P5
x-amz-server-side-encryption
AES256
0f9cad1c-66dc-11eb-aee9-cb350c093c6a.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/0f9cad1c-66dc-11eb-aee9-cb350c093c6a.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55889ef6b0be911566f841cdf9e12e9d769a3d5324e34e1d9c3c9442218dae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"601bda4a-eb40"
age
384498
cf-cache-status
HIT
expires
Fri, 07 Nov 2025 21:49:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=60224
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
image/webp
content-disposition
inline; filename="0f9cad1c-66dc-11eb-aee9-cb350c093c6a.webp"
vary
Accept
last-modified
Thu, 04 Feb 2021 11:28:10 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecc580cabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
32776
server
cloudflare
06b04adc-7cae-11eb-b31c-1bc033198f1e.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/06b04adc-7cae-11eb-b31c-1bc033198f1e.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c64f44304b93bb203e30ce68d3518197832e3b2f0d17418731d9380857ffb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"604075fc-f94f"
age
384498
cf-cache-status
HIT
expires
Thu, 20 Nov 2025 21:25:45 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=63823
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
image/webp
content-disposition
inline; filename="06b04adc-7cae-11eb-b31c-1bc033198f1e.webp"
vary
Accept
last-modified
Thu, 04 Mar 2021 05:54:04 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecc580dabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
42572
server
cloudflare
retailadvertiser
casmp.adperfect.com/widget/
Redirect Chain
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.register-herald.com
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
52.88.187.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-187-56.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ca46c7d904699d5673e1e9cf73ea6bb7c99b224a74fe06f9e43bd213faf52b95

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=3600
content-encoding
gzip
expires
Mon, 25 Nov 2024 09:35:52 GMT
content-length
3328
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache

Redirect headers

Cache-Control
max-age=3600
Location
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.register-herald.com
Age
252
Connection
keep-alive
Via
1.1 b2a97308187ed38f56c38676d5710b7e.cloudfront.net (CloudFront)
Expires
Mon, 25 Nov 2024 09:31:39 GMT
X-Cache
Hit from cloudfront
Content-Length
0
X-Amz-Cf-Id
gvY5HXsN9KsJ6o_RVI_-FI7z1FQbmP_0NzuTqX7FBYsCCDRXkTe0ug==
Date
Mon, 25 Nov 2024 08:31:39 GMT
Content-Type
text/html; charset=UTF-8
X-Amz-Cf-Pop
JFK52-P8
Server
Apache
widgey-dug.php
japfg-trending-content.appspot.com/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10223&v=1&q=3&i=1
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2014 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
501fb04bc7409bdd6cb63b6ef46295c0788b45748eac14ba523833be84cf6311

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
63d974bdca729.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/a/4c/a4c1e2c4-a1a2-11ed-8a11-e30cd8b6a389/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/a/4c/a4c1e2c4-a1a2-11ed-8a11-e30cd8b6a389/63d974bdca729.image.jpg?resize=400%2C320
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80799ebf2ac1a977b8926bb1b45767c640045522b15676c5a66b34faaa1ac31
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ca0a06b8afb8ef142e5ca6e5788cd32c"
age
5705919
cf-cache-status
HIT
expires
Thu, 13 Mar 2025 16:45:20 GMT
cf-polished
origSize=27407, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
image/jpeg
last-modified
Tue, 31 Jan 2023 20:06:21 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecd8875abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
27199
server
cloudflare
registerherald.js
static.cnhionline.com/cnhi/data/premiumads/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/premiumads/registerherald.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
48fd8b2824c2aaa6805d06553d9920e45a2c4ee96d72ac5809b0603d6eaa1ef3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
"e80b50c6-478-627b169eb8000"
Connection
close
Accept-Ranges
bytes
Content-Length
1144
Date
Mon, 25 Nov 2024 08:35:52 GMT
Last-Modified
Mon, 25 Nov 2024 00:00:00 GMT
Content-Type
text/javascript
Server
Apache/2.2.34 (Amazon)
registerherald.js
static.cnhionline.com/cnhi/data/bizmarquee/ 		441 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/bizmarquee/registerherald.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
be40e3da703faed33bd3e9c8977a3d814f53c17df10838fd4b257c7e9f6d074f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
"f00672ae-1b9-627b169eb8000"
Connection
close
Accept-Ranges
bytes
Content-Length
441
Date
Mon, 25 Nov 2024 08:35:52 GMT
Last-Modified
Mon, 25 Nov 2024 00:00:00 GMT
Content-Type
text/javascript
Server
Apache/2.2.34 (Amazon)
5879-RTJ-Summer-Packages-300x250.gif
static.cnhionline.com/ksherman/images/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/ksherman/images/5879-RTJ-Summer-Packages-300x250.gif
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

ETag
"805b540-edcd-5fd785f418f52"
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Origin
http://template1.cnhionline.com
Content-Length
60877
Date
Mon, 25 Nov 2024 08:35:53 GMT
Last-Modified
Tue, 06 Jun 2023 16:18:39 GMT
Content-Type
image/gif
Server
Apache/2.2.34 (Amazon)
tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671917b1-3662"
age
465808
expires
Thu, 06 Nov 2025 12:26:26 GMT
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/x-javascript
last-modified
Wed, 23 Oct 2024 15:35:13 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecf7941abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5096
server
cloudflare
tnt.poll.e40d6bdcc6bcd404603444a2cc667ea0.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.e40d6bdcc6bcd404603444a2cc667ea0.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1895ad7b11c8904ba4f8c86b5221539f3cf6a8cf729a0a1e3e590623c9da896b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66abbcfc-fbf"
age
384499
expires
Fri, 01 Aug 2025 18:01:36 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Thu, 01 Aug 2024 16:51:08 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed069b3abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1672
server
cloudflare
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66922-1010"
age
1485630
expires
Thu, 13 Mar 2025 18:07:32 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed089beabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1501
server
cloudflare
tnt.regions.e7df22f20c42105cce5864da9e346f48.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.e7df22f20c42105cce5864da9e346f48.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66be51f3-1041"
age
8339543
expires
Wed, 20 Aug 2025 19:02:07 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 19:07:31 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed099bfabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1560
server
cloudflare
dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"65d66921-5a6"
age
13121068
expires
Thu, 13 Mar 2025 18:07:32 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Wed, 21 Feb 2024 21:20:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed099c1abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
554
server
cloudflare
promo_popup.251d9baed77bb7d7e50212b336162059.js
bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/promo_popup.251d9baed77bb7d7e50212b336162059.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6564a921-5e8"
age
23379195
expires
Thu, 28 Nov 2024 07:20:01 GMT
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/x-javascript
last-modified
Mon, 27 Nov 2023 14:35:13 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed099c2abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
659
server
cloudflare
gtm.js
www.googletagmanager.com/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71a41e3f248643457282a6b017e6bad75a0d662ed43f46a3f9bf3bad2bba4107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 08:35:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79657
x-xss-protection
0
server
Google Tag Manager
/
www.register-herald.com/_services/v1/client_ip_info/ 		82 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/_services/v1/client_ip_info/
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
3838f85787cad5579a56d4bb1e25cecdfe9166bf0ff56a2ff0464583d51debe3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=3600
content-length
82
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
application/json
fbf4f5df-388a-4599-b185-1ce1e10b4b36
https://www.register-herald.com/ Frame 		0
0
hwggUy-8zXVKjZI2E0wUar3MPBzZdax8V8xbh44lQOv3IKJxHBD4W_wdvLc56wLDDaDvNtpmA
bandborder.com/v2/0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/hwggUy-8zXVKjZI2E0wUar3MPBzZdax8V8xbh44lQOv3IKJxHBD4W_wdvLc56wLDDaDvNtpmA
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6175b90081cead91934049fee413677a53112b75f20b84128723247d4878d1d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"c75c2b7a9a05ef2421587caa0adf7150750200896685635cfcd8c5d36bf4ac79"
x-buildname
hoothoot
x-hostname
fen-hoothoot-us-central1-test-d239
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e804ed13f04a2e1-YUL
accept-ranges
bytes
content-length
3881
x-buildnumber
1553448542
server
cloudflare
tracker.gif
www.register-herald.com/shared-content/art/stats/common/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.register-herald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1732523753053505016001200485064932368&tnms_dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&tnms_upage=1&tnms_do=www.register-herald.com&tnms_uri=/&tnms_ref=&rt=1732523753057
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

date
Mon, 25 Nov 2024 08:35:53 GMT
content-length
0
mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
bandborder.com/v2/0/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d6a9ebc8beb548d6831dd41fad854010fa3066f3db466412687832595cc84c7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"9901c02fa7b8c86c3a7d2898e2bf04b9440f0d48ecfe5a0fd6c3e7597f54a120"
x-buildname
hoothoot
x-hostname
fen-hoothoot-us-central1-test-d239
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e804ed13f02a2e1-YUL
x-buildnumber
1553448542
server
cloudflare
dc20b75e-46eb-4cc9-b513-539a92befadc
https://www.register-herald.com/ Frame 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://fonts.googleapis.com/

Response headers

age
238764
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 14:16:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 14:16:29 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
record
consent.api.osano.com/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-7.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-amz-apigw-id
By2EhExJoAMErFw=
x-amzn-trace-id
Root=1-674436e9-5b440d57557045aa4b167a60
access-control-allow-methods
POST,OPTIONS
x-amzn-requestid
f64fcf76-478c-45c6-921c-869726696e0f
via
1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
trWSCfmW-8vkyA-z50f1yT35s_NfiwWDp2no6V4_8H4tQJRqvWJ8vQ==
date
Mon, 25 Nov 2024 08:35:53 GMT
x-amz-cf-pop
JFK50-P6
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-7.jfk50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 25 Nov 2024 08:35:53 GMT
via
1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
x-amz-apigw-id
By2EhGUAoAMEURg=
x-amz-cf-id
FWTEeZQJAg6mE5LWs4nDTuqisaJT6KHODnIidPIE2Ox0spSnhdP_SA==
x-amz-cf-pop
JFK50-P6
x-amzn-requestid
249ea806-f2a3-4aed-9794-56e7ca765bcd
x-cache
Miss from cloudfront
990dc7fc-af3a-4a0c-924b-8d13821e050f
https://www.register-herald.com/ Frame 		0
0
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
configs
d.pub.network/v2/sites/register-herald-com/ 		75 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/register-herald-com/configs?env=PROD
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
13c5c5ff33ab479db76e8e4baf65d72c49d115b8ab7e5097e8552a2c0e3ab777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://fonts.googleapis.com/

Response headers

age
304451
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 20:01:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 20:01:42 GMT
last-modified
Tue, 02 May 2023 15:52:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33116
x-xss-protection
0
server
sffe
673e562ed41d7.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/4f/64ffa990-a787-11ef-85ba-e7a93cfb381e/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/4f/64ffa990-a787-11ef-85ba-e7a93cfb381e/673e562ed41d7.image.jpg?resize=101%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20899d4215c29fdb483a29920675ecc094a9184c153d839f55dcbca59952ed3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"b72f682554e7243ba6e487f49b4c6c60"
age
61881
cf-cache-status
HIT
expires
Mon, 24 Nov 2025 14:54:59 GMT
cf-polished
origSize=6010, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Wed, 20 Nov 2024 21:35:42 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed23a6dabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5506
server
cloudflare
20072.html
interactives.ap.org/election-results/customers/layouts/organization-layouts/published/45783/ Frame B89E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://interactives.ap.org/election-results/customers/layouts/organization-layouts/published/45783/20072.html
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1f98::279f Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
561
Content-Type
text/html
Date
Mon, 25 Nov 2024 08:35:53 GMT
ETag
"c16f7bffdd5326820c2f55ec7a9bf7e2"
Last-Modified
Mon, 28 Oct 2024 19:11:33 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Amz-Cf-Id
Tl5aQDN6eOobIX42h3SZBO6Y3u0o8qnVUbPs3n30VxjLfaqXjH_ZKA==
X-Amz-Cf-Pop
JFK52-P5
x-amz-replication-status
FAILED
x-amz-server-side-encryption
AES256
x-amz-version-id
fFfUtTMyAyfOJ1fsW_UD1xjaSyESdSj9
627134b320195.image.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/media/e/b5/eb587ab8-cae8-11ec-a492-332eebaadb8a/627134b320195.image.png?resize=400%2C44
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"bdf93259bcd79bd4c05d76c1031b2fce"
age
459220
cf-cache-status
HIT
expires
Thu, 13 Nov 2025 22:48:25 GMT
cf-polished
origFmt=png, origSize=10751
date
Mon, 25 Nov 2024 08:35:52 GMT
content-type
image/webp
content-disposition
inline; filename="627134b320195.webp"
vary
Accept
last-modified
Tue, 03 May 2022 13:57:07 GMT
x-vcache
MISS
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ecbefe5abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5364
server
cloudflare
6740e7352b122.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/30/030098ce-a90f-11ef-b610-430dea8aa376/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/30/030098ce-a90f-11ef-b610-430dea8aa376/6740e7352b122.image.jpg?crop=1600%2C900%2C0%2C83&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52138849c09f70a1abd11ace9368267e599b99ac7d2a085f659b71efd74854d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ab87d39e21f638cf6c45ca1c22124bdd"
age
36795
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 02:19:00 GMT
cf-polished
degrade=85, origSize=30128, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Fri, 22 Nov 2024 20:19:01 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed2fab3abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
27520
server
cloudflare
673e258fdc7ae.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/a0/6a074028-a76a-11ef-a108-73b02461a352/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/6/a0/6a074028-a76a-11ef-a108-73b02461a352/673e258fdc7ae.image.jpg?crop=1755%2C987%2C0%2C96&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f706e0e18946e3f7169ac9c06dac7fbb0c686a0683ba9da18ae64919e644e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"f9a084ce3defa39184798c2e366ba364"
age
36795
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 02:17:44 GMT
cf-polished
degrade=85, origSize=28787, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Wed, 20 Nov 2024 18:08:16 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed2fab4abae-YYZ
access-control-allow-origin
*
server
cloudflare
673fac5517931.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/4d/54d76e32-a853-11ef-a109-bfafd9ebc10c/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/4d/54d76e32-a853-11ef-a109-bfafd9ebc10c/673fac5517931.image.jpg?crop=1752%2C986%2C0%2C98&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8ec8afff835f923f221ffcdc2d917a9a26d87366f8f6566fabc484e56c944b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"670e3bf9bd4a485d4ee5c20017c6f8b7"
age
36795
cf-cache-status
HIT
expires
Sat, 22 Nov 2025 22:31:26 GMT
cf-polished
degrade=85, origSize=23202, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Thu, 21 Nov 2024 21:55:33 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed2fab6abae-YYZ
access-control-allow-origin
*
server
cloudflare
673fb98c48200.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/81/0819283a-a85b-11ef-968e-27a14dd2836d/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/0/81/0819283a-a85b-11ef-968e-27a14dd2836d/673fb98c48200.preview.jpg?crop=800%2C450%2C0%2C54&resize=400%2C225&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7489f0c635545a67cfbe23ed9463eceae16a3a45b168c3de04faa3e72b52ed8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"1e2b8544e34a5c18b2bd5360930e4987"
age
36795
cf-cache-status
HIT
expires
Sat, 22 Nov 2025 01:50:22 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=12166
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/webp
content-disposition
inline; filename="673fb98c48200.webp"
vary
Accept
last-modified
Thu, 21 Nov 2024 22:51:58 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed2fab8abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
10898
server
cloudflare
673bb66e67051.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/f/fd/ffd1131a-a5f6-11ef-ab36-97622b16457f/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/f/fd/ffd1131a-a5f6-11ef-ab36-97622b16457f/673bb66e67051.image.jpg?crop=1600%2C900%2C0%2C83&resize=750%2C422&order=crop%2Cresize
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a2e11ca7eec8c417502083be1f1ab4739d7e88b9cf694fc7ad5a69195603c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ab15727f849fbe65bb845a5ad42a0683"
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 22:07:40 GMT
cf-polished
degrade=85, origSize=78479, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Mon, 18 Nov 2024 21:49:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed2fab9abae-YYZ
access-control-allow-origin
*
server
cloudflare
673e500e879c0.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/b/e3/be36207e-a783-11ef-8cb3-9fdad3355b1b/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/b/e3/be36207e-a783-11ef-8cb3-9fdad3355b1b/673e500e879c0.image.jpg?resize=164%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce019fdf5ef58bd9f7f0f8c041682db9b1ea6efccddfdd26817f13bf600e4cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"7b7b1536fd1a88d2795558df19754e14"
age
139267
cf-cache-status
HIT
expires
Sun, 23 Nov 2025 14:08:31 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=6349
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/webp
content-disposition
inline; filename="673e500e879c0.webp"
vary
Accept
last-modified
Wed, 20 Nov 2024 21:09:34 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed34ad6abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5444
server
cloudflare
6740e30f6dadf.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/e9/5e9aac40-765a-11ed-889e-6760cb3f2026/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/5/e9/5e9aac40-765a-11ed-889e-6760cb3f2026/6740e30f6dadf.preview.jpg?resize=154%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bb0f82681ca4b17ba49278bc70052a3723e2ada4bcc9a0598dcd1f60409c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"5da1d7cd25d07056de923e8c3f1a62d9"
age
185435
cf-cache-status
HIT
expires
Sat, 22 Nov 2025 20:01:27 GMT
cf-polished
origSize=8544, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Fri, 22 Nov 2024 20:01:19 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed34ad8abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8080
server
cloudflare
65dcdd970b59d.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/47/d4771f1a-b391-11ed-8ff3-eb9dbfb8ffc4/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/47/d4771f1a-b391-11ed-8ff3-eb9dbfb8ffc4/65dcdd970b59d.preview.jpg?resize=153%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bc0358f1c76ca7437e0adfd927c5367f5827201112ec227c5bb9baa8436c5ed
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"fe72b0f7d790d2c8469620c9c013d35b"
cf-cache-status
HIT
expires
Thu, 13 Mar 2025 15:43:02 GMT
cf-polished
degrade=85, origSize=10040, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Mon, 26 Feb 2024 18:51:04 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=604800
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed34ad9abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7304
server
cloudflare
66b0c7d7c72d7.preview.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/cc/dccd4c8a-0f53-11ed-a23b-07939f478bf8/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/d/cc/dccd4c8a-0f53-11ed-a23b-07939f478bf8/66b0c7d7c72d7.preview.png?resize=155%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6511b9f6283c0284e354451a62b50b637fb55f63c4cb7b88d312e6e0e1899423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"599a8084be3c85c54c2a5274516a58c1"
age
333659
cf-cache-status
HIT
expires
Fri, 10 Oct 2025 17:28:50 GMT
cf-polished
origFmt=png, origSize=62571
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/webp
content-disposition
inline; filename="66b0c7d7c72d7.webp"
vary
Accept
last-modified
Mon, 05 Aug 2024 12:38:48 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed34adaabae-YYZ
access-control-allow-origin
*
server
cloudflare
65c137e735c6e.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/2/41/2418507c-a184-11ed-961d-efb9bc4aaef4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/2/41/2418507c-a184-11ed-961d-efb9bc4aaef4/65c137e735c6e.preview.jpg?resize=131%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2544873c9cde050a91b86eb99a2305aeeb5ba62a4a5a0e9d994e8c2fbacb366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"6876d423442a0eb809dfb4be86700d0a"
age
333659
cf-cache-status
HIT
expires
Wed, 19 Nov 2025 20:44:46 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=7088
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/webp
content-disposition
inline; filename="65c137e735c6e.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 19:32:57 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed34adbabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
6310
server
cloudflare
66def154edf28.preview.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/e/b3/eb3a484a-2321-11ed-b083-73cbab17e1c9/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/e/b3/eb3a484a-2321-11ed-b083-73cbab17e1c9/66def154edf28.preview.jpg?resize=152%2C200
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5de348f617ee894c9c9851cf7ac48e9f6525e05a30d5415f7690a3e9afeb9b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"8d88527d450aa1954f1c8775cdb4be7c"
age
333657
cf-cache-status
HIT
expires
Tue, 09 Sep 2025 13:00:14 GMT
cf-polished
degrade=85, origSize=7325, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Mon, 09 Sep 2024 13:00:05 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed34adcabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7048
server
cloudflare
gtm.js
www.googletagmanager.com/ 		239 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJDQXD
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73ac9295ec0ab84ce7f0e680b05a3840fede04a513fca28851010fff590b7429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 08:35:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
85858
x-xss-protection
0
server
Google Tag Manager
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-62.jfk52.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

x-envoy-upstream-service-time
2
access-control-allow-credentials
true
via
1.1 590897dc65a5ea6dcbac1c8ea98c65c4.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-cache
Miss from cloudfront
x-amz-cf-id
GtCw6u-CCwqHrsqAui8TRHO842PkY0Vmc1L8bASzVeBMH6EMAjNThw==
date
Mon, 25 Nov 2024 08:35:53 GMT
x-amz-cf-pop
JFK52-P4
vary
Origin
server
istio-envoy
slideshow
photos.register-herald.com/frame/ Frame 4AAF 		41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.58.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-58-193.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
1657840bd7d87fd8e7eb2c95956a410ecb045fc4d5d950c0e9c61f67f5502077

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Nov 2024 08:35:53 GMT
Server
nginx
Transfer-Encoding
chunked
cache-control
private, no-store, no-cache, max-age=0
content-encoding
gzip
expires
Mon, 25 Nov 2024 08:35:53 GMT
link
<https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-config-200470ebaf510b112e24ee6a61b5977a.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://api.smugmug.com>; rel="preconnect", <https://photos.smugmug.com>; rel="preconnect", <//videos.smugmug.com>; rel="dns-prefetch", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/widget_bundle-d444c68ccac9c24df76b208da45a8d91.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/gallery_bundle-4c94933ce49008d0f1dcb556c7f627ae.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js>; rel="preload"; as="script"; crossorigin
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
smug-cdn
cloudflare (via photos.register-herald.com)
vary
Accept-Encoding
x-env
a=live, b=www, c=4cf206a9, d=i-0188dbd2dc0ff2296
x-powered-by
SmugMug/1.0
x-request-id
52f68264
x-s
100.3.97:1305391
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
4/5 - Dare
x-ttfb
0.0407
x-ttfb-l
15922
x-ua-compatible
IE=edge
advertiserwidget.css
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/css/ 		522 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/css/advertiserwidget.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-128.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"b325bb01ffc184ad1cb95dcd96959b45"
age
392014
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
522
x-amz-cf-id
DuqVl2Dpi9sJpMY8Sr5jF8qwWO1FplG3Iqc7HPD6iTyXID9KVSoJtQ==
date
Wed, 20 Nov 2024 19:42:20 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 16:06:56 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
advertiserwidget.js
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/js/advertiserwidget.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-128.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cc23a6e123ece3f599d95ffefb91725b6dfe5b0a58e305f2ff68e32de0617a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://www.register-herald.com/

Response headers

x-amz-cf-pop
JFK50-P4
content-encoding
gzip
etag
W/"6d6a4ec73953baed0275f2517593a5f8"
age
392014
via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hWyfWUPkGaqCTISc6-Lt1Z3hOUYfn026AkzfpNKV9z5ml16Qak7dFw==
date
Wed, 20 Nov 2024 19:42:20 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 16 Oct 2024 16:06:57 GMT
x-amz-server-side-encryption
AES256
sync
pippio.com/api/
Redirect Chain
  • https://idsync.rlcdn.com/712559.gif?partner_uid=9b872c74-6666-4beb-91e5-30ccb23ef27c
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDliODcyYzc0LTY2NjYtNGJlYi05MWU1LTMwY2NiMjNlZjI3YxAAGg0I6e2QugYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=dd40ca2a5a216874b6d7e6f2f725ad40896871eeac6fd3d20902bc91f041e92f791426b5417dce21&_=2
42 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=dd40ca2a5a216874b6d7e6f2f725ad40896871eeac6fd3d20902bc91f041e92f791426b5417dce21&_=2
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=dd40ca2a5a216874b6d7e6f2f725ad40896871eeac6fd3d20902bc91f041e92f791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Mon, 25 Nov 2024 08:35:53 GMT
1f25092f-00fb-4520-a6c5-58e63c3b918e
https://www.register-herald.com/ Frame 		0
0
c01e536c-87cf-4419-b3c3-18c11d08a7c6
https://www.register-herald.com/ Frame 		0
0
5d573fee-ac77-42e0-b881-59f2977a273b
https://www.register-herald.com/ Frame 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?network_code=9869277
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8aa7bc5bbd502aa230807ca86a6626896f8619fc20617f46bc581f0874503454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
634 / 20052 / m202411180101 / config-hash: 79477889192541496
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33426
x-xss-protection
0
server
cafe
prebid-analytics-8.50.0.js
a.pub.network/core/ 		621 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-8.50.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d720517727209364c05e7923b20067950059abd5bdacd5b80ebf1850b2b920ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
3
access-control-expose-headers
*
x-goog-hash
crc32c=AdPHhw==, md5=GrR2UL+h2/73CeG/ZZ6D6A==
cf-cache-status
HIT
etag
W/"1ab47650bfa1dbfef709e1bf659e83e8"
age
39729
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 24 Nov 2025 21:33:44 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
635496
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
text/html
last-modified
Mon, 21 Oct 2024 20:57:18 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC6ik1VWF27WMLOTXFENyDNUGle0yG0lwxZzb28NLSaTBUU0XZjSwF04IsvRiQyM6fnhcuo
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31496271
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ed43e90aa95-YYZ
access-control-allow-origin
*
x-goog-generation
1729544238803279
server
cloudflare
pubfig.engine.js
a.pub.network/register-herald-com/ 		377 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/register-herald-com/pubfig.engine.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc6c096296ab210888d390eedb0f52d963077a4dc083bd08e5c6e074c79d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=aUUJYg==, md5=HXJt7e88hXLDxeefUqiCYg==
cf-cache-status
HIT
etag
W/"1d726dedef3c8572c3c5e79f52a88262"
age
139259
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 09:05:53 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
385821
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript
last-modified
Tue, 19 Nov 2024 16:40:56 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-guploader-uploadid
AFiumC4PKl0c9TPbR90THih8hYi8XRuACduAO9aYsbBgR17m-5E-97IgXhZANIpeKs9gTdljo-E
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=1800
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ed44e94aa95-YYZ
access-control-allow-origin
*
x-goog-generation
1732034456694177
server
cloudflare
0a511551-cdec-4c0d-9040-df9d04d6cdf2
https://www.register-herald.com/ Frame 		0
0
f1fb5d28-66de-11eb-b28d-872fffa55169.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/f1fb5d28-66de-11eb-b28d-872fffa55169.jpg?resize=300%2C159
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93b14ed7784563efe04b1b2fb32f2955b1801d3eee2ab02bfcff3352ce5174d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"87534526e9d823d5e9146e2f2927c629"
cf-cache-status
HIT
expires
Sat, 20 Sep 2025 10:20:15 GMT
cf-polished
origSize=12532, status=webp_bigger
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
image/jpeg
last-modified
Thu, 04 Feb 2021 11:48:49 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed4ab5cabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
11761
server
cloudflare
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"mLYq618hJoRcW1Crupr2OQ=="
expires
Mon, 02 Dec 2024 08:35:53 GMT
accept-ranges
bytes
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript
vary
Accept-Encoding
MAohlCgf5BJ3C0fBtuJkluatjm9Nph6XruJmtyK33DiV3b1tJsLxzn7QMbmEBdgponbqoR8zj-YuP6DAUzOg6l0EZoFlHnODMvsf27oNxZGH7rvpZO10HQ=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/MAohlCgf5BJ3C0fBtuJkluatjm9Nph6XruJmtyK33DiV3b1tJsLxzn7QMbmEBdgponbqoR8zj-YuP6DAUzOg6l0EZoFlHnODMvsf27oNxZGH7rvpZO10HQ=s42-p-rj-l68-e365
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e99a8b2bb16e002eba81a971ff71f7eabe04c12b03cbadcfd13e3b448a8b4ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
6965
x-content-type-options
nosniff
expires
Sun, 23 Feb 2025 06:39:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 06:39:48 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
972
x-xss-protection
0
server
fife
hvvLWJ7t90sGpsp0maNxV4mlxF8NFL_QvnlKwaZvzQIQ50iRRiFP4U3ZEFZRFukJRMIHjKP6IJhg2L3S7cJWqTEh-hKoyiVtcUr6nw=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/hvvLWJ7t90sGpsp0maNxV4mlxF8NFL_QvnlKwaZvzQIQ50iRRiFP4U3ZEFZRFukJRMIHjKP6IJhg2L3S7cJWqTEh-hKoyiVtcUr6nw=s42-p-rj-l68-e365
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
53b94e65768d49eda59af7f8c0f1ea06cae1bca8ff2697016f463818673df700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
2904
x-content-type-options
nosniff
expires
Sun, 23 Feb 2025 07:47:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:47:29 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
1113
x-xss-protection
0
server
fife
Wey3qTOlmeAVQwSsCVQPYEXYnWvKZYaviA6pbXPihWaDZKSMsuG0nbfXjEStJU3U6or81PykpkvKmmXnbx7psKVUjiPlF_hihhph7g1v3fC5JVzgtYz8=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 		855 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Wey3qTOlmeAVQwSsCVQPYEXYnWvKZYaviA6pbXPihWaDZKSMsuG0nbfXjEStJU3U6or81PykpkvKmmXnbx7psKVUjiPlF_hihhph7g1v3fC5JVzgtYz8=s42-p-rj-l68-e365
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a8d3d5441f4dc1096c579e787e33d3a80b5b8e174928ab9d3012035a3ab3a8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
120
x-content-type-options
nosniff
expires
Sun, 23 Feb 2025 08:33:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:33:53 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7776000, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
855
x-xss-protection
0
server
fife
36866ea8-5779-4eb3-94f5-794057c8778b
https://www.register-herald.com/ Frame 		0
0
45520b8e-7a74-40bc-b443-540848ffccda
https://www.register-herald.com/ Frame 		0
0
93e28562-a845-40b6-811f-0b9d63bafc04
https://www.register-herald.com/ Frame 		0
0
3103905d-5050-4b63-9873-94103782dbcc
https://www.register-herald.com/ Frame 		0
0
dd9a2b9c-7c05-4d05-bfd9-fc5f7dcba3ba
https://www.register-herald.com/ Frame 		0
0
8f2d9ca5-a694-416e-b7b7-52e35ed96bf2
https://www.register-herald.com/ Frame 		0
0
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-who
gcloud-web-2
cache-control
max-age=31536000,public
age
147311
via
1.1 google
expires
Sun, 23 Nov 2025 15:40:42 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22292
date
Sat, 23 Nov 2024 15:40:42 GMT
last-modified
Thu, 14 Nov 2024 13:56:30 GMT
content-type
image/png
server
nginx
Dmd6LVW-hEMfngDf6stnLFUYrUBLJeL2vehRfvlvwCSbfpgjOw89IDZkd7OgT6hvbSzz_kSSqxccA4mBdTCakYYg87zHcQ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Dmd6LVW-hEMfngDf6stnLFUYrUBLJeL2vehRfvlvwCSbfpgjOw89IDZkd7OgT6hvbSzz_kSSqxccA4mBdTCakYYg87zHcQ=w300-h170-p-rj-l75
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4e20971ca76f3f3491aaaeb9ed361796ced1576fcfb42bda856bdde4070df29b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
12499
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 05:07:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 05:07:34 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
12826
x-xss-protection
0
server
fife
6VpTquIrZYItxMQ-3dvC2t3BeENdvi3BjBQNPbCjNsjoh5-D99PSLG3DFl6T538LWboRtpENX1IWdhCI3l-KCWt-GJ_CCQ=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/6VpTquIrZYItxMQ-3dvC2t3BeENdvi3BjBQNPbCjNsjoh5-D99PSLG3DFl6T538LWboRtpENX1IWdhCI3l-KCWt-GJ_CCQ=w300-h170-p-rj-l75
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4773b8181c2ae8d78001af7baa212e4e56337c9e948c4c3a5a40a73828195055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
2808
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 07:49:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 07:49:05 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
19215
x-xss-protection
0
server
fife
I7zuS8NuxyYBhG5n6iDXLfK4odsPg9caadUXfKB1XKy1PfRrKsLlzfs5b5M_BuuUanBiqB5F7_Vef_-DEE2ALnTpRb1oaKo=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/I7zuS8NuxyYBhG5n6iDXLfK4odsPg9caadUXfKB1XKy1PfRrKsLlzfs5b5M_BuuUanBiqB5F7_Vef_-DEE2ALnTpRb1oaKo=w300-h170-p-rj-l75
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7fc0df3dd0a51f255e779a3e5a82ccc0ddbb2712202ada034cd0b11e5ffb0862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
7596
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 06:29:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 06:29:17 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
21143
x-xss-protection
0
server
fife
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 		492 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
1421939719645060458
age
202
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 08:32:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:32:31 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
cdn.smugmug.com/include/js/smugpage/ Frame 4AAF 		90 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
cd9ead1d96f5e05bd49c8231ab7856822fdef385c83f0d91e2962ca07a562618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
ua92nt/QNx9KBGOsx7at7w==
x-extra
1725962688.0476
x-request-id
37ad4bc4
content-encoding
gzip
etag
"b9af769edfd0371f4a0463acc7b6adef"
age
6561066
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
jQphkEaVUWjbObpju2eliP9g9DS1h0Lk5dP858njVIRkeEYZQ91sZA==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
27536
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0175
smug-static-cache
Fresh MD5
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=ec58e149, d=i-09beae53177ccdf1c
expires
Wed, 10 Sep 2025 10:04:48 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Tue, 10 Sep 2024 10:04:48 GMT
edge-control
public, max-age=31536000
x-s
100.11.29:1369793
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
core-config-200470ebaf510b112e24ee6a61b5977a.js
cdn.smugmug.com/include/js/smugpage/ Frame 4AAF 		345 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/smugpage/core-config-200470ebaf510b112e24ee6a61b5977a.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
4f47b491ae1ac3f2b5d2ce897bd98dc340c0fb8d5059c354bf13c96eae884f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
fKO5r7z6552ctdW2spq4jQ==
x-extra
1732522816.5634
x-request-id
cac8abd2
content-encoding
gzip
etag
"7ca3b9afbcfae79d9cb5d5b6b29ab88d"
age
938
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
GAeotwy2_ZRpMs9L1sns8pGcTfJ7t4ChxkSC8ADdE-vxwWVdwT3KOQ==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
48443
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0154
smug-static-cache
Fresh MD5
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=e8889be1, d=i-09a18080551a3442d
expires
Tue, 25 Nov 2025 08:20:17 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 25 Nov 2024 08:20:16 GMT
edge-control
public, max-age=31536000
x-s
100.12.229:324449
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
stylesheet.css
cdn.smugmug.com/img/fonts/sofia-pro/v2/ Frame 4AAF 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
bac8ee57b7086f2eac3c07d0852d819ba937a57c16304f9065dfdafbf141d795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.0925
content-md5
HOhv4frU3LMoVBoaYp+i5A==
x-request-id
bc1243ec
x-smugmug-values
4/5 - Dare
content-encoding
gzip
etag
"1ce86fe1fad4dcb328541a1a629fa2e4"
age
13606
x-env
a=live, b=www, c=e8889be1, d=i-00c81ac1995dd1d93
expires
Tue, 26 Nov 2024 04:49:08 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 25 Nov 2024 04:49:08 GMT
content-type
text/css; charset=utf-8
x-s
100.13.39:1860218
vary
Accept-Encoding
last-modified
Fri, 10 Jun 2022 22:58:54 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-amz-cf-id
bqUZXvzlmMwR9ZYIdrpbI2CQIRIcsH7rgLu7-nuidcvWJm-noTLVsw==
x-ttfb-l
519
cache-control
public, max-age=86400
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
content-length
519
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
core-a5354e4f11dd90ae46d9f7b6125084b9.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame 4AAF 		372 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
06387490c83a22e6ea8ce6eded7b073e8469bc46afa2be75e9afc416c6d0d4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
N8jL1y1lbo6o6L/Pen7RQQ==
x-extra
1732219552.6347
x-request-id
e11e4662
content-encoding
gzip
etag
"37c8cbd72d656e8ea8e8bfcf7a7ed141"
age
304202
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
PTRSNW5THFYfJBPxLeMvDIy8G23RmiNy3ngh3f1pUkQ7gAm_PUylfA==
content-type
text/css; charset=utf-8
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
cache-control
public, max-age=31536000
content-length
61900
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0222
smug-static-cache
Fresh MD5
x-smugmug-values
2/5 - Thrill Our Customers
x-env
a=live, b=www, c=e8889be1, d=i-0b0d65f1e70c16833
expires
Fri, 21 Nov 2025 20:05:53 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 20:05:52 GMT
edge-control
public, max-age=31536000
x-s
100.15.42:2750273
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
widget_bundle-d444c68ccac9c24df76b208da45a8d91.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame 4AAF 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/widget_bundle-d444c68ccac9c24df76b208da45a8d91.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
0693bf82a6c3cfc499b9316adb25202beec3c702a832a82753495a8d37821ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
ERxqkzW51HDYGO++y0yTfQ==
x-extra
1726483330.7517
x-request-id
1508284a
content-encoding
gzip
etag
"111c6a9335b9d470d818efbecb4c937d"
age
6040424
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
IH7kmQh3Cc-0QXgz_eo7yXdU_JEs96kUbRi63qqU3URqqyh2sxRgdg==
content-type
text/css; charset=utf-8
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
cache-control
public, max-age=31536000
content-length
9059
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0151
smug-static-cache
Fresh MD5
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=4cf206a9, d=i-096edb86f1006b297
expires
Tue, 16 Sep 2025 10:42:11 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 16 Sep 2024 10:42:10 GMT
edge-control
public, max-age=31536000
x-s
100.1.208:3105465
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
gallery_bundle-4c94933ce49008d0f1dcb556c7f627ae.css
cdn.smugmug.com/include/css/0/0/0/smugmug/ Frame 4AAF 		101 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/css/0/0/0/smugmug/gallery_bundle-4c94933ce49008d0f1dcb556c7f627ae.css
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
c0f86e2e4aee90ce1ffeef49d951618e34e3ed4810a3ed1110ae66f9c051e3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
gT62yrfJzyXztuVJt7debA==
x-extra
1732219552.6684
x-request-id
eee57cc2
content-encoding
gzip
etag
"813eb6cab7c9cf25f3b6e549b7b75e6c"
age
304202
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
OxORrYW8M0lhDVKtgE1_MwT1JdO-duxdUi_0XAVQvBZifVfpAc0d8Q==
content-type
text/css; charset=utf-8
last-modified
Fri, 02 Jun 2023 18:01:13 GMT
cache-control
public, max-age=31536000
content-length
18544
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.015
smug-static-cache
Fresh MD5
x-smugmug-values
3/5 - Deliver Awesome
x-env
a=live, b=www, c=e8889be1, d=i-0b168be38c3aa7c6b
expires
Fri, 21 Nov 2025 20:05:53 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 20:05:52 GMT
edge-control
public, max-age=31536000
x-s
100.13.146:910754
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
smugpage-6DEPD72Y.js
cdn.smugmug.com/include/js/bundles/ Frame 4AAF 		538 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
20c9f643f67728484f8b6826df78f2da34a00c20294e6d2a94ed9504f294e8d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.0154
x-request-id
dbcf47d5
x-smugmug-values
1/5 - Grow Together
content-encoding
gzip
age
290670
x-env
a=live, b=www, c=e8889be1, d=i-0b0d65f1e70c16833
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:24 GMT
content-type
application/javascript; charset=utf-8
x-s
100.15.42:2889053
vary
Accept-Encoding
x-amz-cf-id
aO6DqUfGJFcz_ZBAzeBAQTz2ZAwuLwuXUuoJ1RNNPFj8DvmnlzAv4Q==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
538
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
5ddb142e-32d6-11e8-924a-17d36ace6eee.png
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/custom/image/5ddb142e-32d6-11e8-924a-17d36ace6eee.png
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302abe4269895e6318fa84b97d3f2ab3664bf26efdb824039ebc530a87ec9560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"5abc156b-259e"
age
17956393
cf-cache-status
HIT
expires
Fri, 11 Apr 2025 23:20:41 GMT
cf-polished
origFmt=png, origSize=9630
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
image/webp
content-disposition
inline; filename="5ddb142e-32d6-11e8-924a-17d36ace6eee.webp"
vary
Accept
last-modified
Wed, 28 Mar 2018 22:21:31 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed6ec2fabae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4892
server
cloudflare
673e59a20abca.image.jpg
bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/7/36/736988be-a789-11ef-bd6d-b72133c9a5cf/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/register-herald.com/content/tncms/assets/v3/editorial/7/36/736988be-a789-11ef-bd6d-b72133c9a5cf/673e59a20abca.image.jpg?resize=150%2C124
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f439ccdf94fcc068976d8f7449406fdf70fef61a68993a29b1bccbe169545f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"cd9f82af4832757a5ef5646557801ac4"
age
60609
cf-cache-status
HIT
expires
Mon, 24 Nov 2025 15:13:07 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=3867
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
image/webp
content-disposition
inline; filename="673e59a20abca.webp"
vary
Accept
last-modified
Wed, 20 Nov 2024 21:50:26 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8e804ed6ec30abae-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
3132
server
cloudflare
gtm.js
www.googletagmanager.com/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He4bk0v72758733za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ae182cfa9c887e134c5bbeb853bfba308aeedb7e63c230b257eebe84f5782b75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 08:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78278
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		305 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4bk0v72758733za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ad0fab125019c8792c2639b29e81cbffb1f69c3f2764d026cbe042791feb07de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 08:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
88019
x-xss-protection
0
server
Google Tag Manager
/
optimise.net/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=register-herald.com&t=desktop&c=CA&r=19
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
f904a2ca780779a7cf0c27454b0dcaba169d158f5b9ba7936dc60a03155fb052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
1

Response headers

access-control-max-age
3600
access-control-expose-headers
fs-client-rtt,fs-country
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
expires
0
fs-client-rtt
23
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
fs-country
CA
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=register-herald.com&t=desktop&c=CA&r=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.register-herald.com
access-control-expose-headers
fs-client-rtt,fs-country
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Mon, 25 Nov 2024 08:35:54 GMT
expires
0
fs-client-rtt
17
fs-country
CA
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
7258cd8b-7dad-4495-ba8e-ea0aba663d36
https://www.register-herald.com/ Frame 		0
0
/
register-herald-cnhi-pw.newsmemory.com/ 		193 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=f29d2990f8bc3e72562c48abbf12e76d&v=3&r=6255
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
7451db68b94c168c5c5745e48f73f2ce96a523668f1462e049a389e889ee8a78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Transfer-Encoding
chunked
Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Expires
Mon, 25 Nov 2024 10:35:54 UTC
Access-Control-Allow-Origin
*
Keep-Alive
timeout=2, max=299
Date
Mon, 25 Nov 2024 08:35:54 GMT
Last-Modified
Thu, 17 Aug 2023 14:18:11 UTC
Content-Type
application/x-javascript
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
rules-p-eb6rW8CarLDWY.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-eb6rW8CarLDWY.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"ea52eb301590b357d6e197d77eac3ab0"
age
686
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
kVR83Cp-CybY59jnh58nhXhWypexfKkFDP73CXzxyxd_VL0JEKUhQw==
date
Mon, 25 Nov 2024 08:24:42 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 13 Oct 2022 16:26:57 GMT
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
160
x-amz-cf-pop
EWR53-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
icons-large-defs-ee9e79aaf4bccd0881a864fb3c0eb250.svg
cdn.smugmug.com/include/svg/build/ Frame 4AAF 		62 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/svg/build/icons-large-defs-ee9e79aaf4bccd0881a864fb3c0eb250.svg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
5748c66b763e7c561f8e57b036f76a58909c657cffda9a3acffff99103ffccda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
x-ttfb
0.0099
x-request-id
b9ed3898
content-encoding
gzip
x-smugmug-values
3/5 - Deliver Awesome
age
25190739
x-env
a=live, b=www, c=ec58e149, d=i-001ebc9b2ecbc6e8d
expires
Thu, 06 Feb 2025 19:10:16 GMT
smug-cdn
cloudfront (via www.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Wed, 07 Feb 2024 19:10:15 GMT
edge-control
public, max-age=31536000
content-type
image/svg+xml
x-s
100.9.163:192757
vary
Accept-Encoding
x-amz-cf-id
MWUECmHOpFUDJsQ5sUM7tGUH95nrz31uhNf8cbe765MAYTQv6DNTsQ==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
63479
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
icons-small-defs-58e447dff7a75911debd21d1ba52970e.svg
cdn.smugmug.com/include/svg/build/ Frame 4AAF 		43 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/svg/build/icons-small-defs-58e447dff7a75911debd21d1ba52970e.svg
Requested by
Host: photos.register-herald.com
URL: https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
700bdd4916ae7cdc0bf47f650cbf21ed881fc282e4729afe2814678670e441c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
x-ttfb
0.018
x-request-id
79160689
x-smugmug-values
3/5 - Deliver Awesome
content-encoding
gzip
age
5783744
x-env
a=live, b=www, c=e8889be1, d=i-017d313419e2bf940
expires
Fri, 19 Sep 2025 10:00:10 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 19 Sep 2024 10:00:10 GMT
edge-control
public, max-age=31536000
content-type
image/svg+xml
x-s
100.14.215:805115
vary
Accept-Encoding
x-amz-cf-id
1ZIliP74OVaemU_uwdxOnTVPp2MRtCf1xyW7xzBpdqp9iPcRiaixBQ==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
44112
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D4QVJDNBRB&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4181f322a3238bb2eb8094e8603ce1a6fa0c0ae25b90677767103b8d87dc1508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 08:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109634
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
1626
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 10:08:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:08:48 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7YYJFLQXWS&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
58385770fe21f5d517ad31d59f069f6903960d6de1c88eba34b8442cddf251b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 08:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109636
x-xss-protection
0
server
Google Tag Manager
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:6600:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
W/"665fad8c-9895"
age
77157
cross-origin-resource-policy
cross-origin
via
1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
expires
Mon, 25 Nov 2024 11:09:57 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
notr1L0MtLdg5MBWPMRit3GsTRNXHC6H8f4CHOIDsoUs_TsoNXuNtA==
date
Sun, 24 Nov 2024 11:09:57 GMT
content-type
application/x-javascript
last-modified
Wed, 05 Jun 2024 00:13:00 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d2879e1d888236d5e4f5712fab3e33f866c26b7a3123712cc6f294b83f2b0a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 08:35:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81473
x-xss-protection
0
server
Google Tag Manager
chunk-6277CUBV.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 4AAF 		72 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-6277CUBV.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
74ab74e001689f9d87effd32607338d5728f219a86faff4f122a15f2e27887ff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0278
x-request-id
bd7c2c45
x-smugmug-values
4/5 - Dare
content-encoding
gzip
age
290673
x-env
a=live, b=www, c=e8889be1, d=i-0afa9982b7c648c69
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.14.53:3314829
vary
Accept-Encoding
x-amz-cf-id
DnbyQbkbFd3PFpkWjx_2rDtMZW-I5tMQqlywC523WJo7B2U3d0EkmA==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
73532
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
chunk-UWEQIG5E.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 4AAF 		67 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-UWEQIG5E.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
16ea27af27e740ce6b0a05893f44d314de6b8e4d1f0a1f43d79e1fc421fac73a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0225
x-request-id
9c3ce78f
x-smugmug-values
2/5 - Thrill Our Customers
content-encoding
gzip
age
290673
x-env
a=live, b=www, c=ec58e149, d=i-0885b1deb8871e7c5
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.8.213:75056
vary
Accept-Encoding
x-amz-cf-id
CO3Y3WCbPeNIH9R2hSVUEUHzeKMZM7NdTBRYCgI5GblttUdYKOsO3Q==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
69009
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
chunk-TP6B3ZNP.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 4AAF 		338 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-TP6B3ZNP.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
c9c82d6446bd15b7b992cc15e86119da298f3dc805b81fb777baa24651593d93
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0223
x-request-id
0faf79a5
x-smugmug-values
2/5 - Thrill Our Customers
content-encoding
gzip
age
290673
x-env
a=live, b=www, c=4cf206a9, d=i-02721ee865b461221
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.2.115:3301486
vary
Accept-Encoding
x-amz-cf-id
_KyZDlw8jTYd9_GVU3kVQgTzLIVC3OOva7umfYCcVjVBDnOMv3HSuA==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
345832
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
chunk-F7GNJZUR.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 4AAF 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-F7GNJZUR.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
76b2d22c9e0858cc8b08ff50dbd291d2679031e95a912fbaec60fda771b6c433
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0158
x-request-id
d1ca6564
x-smugmug-values
4/5 - Dare
content-encoding
gzip
age
4546729
x-env
a=live, b=www, c=4cf206a9, d=i-0fd5edc2cfea067c4
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 03 Oct 2024 17:37:05 GMT
content-type
application/javascript; charset=utf-8
x-s
100.3.83:76493
vary
Accept-Encoding
x-amz-cf-id
PQVCopmxGaXU66e9M6Cd2FsyFLpqbP9Z_8wxvkXFwYD7TOfWBO4f-A==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
34563
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
chunk-E3BNR3EF.js
cdn.smugmug.com/include/js/bundles/chunks/ Frame 4AAF 		2 MB
557 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
ddfaead26a52cb4c33361bbf0ab894dc95e0f304b8ffb46923058a24172ea6be
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy frame-ancestors 'none'; sandbox
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/js/bundles/smugpage-6DEPD72Y.js

Response headers

x-ttfb
0.0515
x-request-id
8f38d66b
x-smugmug-values
3/5 - Deliver Awesome
content-encoding
gzip
age
290673
x-env
a=live, b=www, c=ec58e149, d=i-0e2fc266d9c3b0cea
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Thu, 21 Nov 2024 23:51:21 GMT
content-type
application/javascript; charset=utf-8
x-s
100.8.136:2296503
vary
Accept-Encoding
x-amz-cf-id
v5b8Wp7FSpau6RcX-FKDWYMAtzDhxmpLwyQVePCr4ty07yenY3GCCg==
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
1857229
content-security-policy
frame-ancestors 'none'; sandbox
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-content-security-policy
frame-ancestors 'none'; sandbox
x-webkit-csp
frame-ancestors 'none'; sandbox
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?ab=1&zoneid=980335_advertisement_
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
24466
x-cache
Hit from cloudfront
x-amz-cf-id
ZMIaz-rPOKB7RTJrdFivYzKjv3Xsf2k4bSCUR6rP0DPzlRO31qMHtg==
date
Mon, 25 Nov 2024 01:48:09 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 ec677b911dc73d5d7f845b909fe23e68.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
JFK52-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
/
www.register-herald.com/tncms/csrf/token/ 		67 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/tncms/csrf/token/
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/shared-content/art/tncms/api/csrf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store
content-length
67
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
text/plain
af4c3659-0015-4fe2-9dec-c3ce1d82480d
https://www.register-herald.com/ Frame 		0
0
4c89f203-752d-46c4-a729-2ee4a7581c5b
https://www.register-herald.com/ Frame 		0
0
pixel;r=624138473;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.register-herald.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732523754963;tzo=480;ogl=type.website%2Curl.https%3A%...
pixel.quantserve.com/ 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=624138473;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.register-herald.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732523754963;tzo=480;ogl=type.website%2Curl.https%3A%2F%2Fwww%252Eregister-herald%252Ecom%2F%2Cimage.https%3A%2F%2Fbloximages%252Echicago2%252Evip%252Etownnews%252Ecom%2Fregister-herald%252Ecom%2Fcontent%2Ftncms%2Fc%2Cimage%3Awidth.200%2Cimage%3Aheight.200%2Ctitle.register-herald%252Ecom%20%7C%20In%20Print%252E%20Online%252E%20Anytime%252E%2Csite_name.Beckley%20Register-Herald;ses=aaa5fa1b-c518-48a0-b5de-8292fea091e4;d=register-herald.com;uht=2;fpan=1;fpa=P0-1865465956-1732523754967;pbc=;gdpr=0;us_privacy=1---;mdl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date
Mon, 25 Nov 2024 08:35:55 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type
image/gif
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D4QVJDNBRB&gtm=45je4bk0v9101195585z871530764za200zb71530764&_p=1732523753096&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868779135.1732523755&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732523755&sct=1&seg=0&dl=https%3A%2F%2Fwww.register-herald.com%2F&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3105
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4QVJDNBRB&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2059270248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1932333696&gjid=1923867461&cid=868779135.1732523755&tid=UA-3850501-28&_gid=1907392739.1732523755&_slc=1&gtm=45He4bk0n71MJDQXDv71530764za200&cd2=1732523753760.p112hlvq&cd3=2024-11-25T00%3A35%3A53.761-08%3A00&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1262024545
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3850501-28&cid=868779135.1732523755&jid=1932333696&gjid=1923867461&_gid=1907392739.1732523755&_u=YCDAgEABAAAAAGAAI~&z=484326202
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2059270248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAGAAI~&jid=2054997465&gjid=1412414461&cid=868779135.1732523755&tid=UA-2313981-1&_gid=1907392739.1732523755&_slc=1&gtm=45He4bk0n71MJDQXDv71530764za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1635674757
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2313981-1&cid=868779135.1732523755&jid=2054997465&gjid=1412414461&_gid=1907392739.1732523755&_u=YCDAgEABAAAAAGAAI~&z=849977402
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
www.google-analytics.com/j/ 		15 B
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2059270248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAEABAAAAAGAAI~&jid=893559784&gjid=1678258762&cid=868779135.1732523755&tid=UA-101908882-1&_gid=1907392739.1732523755&_r=1&_slc=1&z=486723878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd7cf24e7130670073acb303d5d23086ed076f7813153ece3c67cf5037b5db67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2059270248&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section&ea=Load&el=homepage&ev=1&_u=YCDAgEABAAAAAGAAI~&jid=&gjid=&cid=868779135.1732523755&tid=UA-3850501-28&_gid=1907392739.1732523755&gtm=45He4bk0n71MJDQXDv71530764za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1720243863
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
39168
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 24 Nov 2024 21:43:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7YYJFLQXWS&gtm=45je4bk0v9105969367z871530764za200zb71530764&_p=1732523753096&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868779135.1732523755&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732523755&sct=1&seg=0&dl=https%3A%2F%2Fwww.register-herald.com%2F&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&en=page_view&_fv=1&_ss=1&tfd=3277
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7YYJFLQXWS&l=dataLayer&cx=c&gtm=45He4bk0v71530764za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
text/plain
server
Golfe2
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		123 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
870fb43084d88849bbf9c2f20491fde93d49d92c2aa71f12ed781b18c64d4658

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"bba5ce03eee4021ae6d7e827cf7640b9"
age
405
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 08:08:44 GMT
vary
Accept-Encoding
x-amz-id-2
pvbFiaVDQ64TLWiAJKiqguSUKYTWDNqBwjY94ZIR8QBrqWozz+WjiovTkjM0sthB74Auu21ant8=
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
57FEM1SSE11X4FNB
cf-ray
8e804ede7d8a36b0-YYZ
accept-ranges
bytes
content-length
26631
server
cloudflare
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
1626
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 10:08:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:08:48 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
ping
ping.chartbeat.net/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=register-herald.com&p=%2F&u=CwJ-NoDuCpkvD0wRk2&d=register-herald.com&g=34377&g0=homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=13341&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.register-herald.com%2F&b=3371&t=C7JHUFD8j5odBfBLpw2hECdDXek0Y&V=147&i=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&tz=480&sn=1&sv=Dt72NjDhzPOJD5BrXIByyHw1amYna&sr=external&sd=1&im=067b2ffa&_
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.198.22.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-22-224.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

expires
0
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Mon, 25 Nov 2024 08:35:55 GMT
pragma
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.register-herald.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Nov 2024 08:35:55 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
combo.js
cdn.smugmug.com/include/combo/ Frame 4AAF 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/combo/combo.js?13c86319&yui/3/cookie/cookie-min.js&yui/3/history-base/history-base-min.js&yui/3/history-hash/history-hash-min.js&yui/3/history-html5/history-html5-min.js&yui/3/event-key/event-key-min.js&yui/3/event-outside/event-outside-min.js&yui/3/attribute-complex/attribute-complex-min.js&yui/3/classnamemanager/classnamemanager-min.js&yui/3/event-focus/event-focus-min.js&yui/3/widget-base/widget-base-min.js&yui/3/widget-htmlparser/widget-htmlparser-min.js&yui/3/widget-skin/widget-skin-min.js&yui/3/widget-uievents/widget-uievents-min.js&yui/3/widget-autohide/widget-autohide-min.js&yui/3/button-core/button-core-min.js&yui/3/button-plugin/button-plugin-min.js&yui/3/widget-stdmod/widget-stdmod-min.js&yui/3/widget-buttons/widget-buttons-min.js&yui/3/widget-modality/widget-modality-min.js&yui/3/widget-position/widget-position-min.js&yui/3/widget-position-align/widget-position-align-min.js&yui/3/widget-position-constrain/widget-position-constrain-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
d8d0c6936da58940112f51b84fc4c2ea1393ad348963fe380643e38acabd677c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
IeOoElyK8EYl1AW2PTeZQA==
x-request-id
0804ce48
content-encoding
gzip
etag
"21e3a8125c8af04625d405b63d379940"
age
2984780
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
nbTAaNKscHY1AYMuIQXHYq_Fo7JBdiTwVClfo_eRB6uf__3OYuuFjQ==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
16774
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0157
x-smugmug-values
5/5 - Empower Passion
x-env
a=live, b=www, c=ec58e149, d=i-0c0aa0ac8e81b5df4
expires
Tue, 21 Oct 2025 19:29:36 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 21 Oct 2024 19:29:35 GMT
edge-control
public, max-age=31536000
x-s
100.9.17:80324
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
combo.js
cdn.smugmug.com/include/combo/ Frame 4AAF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/combo/combo.js?13c86319&yui/3/widget-stack/widget-stack-min.js&yui/3/panel/panel-min.js&yui/3/yui-throttle/yui-throttle-min.js&yui/3/dd-ddm-base/dd-ddm-base-min.js&yui/3/dd-drag/dd-drag-min.js&yui/3/dd-plugin/dd-plugin-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
e752952af381ed1e89cd1f11c914d071199049f896192feac4a68b64f9fe62ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
sH+TZK67cEtiMO/usWloGA==
x-request-id
58e21e3f
content-encoding
gzip
etag
"b07f9364aebb704b6230efeeb1696818"
age
6564573
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
QnB3_Cw6blJNdoUyIJQG55Rs0_Y1VU-fZQCN5G5gKWieUSUX4S07og==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
5567
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0164
x-smugmug-values
5/5 - Empower Passion
x-env
a=live, b=www, c=ec58e149, d=i-065dc3bd781d6ee24
expires
Wed, 10 Sep 2025 09:06:22 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Tue, 10 Sep 2024 09:06:22 GMT
edge-control
public, max-age=31536000
x-s
100.10.40:1582859
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
combo.js
cdn.smugmug.com/include/js/lib/build/combo/ Frame 4AAF 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/lib/build/combo/combo.js?sm-templates-form/f159/sm-templates-form-min.js&sm-fields/95ad/sm-fields-min.js&sm-panel-draggable/ae55/sm-panel-draggable-min.js&sm-panel/e014/sm-panel-min.js&sm-terms-of-use/e945/sm-terms-of-use-min.js&sm-page-nav-login/e217/sm-page-nav-login-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
4635963601b388f845ec836fff1c510db5dde31ef3591a87622feec8d851cd1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
HkuqnHFQcHAT0gptRsqQhg==
x-request-id
6512f86e
content-encoding
gzip
etag
"1e4baa9c7150707013d20a6d46ca9086"
age
5861782
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
xomz7roGwRpUdBK3ZbmqlAyL4tcSgRjBc1rAPRA6Jlp2TFy1UHK2Wg==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
5764
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0146
x-smugmug-values
4/5 - Dare
x-env
a=live, b=www, c=ec58e149, d=i-0baa6f840b2f77a71
expires
Thu, 18 Sep 2025 12:19:34 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Wed, 18 Sep 2024 12:19:33 GMT
edge-control
public, max-age=31536000
x-s
100.10.94:3368745
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
combo.js
cdn.smugmug.com/include/js/app/build/combo/ Frame 4AAF 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/app/build/combo/combo.js?sm-login-helpers/65cc/sm-login-helpers-min.js&sm-login/d1f3/sm-login-min.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
505d1da0bb68322b9276866435a2b0b006ba5e51fe250942031e9fe3d214b7ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
0/L9NS3tVtAm5Xf4MCYh2g==
x-request-id
1ac23bb9
content-encoding
gzip
etag
"d3f2fd352ded56d026e577f8302621da"
age
6039360
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
LZs9T5f6-eHg5wO8tzf4eM4bRxT1VBWyKU59M3UC1g9k5LiyQPZ5JQ==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
4107
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0135
x-smugmug-values
2/5 - Thrill Our Customers
x-env
a=live, b=www, c=e8889be1, d=i-04a1f1c3a2577036e
expires
Tue, 16 Sep 2025 10:59:55 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 16 Sep 2024 10:59:55 GMT
edge-control
public, max-age=31536000
x-s
100.13.9:1181108
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
a66e5d49-7aaa-4387-89ac-4f37ab801ac5
https://www.register-herald.com/ Frame 		0
0
js
www.googletagmanager.com/gtag/ 		308 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0c11cb6090c93f5afe72d6f1921f816a2db6147dc10cced0b0a81c4e276e8b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 08:35:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106450
x-xss-protection
0
server
Google Tag Manager
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410301053/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410301053/wrap.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"d0b0bc4f725f8e2c71589dc3208c484d"
age
1992447
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 14:54:35 GMT
vary
Accept-Encoding
x-amz-id-2
NG7vuX0i5S4XKFXpry2Tx40DDSFecIxOuPACcTdk7aWyIlUfYtQ0mj4GrPa6S2aWbAfQmQF5htbaUZnPFrp77vVEk4ct7qwW
cache-control
public, max-age=31536000
x-amz-request-id
CJQ68YHS97KFTS2W
cf-ray
8e804ee1cf2b36b0-YYZ
accept-ranges
bytes
content-length
110098
server
cloudflare
x-amz-server-side-encryption
AES256
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=37vnl4QqM3VmczY1f3HWgMRH2ZLlObzJbHG8pho%2FN7A%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=37vnl4QqM3VmczY1f3HWgMRH2ZLlObzJbHG8pho%2FN7A%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=37vnl4QqM3VmczY1f3HWgMRH2ZLlObzJbHG8pho%2FN7A%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Nov 2024 08:35:55 GMT
vary
origin
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.register-herald.com&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8e804ee2992c7133-YUL
access-control-allow-origin
*
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
p3p
CP="CAO PSA OUR"
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f982d54df817cd30bcb7c640dc9fd3c71c4c775bbc789dedf835e589c6f1dfc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Wed, 25 Dec 2024 08:35:55 GMT
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=eiSfNDzrcKcy1gF%2BbWyhZVh84PHEuaNEQEazasoK0FA%3D
42 B
58 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=eiSfNDzrcKcy1gF%2BbWyhZVh84PHEuaNEQEazasoK0FA%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Mon, 25 Nov 2024 08:35:54 GMT
content-type
application/json
vary
origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.50.0&coppa=0&us_privacy=1---&b=1&tp=eiSfNDzrcKcy1gF%2BbWyhZVh84PHEuaNEQEazasoK0FA%3D
access-control-allow-credentials
true
referrer-policy
unsafe-url
via
1.1 google
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Nov 2024 08:35:55 GMT
vary
origin
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.register-herald.com&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
allow
POST, OPTIONS, GET
cf-ray
8e804ee2c93a7133-YUL
access-control-allow-origin
*
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
p3p
CP="CAO PSA OUR"
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f982d54df817cd30bcb7c640dc9fd3c71c4c775bbc789dedf835e589c6f1dfc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Wed, 25 Dec 2024 08:35:55 GMT
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 08:35:55 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
af32b8c2-fbde-42a6-9f31-b9bc33710559
https://www.register-herald.com/ Frame 		0
0
7f6bd2c5-494b-4904-9d8b-456fe3589ecf
https://www.register-herald.com/ Frame 		0
0
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		106 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
cknvhRie0d.5LSRvFhB35AONaxh2m0FR
etag
W/"ca62e8a5580d4550920a84f5b7875661"
age
93
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
3sIRGG6Ozy9K3SIybvHQEjk_bK3WGe7NI849iwR4syPMR3znySoEjg==
date
Mon, 25 Nov 2024 08:34:24 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Tue, 19 Nov 2024 19:35:36 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 4b6b5023747759b0047c5cbc8d742cea.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
/
sentry.io/api/1729937/envelope/ Frame 4AAF 		2 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1729937/envelope/?sentry_key=a50725d1f5884564b5c9f506e44fde72&sentry_version=7&sentry_client=sentry.javascript.browser%2F8.34.0
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://photos.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
snowplow_2-20230602110113.js
cdn.smugmug.com/include/js/ Frame 4AAF 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/include/js/snowplow_2-20230602110113.js
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

surrogate-control
public, max-age=31536000
content-md5
EwuBovMqM+rLBTrFUN6G+Q==
x-extra
1726482510.8637
x-request-id
c2507692
content-encoding
gzip
etag
"130b81a2f32a33eacb053ac550de86f9"
age
6041246
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
x-amz-cf-id
_TDAOqym_m4JbA4T2bWjjx3VAMrunufIVN40RXYoCoc3tYXprKamxA==
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
content-length
30140
x-powered-by
SmugMug/1.0
server
nginx
x-ttfb
0.0136
smug-static-cache
Fresh Timestamp
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=e8889be1, d=i-05b7473238bcce68e
expires
Tue, 16 Sep 2025 10:28:31 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 16 Sep 2024 10:28:30 GMT
edge-control
public, max-age=31536000
x-s
100.13.55:858977
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-ttfb-l
0
timing-allow-origin
*
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
cookiemonster.mg
www.smugmug.com/include/js/ Frame 33D4
Redirect Chain
  • https://www.smugmug.com/include/js/cookiemonster.mg?returnTo=https://photos.register-herald.com
  • https://photos.register-herald.com/include/js/cookiemonster.mg?returnTo=https://www.smugmug.com
  • https://www.smugmug.com/include/js/cookiemonster.mg?smsess=8d6b14c75270e0b092c6fd7f9ecdde98&skey=f5f0da46bbcaa7b03c36e8d1d84da628
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.smugmug.com/include/js/cookiemonster.mg?smsess=8d6b14c75270e0b092c6fd7f9ecdde98&skey=f5f0da46bbcaa7b03c36e8d1d84da628
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://photos.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, no-store, no-cache, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 08:35:56 GMT
expires
Mon, 25 Nov 2024 08:35:55 GMT
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
server
nginx
smug-cdn
cloudfront (via www.smugmug.com)
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 1baed9857df8e3a07a6cd7cd51feb3f8.cloudfront.net (CloudFront)
x-amz-cf-id
MQLEiK5vSVTVguJQIA5GI3HPms8oXggUE9NAo9d7zcz0gOJqbKloDw==
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
x-env
a=live, b=www, c=4cf206a9, d=i-0fe0d2be16f2f1786
x-powered-by
SmugMug/1.0
x-request-id
152be5e1
x-s
100.1.200:541442
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
2/5 - Thrill Our Customers
x-ttfb
0.0115
x-ttfb-l
15
x-ua-compatible
IE=edge

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Nov 2024 08:35:56 GMT
Server
nginx
cache-control
private, no-store, no-cache, max-age=0
expires
Mon, 25 Nov 2024 08:35:55 GMT
location
https://www.smugmug.com/include/js/cookiemonster.mg?smsess=8d6b14c75270e0b092c6fd7f9ecdde98&skey=f5f0da46bbcaa7b03c36e8d1d84da628
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
smug-cdn
cloudflare (via photos.register-herald.com)
x-env
a=live, b=www, c=4cf206a9, d=i-0584bc679de4a5863
x-powered-by
SmugMug/1.0
x-request-id
a9096065
x-s
100.1.194:1921472
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
x-smugmug-values
2/5 - Thrill Our Customers
x-ttfb
0.0168
x-ttfb-l
0
x-ua-compatible
IE=edge
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 4AAF 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&returnModelList=true&idCopy=true&PageNumber=1&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.58.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-58-193.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
3825de2c10fd4a7fab0305f3744d1196-abe3a2992b18c90b-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=3825de2c10fd4a7fab0305f3744d1196,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.1233
x-request-id
0700596e
content-encoding
gzip
x-smugmug-values
3/5 - Deliver Awesome
x-env
a=live, b=www, c=4cf206a9, d=i-0584bc679de4a5863
expires
Mon, 25 Nov 2024 08:35:55 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 08:35:56 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.1.194:1923108
x-frame-options
DENY
x-ttfb-l
33878
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
4230
x-powered-by
SmugMug-API/1.4.0
Server
nginx
config.js
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 		170 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c80b68da6328822b6e3897025102798f10f5166d39e0ce73a42cf64e437f5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"9875d130056bfb9c5848dd4208e5ca48"
age
325
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 08:07:30 GMT
vary
Accept-Encoding
x-amz-id-2
y3+y4MMF2D4LZCYrEL+ZRxv8w1aTSE3Kr4fOm4mh8qwarOOwgN1bMG9zqPJQhF3mj0QcNxjZeKVtQpV4C5HVyw==
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
M0HXA92G1M5RXC8Y
cf-ray
8e804ee3bfdb36b0-YYZ
accept-ranges
bytes
content-length
36895
server
cloudflare
x-amz-server-side-encryption
AES256
quant.js
secure.quantserve.com/ 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"mLYq618hJoRcW1Crupr2OQ=="
expires
Mon, 02 Dec 2024 08:35:53 GMT
accept-ranges
bytes
date
Mon, 25 Nov 2024 08:35:53 GMT
content-type
application/javascript
vary
Accept-Encoding
freestar_close_button.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/freestar_close_button.svg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=xUDeFg==, md5=1OG2/3P8Bvg2SBLmidtA+g==
cf-cache-status
HIT
etag
W/"d4e1b6ff73fc06f8364812e689db40fa"
age
75
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 09:35:56 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1211
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
image/svg+xml
last-modified
Wed, 04 Sep 2024 08:16:13 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC4yup_LW1kAOPEMTlBwQ-KMrGXFE8SNysuajRa4cE42f6Obf9tBr1_tPFOnzMkAL3Gl4mk
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ee3fafdaa95-YYZ
access-control-allow-origin
*
x-goog-generation
1725437773526766
server
cloudflare
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
75
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 09:35:56 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC5Fj7HE3MUckBlXGDleu2s1GvimNm08i9dZgxIE0WaxEbUxm_jxQq3pb8YC8kHwso4-fxnBbX7VKA
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ee41b03aa95-YYZ
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame C2ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28994
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:10:18 GMT
expires
Mon, 25 Nov 2024 09:00:18 GMT
last-modified
Mon, 18 Nov 2024 20:43:40 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4bk0v887101457z8861227858za200zb861227858&_p=1732523753096&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868779135.1732523755&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&dl=https%3A%2F%2Fwww.register-herald.com%2F&sid=1732523756&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.register-herald.com%2F&epn.townnews_crm_group_id=13&ep.generator=BLOX&ep.generator_version=1.83.2&tfd=4313
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=868779135.1732523755&gtm=45je4bk0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 8DBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=868779135.1732523755&gtm=45je4bk0v887101457z8861227858za200zb861227858&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=756625953
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:35:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=868779135.1732523755&gtm=45je4bk0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1200051322
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 25 Nov 2024 08:35:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
a6909474-636c-49e8-ba7f-9f23dbffb137
https://www.register-herald.com/ Frame 		0
0
49918b52-4077-4f35-b90f-56795b8b1d7e
https://www.register-herald.com/ Frame 		0
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46311b08c6775f4a3598bec2532b2767d4c9ef866b8af6399e6cfa57079c4c38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
J6xG0q7LpAN08sdn9Kl4P8QPe085plre
etag
W/"9a459088a5d6405a19f4614acfb211d0"
age
8697
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
OgeYByoA88LpcSEMbe-bjEJbx8qeC-KFCzAZBCmR3TF83iubKH2Omg==
date
Mon, 25 Nov 2024 06:11:00 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Tue, 19 Nov 2024 19:35:38 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 c49eddbbbee7a3b1464851f470bede1e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
tp2
stats-new.smugmug.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stats-new.smugmug.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.122.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-122-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://photos.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://photos.register-herald.com
access-control-max-age
600
content-length
0
date
Mon, 25 Nov 2024 08:35:56 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
tp2
stats-new.smugmug.com/com.snowplowanalytics.snowplow/ Frame 4AAF 		2 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats-new.smugmug.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.122.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-122-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://photos.register-herald.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
https://photos.register-herald.com
content-length
2
date
Mon, 25 Nov 2024 08:35:56 GMT
server
nginx
access-control-allow-credentials
true
e43ad970-87b2-4a8d-b7a1-bde9e5beb6cf
https://www.register-herald.com/ Frame 		0
0
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202410281039/ 		297 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202410281039/wrap.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c9169c2b7794bd05638c48d359e14f040e1129328b45836d4266ff6050ab3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"79984221516a05bb1ece450d155f0386"
age
1633884
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 28 Oct 2024 16:01:55 GMT
vary
Accept-Encoding
x-amz-id-2
0H3Ewif5W6vKEgiX5EKMbq0ZSAiio0SXOguVYainvSkRnYGlhV8l1CTazqbZMcs1UG4UA9wfWHk=
cache-control
public, max-age=31536000
x-amz-request-id
TF9MMA3TA4HA0SSF
cf-ray
8e804ee6790936b0-YYZ
accept-ranges
bytes
content-length
108040
server
cloudflare
x-amz-server-side-encryption
AES256
nuicons24-v30.woff2
cdn.smugmug.com/img/fonts/ Frame 4AAF 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.smugmug.com/img/fonts/nuicons24-v30.woff2
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
32585c4ce1f4c35d5bf2a8b6d910ff18ec3c43850eff616406d0c4aa7115956a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://photos.register-herald.com
Referer
https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-a5354e4f11dd90ae46d9f7b6125084b9.css

Response headers

x-ttfb
0.1135
content-md5
f4L3RUWvXq8n3h/6Y5kP1A==
x-request-id
d77a34da
x-smugmug-values
4/5 - Dare
etag
"7f82f74545af5eaf27de1ffa63990fd4"
age
6553417
x-env
a=live, b=www, c=ec58e149, d=i-01dfeb84ebc08d2b6
expires
Wed, 10 Sep 2025 12:12:20 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Tue, 10 Sep 2024 12:12:19 GMT
content-type
font/woff2
x-s
100.11.68:3843287
last-modified
Wed, 07 Feb 2024 16:03:37 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-amz-cf-id
0xlNo6ZjlgtOaY0ApGkneeiTwBFBZiGN4qUZO3YHajYdK6IfTjhdkw==
x-ttfb-l
21488
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
21488
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx
v2!token
photos.register-herald.com/api/ Frame 4AAF 		405 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/api/v2!token?APIKey=W0g9oqdOrzuhEpIQ2qaTXimrzsfryKSZ
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.58.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-58-193.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
534dc6dd738fbf4a765539735af2202ce2dcaf6b2899b5eed7834ac0d6964bbd
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
3825de2c10fd4a7fab0305f3744d1196-9a1ccaeb8e2d3934-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=3825de2c10fd4a7fab0305f3744d1196,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.0259
x-request-id
4c0d2c9a
content-encoding
gzip
x-smugmug-values
5/5 - Empower Passion
x-env
a=live, b=www, c=4cf206a9, d=i-09fc46bd67833ff63
expires
Mon, 25 Nov 2024 08:35:56 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
Date
Mon, 25 Nov 2024 08:35:56 GMT
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
x-s
100.0.110:919179
x-frame-options
DENY
x-ttfb-l
405
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-origin
https://photos.register-herald.com
Content-Length
268
x-powered-by
SmugMug/1.0
Server
nginx
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 4AAF 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&idCopy=true&PageNumber=1&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.58.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-58-193.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
3825de2c10fd4a7fab0305f3744d1196-895f0b1e96abaa64-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=3825de2c10fd4a7fab0305f3744d1196,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.13
x-request-id
a615fbbb
content-encoding
gzip
x-smugmug-values
5/5 - Empower Passion
x-env
a=live, b=www, c=ec58e149, d=i-0f104090a548cbd9c
expires
Mon, 25 Nov 2024 08:35:56 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 08:35:56 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.11.100:1754609
x-frame-options
DENY
Transfer-Encoding
chunked
x-ttfb-l
33878
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
x-powered-by
SmugMug-API/1.4.0
Server
nginx
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 4AAF 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&idCopy=true&PageNumber=2&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.58.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-58-193.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
3825de2c10fd4a7fab0305f3744d1196-abe62c2e78f07b0a-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=3825de2c10fd4a7fab0305f3744d1196,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.1176
x-request-id
8f955fcb
content-encoding
gzip
x-smugmug-values
3/5 - Deliver Awesome
x-env
a=live, b=www, c=4cf206a9, d=i-0ffa178c15d8625af
expires
Mon, 25 Nov 2024 08:35:56 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 08:35:56 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.0.197:4090938
x-frame-options
DENY
Transfer-Encoding
chunked
x-ttfb-l
33878
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
x-powered-by
SmugMug-API/1.4.0
Server
nginx
240525-photo-westside%20graduation%2002-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LxMxrRF/0/MxBjWPZ5v9RS6TjKCLxDTKh2Rc8h4XN2WgdZCXjJZ/S/ Frame 4AAF 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LxMxrRF/0/MxBjWPZ5v9RS6TjKCLxDTKh2Rc8h4XN2WgdZCXjJZ/S/240525-photo-westside%20graduation%2002-S.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
268a82621b02246caf8a54bb04015e1b9df065c23ef5aeae36d6608eaaac28bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.1319
content-md5
GsD+BsSfgVMou1ZaZTBy3g==
x-robots-tag
index, archive
x-request-id
mG-Vzpo95vYjeIm0hB5hPLeBxO_K0_Wjme1K_CDJ1TiZ_z5YB8cVXg==
x-smug-ct
m
etag
"1ac0fe06c49f815328bb565a653072de"
age
13100009
x-env
a=live, b=photoserve, c=e8889be1, d=i-05d92d428554c9c5f
expires
Thu, 26 Jun 2025 17:42:27 GMT
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
x-ua-compatible
IE=edge
date
Wed, 26 Jun 2024 17:42:27 GMT
x-smug-ph
0.0275
content-type
image/jpeg
last-modified
Sat, 25 May 2024 11:09:29 GMT
x-response
Buffer
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-smug-v
17
x-ttfb-l
0
cache-control
public, max-age=31536000
x-amz-cf-id
fo_ce9Z6op_jpb5zPve44sE_ONwvMQ6FFSIcG4yqsHNVBcB0N4AhEQ==
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-smug-d
Wed, 26 Jun 2024 10:42:27 PDT
content-length
65737
smug-content-length
65737
x-amz-cf-pop
EWR53-P1
server
nginx
240525-photo-westside%20graduation%2001-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-8M8GZGL/0/M8KzXVtRff5SZWVq85J3hwmQDKmNg5sMFmJGPF9ZF/S/ Frame 4AAF 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-8M8GZGL/0/M8KzXVtRff5SZWVq85J3hwmQDKmNg5sMFmJGPF9ZF/S/240525-photo-westside%20graduation%2001-S.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
f3ce13fad7c845235767cb1ce6dde20a5cd4024f0f305aeffc71c594284a91b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.105
content-md5
T6bPYX0vgTkK7niowa7WSg==
x-robots-tag
index, archive
x-request-id
7Jietqno6cf3wvmpOlgnrAbjsNOlD-pqCDq0JJgtr83K2qB5hDR_JQ==
x-smug-ct
m
etag
"4fa6cf617d2f81390aee78a8c1aed64a"
age
13100007
x-env
a=live, b=photoserve, c=e8889be1, d=i-0ed718ae3f4a4204d
expires
Thu, 26 Jun 2025 17:42:29 GMT
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
x-ua-compatible
IE=edge
date
Wed, 26 Jun 2024 17:42:29 GMT
x-smug-ph
0.0677
content-type
image/jpeg
last-modified
Sat, 25 May 2024 11:09:29 GMT
x-response
Buffer
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-smug-v
17
x-ttfb-l
0
cache-control
public, max-age=31536000
x-amz-cf-id
KeFszNKAqzdaa3_OM1X4PByKwbHMT1CaEBhSjzIcO9445EXnISbkpQ==
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-smug-d
Wed, 26 Jun 2024 10:42:29 PDT
content-length
37209
smug-content-length
37209
x-amz-cf-pop
EWR53-P1
server
nginx
240525-photo-westside%20graduation%2003-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-FKdWMnS/0/LR9j2jpT4rKzQ7bNTWrqSdfTKn3LpJBp2rbdWwMB8/S/ Frame 4AAF 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-FKdWMnS/0/LR9j2jpT4rKzQ7bNTWrqSdfTKn3LpJBp2rbdWwMB8/S/240525-photo-westside%20graduation%2003-S.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
281e701c74c7a82bd98ec52525a2d51ae64ab893db20f89443569077d88be841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.0644
content-md5
m6mFDtJbGyQj13V3QLZH0Q==
x-robots-tag
index, archive
x-request-id
4Rs-mOLu_CA0v4BfsbAGirRBIlcZ8PA-myiqDX-nZCR3uzA4g5vvJg==
x-smug-ct
m
etag
"9ba9850ed25b1b2423d7757740b647d1"
age
13100006
x-env
a=live, b=photoserve, c=4cf206a9, d=i-0e5d8552281940803
expires
Thu, 26 Jun 2025 17:42:30 GMT
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
x-ua-compatible
IE=edge
date
Wed, 26 Jun 2024 17:42:30 GMT
x-smug-ph
0.0279
content-type
image/jpeg
last-modified
Sat, 25 May 2024 11:09:30 GMT
x-response
Buffer
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-smug-v
17
x-ttfb-l
0
cache-control
public, max-age=31536000
x-amz-cf-id
Ffpaw49hGCYCSW9JM_e3j-Y3476b4miQAObwS8ic-2_5o7lIJAiczA==
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-smug-d
Wed, 26 Jun 2024 10:42:30 PDT
content-length
50087
smug-content-length
50087
x-amz-cf-pop
EWR53-P1
server
nginx
js
www.googletagmanager.com/gtag/ 		278 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JD3VHQYLPF&cx=c&_slc=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c258612c0cd334872c05a3cf75f5db4f3cf2b4a4f4c562822e10ea2496ea98a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 08:35:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99991
x-xss-protection
0
server
Google Tag Manager
apstag.js
c.amazon-adsystem.com/aax2/ 		345 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"812ceba01127f3bf5aede260eaddcd29"
age
1866
via
1.1 30c685f6079b8142334973866010be4c.cloudfront.net (CloudFront), 1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
pE8khp3V0Wn1yeufaQNFMoM5z74J_8SFsuXktwIap6X9doqN7CLwSg==
date
Mon, 25 Nov 2024 08:04:51 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:07 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P7, JFK50-P3
x-amz-server-side-encryption
AES256
diberp-tcx-v7.13.0.js
www.americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
etag
"f085c7609fb7c47fb72fd768d721373e"
x-goog-stored-content-encoding
gzip
expires
Tue, 25 Nov 2025 08:35:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
104504
date
Mon, 25 Nov 2024 08:35:56 GMT
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
vary
Accept-Encoding, Origin
content-type
text/javascript
x-guploader-uploadid
AFiumC63d-f3XcodwdyotyZuR5dDF8f6Jvfc_BlDa8AiRNnNf07TnK9NYlDG8hdhmARLaM-IecY
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1661782821233427
content-length
104504
server
UploadServer
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.50.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
40e16943-66d5-4e08-946d-6d797275674b
https://www.register-herald.com/ Frame 		0
0
tsub-middleware.bundle.c0f5511a001f780f591f.js
cdn.segment.com/analytics-next/bundles/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id
Vi.Yd9Ms0_IN3OjbGlsA.1p3ArQ5RR1f
age
4003464
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
RMih9ZZecKYY5a3N8Wzwq3_DXhPsERBf_LnB7bwSR2jyyIPfW1DDdQ==
date
Thu, 10 Oct 2024 00:31:33 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 16:14:51 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 4b6b5023747759b0047c5cbc8d742cea.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
/
register-herald-cnhi-pw.newsmemory.com/ 		88 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://register-herald-cnhi-pw.newsmemory.com/?meter&service=autologout&ta_MACHINE_ID=f29d2990f8bc3e72562c48abbf12e76d&r=1732523756723
Requested by
Host: register-herald-cnhi-pw.newsmemory.com
URL: https://register-herald-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=f29d2990f8bc3e72562c48abbf12e76d&v=3&r=6255
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.107 , United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Content-Length
88
Keep-Alive
timeout=2, max=300
Date
Mon, 25 Nov 2024 08:35:56 GMT
Content-Type
text/html
Server
Apache
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
liveView.php
live.primis.tech/live/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0c9623bc4920ca872d5a2169e494da19fa1e028981f5734ef0b423c83108cc75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-amz-cf-id
zlcdHTInko0Aah-S1pMHCuog8K6VUew-pIPSh9ooVU6_umNO8Ga-cQ==
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
JFK52-P5
240525-photo-westside%20graduation%2002-S.jpg
photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LxMxrRF/0/MxBjWPZ5v9RS6TjKCLxDTKh2Rc8h4XN2WgdZCXjJZ/S/ Frame 4AAF 		64 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos.smugmug.com/HomePageSlideshow/Daily-Photos/i-LxMxrRF/0/MxBjWPZ5v9RS6TjKCLxDTKh2Rc8h4XN2WgdZCXjJZ/S/240525-photo-westside%20graduation%2002-S.jpg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
268a82621b02246caf8a54bb04015e1b9df065c23ef5aeae36d6608eaaac28bf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.1319
content-md5
GsD+BsSfgVMou1ZaZTBy3g==
x-robots-tag
index, archive
x-request-id
mG-Vzpo95vYjeIm0hB5hPLeBxO_K0_Wjme1K_CDJ1TiZ_z5YB8cVXg==
x-smug-ct
m
etag
"1ac0fe06c49f815328bb565a653072de"
age
13100009
x-env
a=live, b=photoserve, c=e8889be1, d=i-05d92d428554c9c5f
expires
Thu, 26 Jun 2025 17:42:27 GMT
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
x-ua-compatible
IE=edge
date
Wed, 26 Jun 2024 17:42:27 GMT
x-smug-ph
0.0275
content-type
image/jpeg
last-modified
Sat, 25 May 2024 11:09:29 GMT
x-response
Buffer
x-frame-options
DENY
x-smug-v
17
x-ttfb-l
0
cache-control
public, max-age=31536000
x-amz-cf-id
fo_ce9Z6op_jpb5zPve44sE_ONwvMQ6FFSIcG4yqsHNVBcB0N4AhEQ==
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-smug-d
Wed, 26 Jun 2024 10:42:27 PDT
content-length
65737
smug-content-length
65737
x-amz-cf-pop
EWR53-P1
server
nginx
spacer.gif
cdn.smugmug.com/img/ Frame 4AAF
Redirect Chain
  • https://photos.register-herald.com/img/spacer.gif
  • https://cdn.smugmug.com/img/spacer.gif
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.smugmug.com/img/spacer.gif
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
54.192.199.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-199-162.ewr53.r.cloudfront.net
Software
nginx / SmugMug/1.0
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://photos.register-herald.com/

Response headers

x-ttfb
0.1463
content-md5
MlRyYBVx8x4b8AZ0w2jTNQ==
x-request-id
0ef22a27
x-smugmug-values
1/5 - Grow Together
etag
"325472601571f31e1bf00674c368d335"
age
7888681
x-env
a=live, b=www, c=e8889be1, d=i-0399c6ecf88de4413
expires
Tue, 26 Aug 2025 01:17:56 GMT
smug-cdn
cloudfront (via live-www-alb.smugmug.com)
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
date
Mon, 26 Aug 2024 01:17:55 GMT
content-type
image/gif
x-s
100.13.140:322206
last-modified
Sat, 20 Jul 2013 19:09:23 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-amz-cf-id
LvXhxCWQTd_evR80R7YCr__YGZKYNSSrg6UDx9IMKc-tM_Ag2D2z9g==
x-ttfb-l
43
cache-control
public, max-age=31536000
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
content-length
43
x-amz-cf-pop
EWR53-P1
x-powered-by
SmugMug/1.0
server
nginx

Redirect headers

x-ttfb
0.014
x-request-id
d4744a04
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=e8889be1, d=i-0447830e152413748
expires
Mon, 25 Nov 2024 08:35:56 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
Date
Mon, 25 Nov 2024 08:35:56 GMT
Content-Type
text/html; charset=utf-8
x-s
100.14.177:767871
x-frame-options
DENY
x-ttfb-l
0
cache-control
private, no-store, no-cache, max-age=0
location
https://cdn.smugmug.com/img/spacer.gif
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
0
x-powered-by
SmugMug/1.0
Server
nginx
v2!prefetch
photos.register-herald.com/api/ Frame 4AAF 		190 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/api/v2!prefetch?_shorturis&APIKey=W0g9oqdOrzuhEpIQ2qaTXimrzsfryKSZ&_prefetchImages=only&_verbosity=1&_accept=application%2Fjson&_filteruri=
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.58.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-58-193.compute-1.amazonaws.com
Software
nginx / SmugMug/1.0
Resource Hash
3ba9a07cb4d783c069ce0ae2d5ba581612abbec9104f5198d7b24d4b1db8b0b8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
3825de2c10fd4a7fab0305f3744d1196-afa22fc6fed5e948-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Content-Type
application/x-www-form-urlencoded
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=3825de2c10fd4a7fab0305f3744d1196,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.0191
x-request-id
d2dcc805
content-encoding
gzip
x-smugmug-values
1/5 - Grow Together
x-env
a=live, b=www, c=ec58e149, d=i-0e1cf08a4b104258e
expires
Mon, 25 Nov 2024 08:35:56 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
x-ua-compatible
IE=edge
Date
Mon, 25 Nov 2024 08:35:56 GMT
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
x-s
100.10.56:1280974
x-frame-options
DENY
x-ttfb-l
190
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-origin
https://photos.register-herald.com
Content-Length
191
x-powered-by
SmugMug/1.0
Server
nginx
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JD3VHQYLPF&gtm=45je4bk0v9123094753za200&_p=1732523753096&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-ca&sr=1600x1200&cid=868779135.1732523755&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sid=1732523756&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4953
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JD3VHQYLPF&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/ 		267 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PM75X7XFT4&l=dataLayer&cx=c&gtm=45He4bk0v72758733za200
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dae8b59ed31e28c37e5102d6d0bb67629453b61cdca1c6c44624b2c714eb974c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 08:35:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96057
x-xss-protection
0
server
Google Tag Manager
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
GiR62Ux0OW4CfaeO_9tu7jJVzc8iU6.K
age
5859585
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
V11D-KlmRxGf_5UqorlhJSHJQD8O8wvcvoie1QSczEZu6g79HmhtRQ==
date
Wed, 18 Sep 2024 12:56:12 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 17 Sep 2024 21:59:48 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 4b6b5023747759b0047c5cbc8d742cea.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
0ab198dd-b265-462a-ae36-74e163ad6159
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-59.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=3600
age
1724
via
1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
wvxFNp3iW5_zYT4yq9XrE07ZB8dhBqnf-1dohTOqYCH4_mzok-v1HQ==
date
Mon, 25 Nov 2024 08:07:13 GMT
content-type
application/javascript
x-amz-cf-pop
JFK50-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.register-herald.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
b79952d2f1ba3781cff55366a1888587b3b6f13e2556cc3f775d2c722a1f8180

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-cache
Miss from cloudfront
content-length
3713
x-amz-cf-id
AwhHNZS49OOiwRBuDzwl4l4prUoJYmFZloOHiTJNRlEW-KeYLc4o1Q==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
JFK50-P3
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.register-herald.com%2F&pid=PbKydPQrx4DgF&cb=0&ws=1600x1200&v=24.1105.2150&t=1005&slots=%5B%7B%22sd%22%3A%22registerherald_weather_120x60_atf%22%2C%22s%22%3A%5B%22120x60%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Fweatherhousead%22%7D%2C%7B%22sd%22%3A%22registerherald_desktop_leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22registerherald_desktop_300x250_btf1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22registerherald_mob_300x250_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22620x366%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22registerherald_siderail_300x600_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22200x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22registerherald_desktop_leaderboard_btf2%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22registerherald_desktop_300x250_btf2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22registerherald_siderail_300x600_sticky_btf_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22200x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22registerherald_desktop_728x90_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C1795%2C1%2C%2C%2C&sm=470614ce-65bf-4d64-a6ca-dd5480941835&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-140-223.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
05a0b7f4cb7ef38be18f11cbe7bcc0d37cf2d8227db3146eba5887f06e4dca43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 ec0c03792167c1faa09ce29d408be53a.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-cache
Miss from cloudfront
content-length
993
x-amz-cf-id
8-HlPU7fbUbbcplgPdNqz0aaXXa5lN1VzEX1UxxaB2AZAqkGKY_dBw==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK52-P2
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		855 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.register-herald.com%2F&pid=PbKydPQrx4DgF&cb=1&ws=1600x1200&v=24.1105.2150&t=1005&slots=%5B%7B%22sd%22%3A%22registerherald_sticky_footer%22%2C%22s%22%3A%5B%221x1%22%2C%22300x50%22%2C%22320x50%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Frichmedia%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C1795%2C1%2C%2C%2C&sm=470614ce-65bf-4d64-a6ca-dd5480941835&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-140-223.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
9971ed07771da4df4dda61168629d1f3533c4fe7a4578e60f64372c27dab655d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 ec0c03792167c1faa09ce29d408be53a.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-cache
Miss from cloudfront
content-length
565
x-amz-cf-id
JHupb1IFDNS3ck7Ac3VvhE7nQVcqwzt86t8Kp_c1csqFtC3r2ObslQ==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK52-P2
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
45344
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
StH3xma-APCCfYM7SzxSz5VP40_H_Fop3FIyH7TLWL7qArt17Py0NQ==
date
Sun, 24 Nov 2024 20:00:14 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
arj
justapinch-com-d.openx.net/w/1.0/ 		189 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.register-herald.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=480&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c33230e4-4711-416e-9699-c185b714adc0%2C78bace02-6bac-4e1d-941d-03178f60b85b&nocache=1732523756989&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!americanhometownmedia.com%2C00021%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_3%2Cahm_widg_id_7&aucs=%2C&auid=544092638%2C544092638
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c806aa312185f4a7b8941e85522f64aa5d7756169550169048bf5fc9a143e8fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=0, no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
175
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/json
vary
Accept, Accept-Encoding
server
OXGW/0.0.0
bid
ap.lijit.com/rtb/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.83.69.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-69-204.compute-1.amazonaws.com
Software
/
Resource Hash
2a50bb5eaf0814dbc3feaf1cb828980789b40ad73a139d136de4476173970efb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://www.register-herald.com
content-length
23
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
liveView.php
live.primis.tech/live/ Frame 51A2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d01d7d21681301d2665586e1c0d2d722db01841bdbeb76db4659cb4698d9c9a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-amz-cf-id
JXmU17_Ig5KO8Yy-PrJuBEMso1Q4G4hUgGXBLstjCjO2TbIXkB74rA==
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
JFK52-P5
39f39a1f5a2c082ad98fb55be1ea6442bb118393
bandborder.com/create/d35e797f3bb1/ 		301 B
757 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/create/d35e797f3bb1/39f39a1f5a2c082ad98fb55be1ea6442bb118393
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2047b79ff08a6bc34a0f42a906fd31d3213baba8f4347ea2337647b2e5bf5a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-us-central1-75nr
expires
Mon, 25 Nov 2024 08:35:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
priority
u=1,i
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e804eeb6ad0a226-YYZ
access-control-allow-origin
https://www.register-herald.com
x-buildnumber
1553448542
server
cloudflare
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.86.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-86-140.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
IKXrUoItkKbxZQ20ut9b8FhMghJH_Xd7
age
11301040
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
na_eLdtozNOAOEZHwhFGKv1D34ew43hWIma6wDMZOH9PXVV_-kttjA==
date
Wed, 17 Jul 2024 13:25:18 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Jul 2024 17:27:04 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 4b6b5023747759b0047c5cbc8d742cea.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
882.json
id5-sync.com/g/v2/ 		0
0
deflate.min.js
live.primis.tech/main/js/ Frame 51A2 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/main/js/deflate.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"64db4a53-3217"
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
9Xyg-hNlf7hgt8aL3v6IQlohTz_mQfkaosK_vWbPpdE3TSjtNSkEpQ==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript
last-modified
Tue, 15 Aug 2023 09:50:11 GMT
server
nginx
x-amz-cf-pop
JFK52-P5
vary
Accept-Encoding
omweb-v1-5.js
live.primis.tech/content/omid/static/ Frame 51A2 		44 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omweb-v1-5.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f7bc1865c10215913cd38a869630fd07c008811bb39ecdfc5b9d76a74a31b6b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66dd6341-b17f"
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
0nlqlzijFMcQy_O1UxcAbzNZPq5PR1dQajVEXDqqWZIG3CuwvDA0MA==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/javascript
last-modified
Sun, 08 Sep 2024 08:41:37 GMT
server
nginx
x-amz-cf-pop
JFK52-P5
vary
Accept-Encoding
omid-session-client-v1-5.js
live.primis.tech/content/omid/static/ Frame 51A2 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/omid/static/omid-session-client-v1-5.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d7c25086a2305f99b43116f3935095d346eea4e1fc781bab31e81b6b9320032b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66dd6341-110bd"
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
-rMQD4x9o0y9-T5_OjmzAp8CmwS3YIchzifL37sKrhRmVoWGWP-y0w==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript
last-modified
Sun, 08 Sep 2024 08:41:37 GMT
server
nginx
x-amz-cf-pop
JFK52-P5
vary
Accept-Encoding
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame 51A2 		258 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"623b1723-409bc"
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
expires
Tue, 25 Nov 2025 08:35:56 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
cHg9njQm3iuycir14AZHsnEatA4tp2clrseo82HkR3pCIwrEhHmPvw==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript
last-modified
Wed, 23 Mar 2022 12:48:35 GMT
server
nginx
x-amz-cf-pop
JFK52-P5
vary
Accept-Encoding
pal.js
live.primis.tech/content/pal/ Frame 51A2 		181 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/pal/pal.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e8b425b0454dfdeaacc90a822297f5386f87aa23cdb769f6843bfdc48d87a2bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66cd7c4d-2d42f"
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
vkQ1Bd_SrFkDVRHXy7NLh7AP6nj7cEZTb9VdUJMF6dPJe-f8YYcoKA==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript
last-modified
Tue, 27 Aug 2024 07:12:13 GMT
server
nginx
x-amz-cf-pop
JFK52-P5
vary
Accept-Encoding
prebidVid.7.16.0_29.min.js
live.primis.tech/content/prebid/ Frame 51A2 		553 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ea67ff6b5b7b47547079d888267aa933d278920933bf8d0b767dbbadb9a25be7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"66795624-8a3a8"
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
expires
Tue, 25 Nov 2025 08:35:56 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
V3DHBNUWH7Byx0xIs9Cn7dlTas8sHX4zdeYb7TFHQ0RySbOYzc7ZDg==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/javascript
last-modified
Mon, 24 Jun 2024 11:19:00 GMT
server
nginx
x-amz-cf-pop
JFK52-P5
vary
Accept-Encoding
liveVideo.php
live.primis.tech/live/ Frame 51A2 		666 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1732523756097&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1732523756&pubUrlAuto=https%3A%2F%2Fwww.register-herald.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:5c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7fe4cb97ef5e3d652dbf242e9d0424c81ddb8444848ad56be07105d94a908ad8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
via
1.1 a422a2e7c5cee555310dfa3dcc07c402.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
9J64I9DR9eFBvBLa21_xHQd53hqLcu3zZ9BDcBg50-KanMq1OrmpFA==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
JFK52-P5
882.json
id5-sync.com/g/v2/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		365 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2376568413150008&correlator=343514278782421&eid=31088952%2C31089065%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Cweatherhousead%2Ctotalaudience%2Creveal&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5&prev_iu_szs=120x60%2C728x90%7C970x250%2C300x250%2C300x250%7C620x366%2C300x250%7C200x600%7C300x600%2C728x90%7C300x250%7C970x250%2C300x250%2C300x250%7C200x600%7C300x600%2C728x90%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732523757213&lmt=1732523608&adxs=133%2C436%2C120%2C-12245933%2C1180%2C436%2C1180%2C1180%2C436%2C805&adys=113%2C290%2C3420%2C-12245933%2C1007%2C6363%2C6686%2C10260%2C10921%2C13108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C-1%7C0%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=120x82%7C1360x272%7C300x282%7C0x0%7C300x622%7C1584x314%7C260x272%7C300x632%7C1584x154%7C1360x803&msz=95x82%7C1360x272%7C300x272%7C0x0%7C300x622%7C1584x272%7C260x272%7C300x622%7C1584x112%7C1310x0&fws=4%2C4%2C4%2C132%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C260%2C1600%2C1600%2C1600&td=1&egid=7353&tan=4e8ed457-507f-409c-87f0-689c841b35d5%2C4e8ed457-507f-409c-87f0-689c841b35d6%2C4e8ed457-507f-409c-87f0-689c841b35d7%2C4e8ed457-507f-409c-87f0-689c841b35d8%2C4e8ed457-507f-409c-87f0-689c841b35d9%2C4e8ed457-507f-409c-87f0-689c841b35da%2C4e8ed457-507f-409c-87f0-689c841b35db%2C4e8ed457-507f-409c-87f0-689c841b35dc%2C4e8ed457-507f-409c-87f0-689c841b35dd%2C4e8ed457-507f-409c-87f0-689c841b35de&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732523752190&idt=2384&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D55ee00fb-4bab-4aee-84e3-a4e463623eff%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_weather_120x60_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D68b50da2-d7b4-40c0-8ae1-76adf00994ef%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_desktop_leaderboard_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Db95d26fa-1b28-499b-945f-90c6b99afcc8%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_desktop_300x250_btf1%26fs_ad_product%3Dbanner%26pos%3Dbtf1%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D44c95f28-f964-42ea-8aac-5fd58e5ad9c5%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_mob_300x250_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Da8999354-7cbb-4e29-a42f-55275312695a%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_siderail_300x600_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D101bc152-ac74-4fa1-bdd4-a35978a194e1%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_desktop_leaderboard_btf2%26fs_ad_product%3Dbanner%26pos%3Dbtf2%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D85319ba1-dbc0-4954-b4ec-0ad786d52c34%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_desktop_300x250_btf2%26fs_ad_product%3Dbanner%26pos%3Dbtf2%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D9512922c-9215-42a9-8f37-393581885e88%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_siderail_300x600_sticky_btf_3%26fs_ad_product%3Dbanner%26pos%3Dbtf3%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D63891aff-fdd6-48d3-ae88-bdf2c762bf6f%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_desktop_728x90_btf%26fs_ad_product%3Dbanner%26pos%3Dbtf%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D5a7583de-2cc9-4a78-899a-c3be5c6dd5e7%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_reveal%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&cust_params=fs_session_id%3Dfa45480c-aad7-45d5-918a-a17f39d92388%26fs_pageview_id%3D016f25009908806ea26c4c964f8985f7%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-NY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D23%26fs_clientservermask%3D23032322200233320002202%26fs_testgroup%3Doptimised&adks=3338393650%2C3025403062%2C2746350988%2C26673532%2C2376654946%2C2938938653%2C2746350991%2C2935887176%2C404705766%2C1245358332&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
7b42cc79ee01c5ce06bc110b633ae542c3fc864c18894efa443d85a15a650bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-2,6826725116,6825502030,6831610294,6831613900,6831613900,6831613900,6825370033,6825370033,-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2,138495343977,138497087179,138497723257,138497723491,138497723518,138496896936,138497179028,138497179196,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
34486
x-xss-protection
0
server
cafe
container.html
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A0C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:35:57 GMT
expires
Mon, 25 Nov 2024 08:35:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
primisslate.css
live.primis.tech/content/video/css/ 		19 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
c06615f65bbd0fd24a7fc98664ebe6cc69c165be8bf47181a45c4b5876e5471e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
etag
W/"66f3c358-4c94"
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
UjVfyYvArzQq2eziv7ZzSimc8f9eMxucYYmVnCAjig1PNgv-9lmQYQ==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/css
x-amz-cf-pop
JFK52-P5
server
nginx
last-modified
Wed, 25 Sep 2024 08:01:28 GMT
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 51A2 		345 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"812ceba01127f3bf5aede260eaddcd29"
age
1866
via
1.1 30c685f6079b8142334973866010be4c.cloudfront.net (CloudFront), 1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
pE8khp3V0Wn1yeufaQNFMoM5z74J_8SFsuXktwIap6X9doqN7CLwSg==
date
Mon, 25 Nov 2024 08:04:51 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:51:07 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P7, JFK50-P3
x-amz-server-side-encryption
AES256
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 51A2 		115 B
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=98a1ab6a-f01f-4847-b8a3-d14fd46f1a96&iiqpciddate=1732523757364&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=885_1732523757366&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.register-herald.com%2F&ref=www.register-herald.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-98.jfk52.r.cloudfront.net
Software
/
Resource Hash
f13328d6c37a7e3875d27e92de7141328ac4daab3fb3be114019d95db55867b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
x-amz-cf-id
7RryqpT9-Jqxe-ry2yYgCbFcTzXS_6fsr0zC8TrjcW6yoAyjLW3-xg==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html
vary
Origin
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control
patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 ec0c03792167c1faa09ce29d408be53a.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-amz-cf-pop
JFK52-P2
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=755304&iiqidtype=2&iiqpcid=98a1ab6a-f01f-4847-b8a3-d14fd46f1a96&iiqpciddate=1732523757364&tsrn...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=755304&iiqidtype=2&iiqpcid=98a1ab6a-f01f-4847-b8a3-d14fd46f1a96&iiqpciddate=1732523757364&tsrn...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=755304&iiqidtype=2&iiqpcid=98a1ab6a-f01f-4847-b8a3-d14fd46f1a96&iiqpciddate=1732523757364&tsrnd=735_1732523757367&vrref=https%3A%2F%2Fwww.register-herald.com%2F&jsver=5.09&ckls=true&ci=vxlxynLvKL&nc=false&trid=-268474300
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Server
2600:9000:2512:7400:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
JtLhm6WqurfjjoT30zYLRrTAlppwzkZME8vq6y6VzSI-BfzJXQvutw==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=755304&iiqidtype=2&iiqpcid=98a1ab6a-f01f-4847-b8a3-d14fd46f1a96&iiqpciddate=1732523757364&tsrnd=735_1732523757367&vrref=https%3A%2F%2Fwww.register-herald.com%2F&jsver=5.09&ckls=true&ci=vxlxynLvKL&nc=false&trid=-268474300
pragma
no-cache
via
1.1 024ebcc63921610877d4ba277290628c.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
mk-G8oLtbuFTR-JJOzxFfaNVT0D6YaLe434VIRfhk3THrIxKq6YyIw==
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"ad78eaf46246cac6849005eb8b50ae6f"
age
84051
via
1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Qb4bjNOxc1g3i4Q9s9Fh7Ahpm0ZjXHBO5Cp3Y8bHjYO6_9yDeBDNWQ==
date
Sun, 24 Nov 2024 09:15:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
ima.js
cdn-ima.33across.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a7171-403e"
age
209612
cf-ray
8e804eec3fe9ab5a-YYZ
expires
Thu, 28 Nov 2024 08:35:57 GMT
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 16:10:25 GMT
vary
Accept-Encoding
server
cloudflare
159414c0-b15a-42ba-bde6-fea9bf50fb40
https://www.register-herald.com/ Frame 		0
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 51A2 		6 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
45344
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
StH3xma-APCCfYM7SzxSz5VP40_H_Fop3FIyH7TLWL7qArt17Py0NQ==
date
Sun, 24 Nov 2024 20:00:14 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
/
www.register-herald.com/tncms/dmp/segment_audiences/ 		67 B
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/tncms/dmp/segment_audiences/?anonymous_id=0b48b312-1e81-4a40-8bae-6ef1aed042f4
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
e97d58b269af03c7342d662b20f10aca683d15391bc34f06c1fb0c97d511d466

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
X-Requested-Feature
geoip

Response headers

cache-control
no-cache, no-store
content-length
67
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/plain
css
fonts.googleapis.com/ 		838 B
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f9fce2d1efeb7ff84b096edcbd306fbeed42a83f2717b4d6e6a0502ce5ea160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 08:09:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 63B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=90754
content-encoding
gzip
content-length
6694
content-type
text/html
date
Mon, 25 Nov 2024 08:35:57 GMT
expires
Tue, 26 Nov 2024 09:48:31 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame EE9D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
  • https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=dc452fd1-0edc-022f-3c4f-f293c4a0d149
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc452fd1-0edc-022f-3c4f-f293c4a0d149
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc452fd1-0edc-022f-3c4f-f293c4a0d149
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:e400:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 25 Nov 2024 08:35:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma
no-cache
via
1.1 441f91af2fc013470161b54d14d10a44.cloudfront.net (CloudFront)
x-amz-cf-id
B4clIV3MEjRl4Z5bioxUEr2wUOuyWY_BkEi7jHc52zOSoo-COVqScg==
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront

Redirect headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 08:35:57 GMT
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=dc452fd1-0edc-022f-3c4f-f293c4a0d149
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
via
1.1 d9a3a15f3ae58ded645b708c4a5253c0.cloudfront.net (CloudFront)
x-amz-cf-id
jw0lpV-Js3nLcEuoAOacl8VZ_XmNORvV5-ZWvdMkkLo1nylFUpTwiA==
x-amz-cf-pop
JFK52-P5
x-cache
Miss from cloudfront
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 5FFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={{gdpr}}&gdpr_consent={{gdpr_consent}}&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D150%26advUuid%3D%7BpartnerId%7D
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.233.192.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-192-61.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.register-herald.com/
content-type
text/html
date
Mon, 25 Nov 2024 08:35:57 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
liveView.php
live.primis.tech/live/ Frame 51A2 		116 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1ZDAlN2JyYmyzNDMjNmA4NTM0Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqRq01dZGynV001WzcRrx1EY3qPRFV6TxM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM016SXcPVGg5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN6TWcVNU5ESTJNQXA5LwBNRaNMWUJDoGQ0R1FhV3V3V2f0QTqBp3R1MxuKSUgFnWJ6p3cvRFVJTWMzqzyxX2NioaRyoaRsnWQ9NDAmOTA2NCZ2nWRsY29hqGVhqF9xZXNwPUNbpzymqG1uplgFqzUeU2uipaRwqXQeQ2yhozFgo24eQaVhplZ2nWRsY29hqGVhqF90nXRfZT1DnHJcp3RgYXMeRXZyK1Nbo3J0Y3V0K0Ncoz5uoW9hK0J1oaMzqzyxX2NioaRyoaRsZHVlYXRco249NDYzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD02ODp4MDtmMmMlMDAkMDM4NTElJat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmA3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42MmE5Jzqyo0kiozp9LTp5LwM3MTYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTxzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0MmZyY2NuN2NuJzNvqXN0ZXI9MTpmMwUlMmp1NmYlOQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
0b9799749aeec96fea2a910907f919bb39445cf79c00e2779090292c104f364e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
U4Y_u9LacCei_ziBsVKOHBpMt-FUgBr6SqJxRYTAs0vPgGwggHFfew==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
12336
x-amz-cf-pop
JFK52-P5
server
nginx
liveView.php
live.primis.tech/live/ 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpmMwUlMmp1NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImNDJEMmEmMTJEMmImNTVGMmEmMDqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmMmMkN0Q3QwUmNwQmMmY0MmM0QmZFNEE2QmVBMmI2QmqBNwQ0NmU2Nmx0QmU3Nwt2QmYmNxQ0NwpmNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNxM2OTZFNmU3ODqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MwYjNlUmQTUmMDAyM0E2MCUmQTp4NwpyM0EyM0E5JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4WDEkJTNCJTIjTGyhqXtyMwB4ODZsNwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTMkLwAhMC4jJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NmQ0MmZyY2NuN2NuJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MmI1MwM3NTp1NTYzqWyxPVNyn2yhZG9TUGkurWVlNwp0NDM2ZWQkOWYkNCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phpzVanXN0ZXIgnGVlYWkxLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXEzpHucZD05NzE1YmM1OTE3NwNzYzIlMwA4YTByMWRzZGE0YTVxNQ==
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
GY-X5EPn7zKhQe9uV3octWnyjcsW0FAu2s6B1a2xRoe9CvK2KLFIKQ==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
JFK52-P5
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 51A2 		35 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.22235.space.105129,adsize.400x225
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=86400
cache-control
private, no-cache, no-store, proxy-revalidate
pragma
no-cache
expires
Fri, 04 Aug 1978 12:00:00 GMT
content-length
35
date
Mon, 25 Nov 2024 08:35:57 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["oBrTqu7GvhS3RAjzZbAFBA=="],"pcode":["p-1ZHFxK2kGG5Cz"]},{"label":["bguBNbUeX1i0CBFEb/hMkw=="],"pcode":["p-1ZHFxK2kGG5Cz"]}],"trigger_data":"1"}]}
content-type
image/gif
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sekindo&bsw_param=7277627c-a64f-4188-b086-cdca26283cfd&google_hm=NzI3NzYyN2MtYTY0Zi00MTg4LWIwODYtY2RjYTI2MjgzY2Zk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFKIf7VbLLRexDdZANuJZgg&google_cver=1&ssp=sekindo&bsw_param=7277627c-a64f-4188-b086-cdca26283cfd&gdpr_consent=&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=15108dd9-63fb-4f19-b602-b08a9c84d63a
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=15108dd9-63fb-4f19-b602-b08a9c84d63a
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=15108dd9-63fb-4f19-b602-b08a9c84d63a
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
6HVEP3Bp7nrUmJ7ERTI6fKnAqScm0TOTca6PB1q9kPTsxdFmKHKkAA==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=15108dd9-63fb-4f19-b602-b08a9c84d63a
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
pHVl6-REmUROI9tSTVHuNibRUcLnWd_WGwxizyEO3aDNkspre8bu8g==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
liveCS.php
live.primis.tech/live/ Frame 51A2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=6gvshk1&ttd_tpi=1&ttd_puid=674436ecca7ca&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=e8e89820-78a3-4a2a-829f-578334a1b058&csuuid=674436ecca7ca&gdpr=0&gdpr_consent=
0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=e8e89820-78a3-4a2a-829f-578334a1b058&csuuid=674436ecca7ca&gdpr=0&gdpr_consent=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
0u_XNt-ssgo4MISv8na5592mSn_XK1O5Z_-HNwzu5aZzuBgqX8D-rw==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
JFK52-P5

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&advId=149&advUuid=e8e89820-78a3-4a2a-829f-578334a1b058&csuuid=674436ecca7ca&gdpr=0&gdpr_consent=
content-length
337
date
Mon, 25 Nov 2024 08:35:57 GMT
server
Kestrel
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=a92cb8ae-2a69-46a0-8e70-ff7ce51ec47f&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=a92cb8ae-2a69-46a0-8e70-ff7ce51ec47f
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=a92cb8ae-2a69-46a0-8e70-ff7ce51ec47f
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
g6nxcxYQWRZsJ5GSq6dUk9QGltINtosvjBOB272zFGO_42LwmegO-w==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=a92cb8ae-2a69-46a0-8e70-ff7ce51ec47f
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
BHGWjBE_DkK2j-RI9u8fIGga6lsKEQZpf-N1RxJwPNczzr4an10Jjw==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=Z0Q27dHM5zgAAAmvAjbDJwAA%261365
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0Q27dHM5zgAAAmvAjbDJwAA%261365
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0Q27dHM5zgAAAmvAjbDJwAA%261365
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
gpS295Z9v2mxLZm_J91cGU7v5mMbKEpr6SFoDZi-_zvu53M0nNQjtw==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=Z0Q27dHM5zgAAAmvAjbDJwAA%261365
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
2ncfbfJ6OoSR9yivBOHOwrGpEJc6FBxHrjdfmFviEPOKZmmrCLkWwQ==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=819027098221802988696
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=819027098221802988696
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=819027098221802988696
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
serTH3lrctmxiE-K8i38OeensjPTmOx7dNoQsaZrXLHTCeg3oODMyA==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=819027098221802988696
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
cQj9-5FNtSdG_HrvmutS6Dl5p1FMzpNAcpmOkwnwkmSpyzBbgSBWuw==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=M3WRWV6I-1U-KHY1&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3WRWV6I-1U-KHY1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3WRWV6I-1U-KHY1
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
kG7EjLI-NnqVXzenkP97BJauhcIEiuVMdCI_azuy9qier9YXfZof2g==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=M3WRWV6I-1U-KHY1
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
bj3G80KKjwv6IKs-QnS9uBlTcwP1s_nlG4jw1-YvypJL-C2P1EwRjA==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
sync
ups.analytics.yahoo.com/ups/58818/ Frame 51A2 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 25 Nov 2024 08:35:57 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D105%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526advId%253D105%2526advUuid%253D%2524UID%2526gdpr%253D0%2526gdpr_conse...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=105&advUuid=810980635046800621&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1186917411&3rdpcid=810980635046800621
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1186917411&3rdpcid=810980635046800621
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
6Ueeh4xKC6T0i2-PY7xmoaL6GDu7DzphIo659rH5wc4BocZfzVkB_w==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1186917411&3rdpcid=810980635046800621
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
krNZvC33Rk3omNmSZ4z5n1xYbNMeI3bJLL_e3xZcmblLvaGXFP1N7A==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=be170c4c4653422798dab2010cff0c7f
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=be170c4c4653422798dab2010cff0c7f
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=be170c4c4653422798dab2010cff0c7f
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
Wtkh9py_4yQvdsnsYOJM_5oOU-837q88OauHjjPBZ605yYqPiQWExw==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=be170c4c4653422798dab2010cff0c7f
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
nNcW81B7H7f3Ndi9mG0HvCHif2JmhYpPuVLTQkxTYM7Kq6lphl6cKw==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=674436ecca7ca&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3755253571978305000V10&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755253571978305000V10
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755253571978305000V10
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
c89WAxhBkVWeLM2ei0OH1KtdPNMksKtlKr9Glm6qNJIUYqeVcKw3IQ==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3755253571978305000V10
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
NL72W5YjxlsnVDW8v_0eHAY8VlbMntLcMOWqd0iqbjE16QSRz36g2Q==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=JuZDABZHAKyXLV27RzSAj9yf
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JuZDABZHAKyXLV27RzSAj9yf
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JuZDABZHAKyXLV27RzSAj9yf
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
iBIC5NYeR3acnCLumK_YCl1CbYX4Q6FedAWfiGZgv6KEhRvBsXSn_A==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=JuZDABZHAKyXLV27RzSAj9yf
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
Fta82oAppzjwrsY3ZvJ7WhJrKYhf-aMQmIlu-I6rk1-wIEyeJz8YhA==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=fec76b34a81542c7c8bb56dc2ecf64&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=fec76b34a81542c7c8bb56dc2ecf64
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=fec76b34a81542c7c8bb56dc2ecf64
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
OiKpkHRz0pDhX1sjD3Os4LWc6D8Fi6TLhEqw9Ih5s1mH5i00ucf3vA==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=fec76b34a81542c7c8bb56dc2ecf64
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
COJsIqAipwtv4lJFBVtUJH7WkW2IZNc5CneH7MvzXEra2zsevVWDQQ==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
X-BioiYosIzlg2qK4i9flpG_IyRdmE7xCCHt_f4S9T-bfnbXQYEKMQ==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
Vxj_RETAMm_Lh5otCYPgGyMsq0bXVKcewYDlrm8jGegNRrqGhdgV1g==
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D%26gdpr%...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=4438851394020492166&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4438851394020492166
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4438851394020492166
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
5AN9n0Td2CZwbJeBy6DtholuaN12LCr6WZV9gPWyaWSlOlqGIEYn6A==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=4438851394020492166
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
WwOsdCnjVRk0pPk2tGdyfa5ZhOFHL-1rITBN8osJ6tvTKtPAfNFV3A==
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
cookie
cm.adform.net/ Frame 51A2 		35 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.6.231 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=6e2beac2-3e6f-48a6-a40b-68839b55bdae&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=6e2beac2-3e6f-48a6-a40b-68839b55bdae
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=6e2beac2-3e6f-48a6-a40b-68839b55bdae
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
242geqbAi2eNowqVaAX8ECKXtuJHi2PlQBb8mAwI9iP6ttuInQBFFw==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=6e2beac2-3e6f-48a6-a40b-68839b55bdae
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
Pg65blVWdeSQeeBRuglSwiqJIOHAz9TTZ_O8BS8h-suAocQGkXWeuA==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1732523758081
  • https://ad.turn.com/r/cs?pid=45&id=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005&rndcb=3017954061
  • https://sync.1rx.io/usersync/turn/7684957197179181433?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D119%26advUuid%3DRX-ed...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=119&advUuid=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
EEs5dKyTugT89oLuDySaUWfK87eCp6hsOwJFgukA1A-XNVh4UODl2Q==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=541745869&3rdpcid=RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
_2mBYYNdOqUOvvZa-IK6Z9AxzFb-VgHN7khFZAQ8lS1XUG0PkNJOwQ==
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 51A2
Redirect Chain
  • https://sync.kueezrtb.com/api/user/pixel/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D151%26advUuid%3D%24%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=151&advUuid=6a845be6-b181-da96-e6ba-3063afd0e60b&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=6a845be6-b181-da96-e6ba-3063afd0e60b
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=6a845be6-b181-da96-e6ba-3063afd0e60b
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
D_u_nS1OJVEB-I6RkmDSFhNRerPUvC4Jg9QY1KZh9kEat-ni_VCegQ==

Redirect headers

cache-control
no-store
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=793790479&3rdpcid=6a845be6-b181-da96-e6ba-3063afd0e60b
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
Q1Vk5u7dhHovLtbuu9m1uw1IdWdopEvuDMDDKfiPTaEHzVYNNftMGw==
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
JFK52-P5
server
nginx
r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D154%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
sync.ingage.tech/ Frame 51A2 		42 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ingage.tech/r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D154%26advUuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
cf-ray
8e804ef03d61a2db-YUL
expires
0
access-control-allow-origin
sync.ingage.tech
content-length
42
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
server
cloudflare
integrator.json
pubads.g.doubleclick.net/adsid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/adsid/integrator.json?aos=https%3A%2F%2Fwww.register-herald.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-afma-token-requester-type
Access-Control-Request-Method
GET
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-afma-token-requester-type
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 08:35:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
pubads.g.doubleclick.net/adsid/ Frame 51A2 		15 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/adsid/integrator.json?aos=https%3A%2F%2Fwww.register-herald.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
6cb74b1c20520023a412d8e0bc04e0bcc832be2f66b0a584056db181dcd5a052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-afma-token-requester-type
requester_type_9
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-cache, no-store
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
content-length
35
date
Mon, 25 Nov 2024 08:35:57 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 51A2 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?tid=pal&tv=1.0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
026e82e122c595a5bc13571e5e25e7cbbfcc9a58166a3cfd149cc959bb08bd3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
8917
date
Mon, 25 Nov 2024 08:35:57 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
vid6585d027bec9f430708534.jpg
video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.jpg?cbuster=1703268393
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:2400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5dd17d6d3d06cb368353a5f88107c97674b9a8f4107dd0cf77c38495b3ec15af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"441e7aeeb97229720c8f603f3ab38ded"
age
24013
expires
Tue, 26 Nov 2024 01:55:45 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
85CT08FZHfCplUzk_VZLrq8Adg_bxQCWaMKQ6xvBYOrSbUmTHJrkpg==
date
Mon, 25 Nov 2024 07:15:37 GMT
content-type
image/jpeg
vary
Accept-Encoding
last-modified
Fri, 22 Dec 2023 18:07:35 GMT
cache-control
max-age=86400
via
1.1 6f18ca2e5109f8aa7cd1212932dc4e9a.cloudfront.net (CloudFront), 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
26165
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.register-herald.com
Referer
https://fonts.googleapis.com/

Response headers

age
267625
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 06:15:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 06:15:32 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
liveView.php
live.primis.tech/live/ Frame 51A2 		107 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1ZDAlN2JyYmyzNDMjNmA4NTM0Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqRq01dZGynV001WzcRrx1EY3qPRFV6TxM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM016SXcPVGg5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN6TWcVNU5ESTJNQXA5LwBNRaNMWUJDoGQ0R1FhV3V3V2f0QTqBp3R1MxuKSUgFnWJ6p3cvRFVJTWMzqzyxX2NioaRyoaRsnWQ9NDAmOTA2NCZ2nWRsY29hqGVhqF9xZXNwPUNbpzymqG1uplgFqzUeU2uipaRwqXQeQ2yhozFgo24eQaVhplZ2nWRsY29hqGVhqF90nXRfZT1DnHJcp3RgYXMeRXZyK1Nbo3J0Y3V0K0Ncoz5uoW9hK0J1oaMzqzyxX2NioaRyoaRsZHVlYXRco249NDYzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD02ODp4MDtmMmMlMDAkMDM4NTElJat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmA3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42MmE5Jzqyo0kiozp9LTp5LwM3MTYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTxzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0MmZyY2NuN2NuJzNvqXN0ZXI9MTpmMwUlMmp1Nmp0Mj==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
26f3384d6ac95613ad8ae184ff6bd4b771474ea8f138992c35eda1f758ab3bc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
vSF0A2XUpiS1_AXUYCS_vSdNq05yvb_aeF9ONivq890qJB4v9VmMxQ==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
12270
x-amz-cf-pop
JFK52-P5
server
nginx
liveView.php
live.primis.tech/live/ Frame 51A2 		99 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1ZDAlN2JyYmyzNDMjNmA4NTM0Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqRq01dZGynV001WzcRrx1EY3qPRFV6TxM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM016SXcPVGg5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN6TWcVNU5ESTJNQXA5LwBNRaNMWUJDoGQ0R1FhV3V3V2f0QTqBp3R1MxuKSUgFnWJ6p3cvRFVJTWMzqzyxX2NioaRyoaRsnWQ9NDAmOTA2NCZ2nWRsY29hqGVhqF9xZXNwPUNbpzymqG1uplgFqzUeU2uipaRwqXQeQ2yhozFgo24eQaVhplZ2nWRsY29hqGVhqF90nXRfZT1DnHJcp3RgYXMeRXZyK1Nbo3J0Y3V0K0Ncoz5uoW9hK0J1oaMzqzyxX2NioaRyoaRsZHVlYXRco249NDYzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD02ODp4MDtmMmMlMDAkMDM4NTElJat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmA3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42MmE5Jzqyo0kiozp9LTp5LwM3MTYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTxzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0MmZyY2NuN2NuJzNvqXN0ZXI9MTpmMwUlMmp1Nmp0NA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
8ca8e9c3381b0d59292155e826f635c4df61cc4232f9503b0bc683373010c091

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
4JW2d99WmpELLn6a78E7p9A4DgR-ACEwQn0mV_hWDTdSRkQsh3UHJg==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
11271
x-amz-cf-pop
JFK52-P5
server
nginx
liveView.php
live.primis.tech/live/ Frame 51A2 		99 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1ZDAlN2JyYmyzNDMjNmA4NTM0Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqRq01dZGynV001WzcRrx1EY3qPRFV6TxM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM016SXcPVGg5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN6TWcVNU5ESTJNQXA5LwBNRaNMWUJDoGQ0R1FhV3V3V2f0QTqBp3R1MxuKSUgFnWJ6p3cvRFVJTWMzqzyxX2NioaRyoaRsnWQ9NDAmOTA2NCZ2nWRsY29hqGVhqF9xZXNwPUNbpzymqG1uplgFqzUeU2uipaRwqXQeQ2yhozFgo24eQaVhplZ2nWRsY29hqGVhqF90nXRfZT1DnHJcp3RgYXMeRXZyK1Nbo3J0Y3V0K0Ncoz5uoW9hK0J1oaMzqzyxX2NioaRyoaRsZHVlYXRco249NDYzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD02ODp4MDtmMmMlMDAkMDM4NTElJat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmA3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42MmE5Jzqyo0kiozp9LTp5LwM3MTYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTxzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0MmZyY2NuN2NuJzNvqXN0ZXI9MTpmMwUlMmp1Nmp0NA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
f90585228da20b1df3da076033ea6ee19b956d556a7c290585464a97e50f9243

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
JYkCMza2UDk3Qb9OzWZIZ1w1g2QcnHZrSu0C7n0mrgia1kGW0c27wA==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
11652
x-amz-cf-pop
JFK52-P5
server
nginx
liveView.php
live.primis.tech/live/ Frame 51A2 		141 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlMwImNSUlRaZcZGViXmVxZwJwNwqxNWE2ODMkNmI3MwUmNDMyMxZ2nWQ2NTt1ZDAlN2JyYmyzNDMjNmA4NTM0Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6SXyNnx0kTDNnpFcHVaZYryZeWzcKnx5dZGgOV0UlT0RNrE56STNNnyV6TxRNqzRgoGgOnyU0TyqRq01dZGynV001WzcRrx1EY3qPRFV6TxM1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM016SXcPVGg5TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN6TWcVNU5ESTJNQXA5LwBNRaNMWUJDoGQ0R1FhV3V3V2f0QTqBp3R1MxuKSUgFnWJ6p3cvRFVJTWMzqzyxX2NioaRyoaRsnWQ9NDAmOTA2NCZ2nWRsY29hqGVhqF9xZXNwPUNbpzymqG1uplgFqzUeU2uipaRwqXQeQ2yhozFgo24eQaVhplZ2nWRsY29hqGVhqF90nXRfZT1DnHJcp3RgYXMeRXZyK1Nbo3J0Y3V0K0Ncoz5uoW9hK0J1oaMzqzyxX2NioaRyoaRsZHVlYXRco249NDYzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzRyYaVaSW5zo3JgYXRco249JaBfYXyfnXN0SWQ9MTE5NmUzpGkurWVlSW5mqGFhY2VJZD02ODp4MDtmMmMlMDAkMDM4NTElJat9NmIjJax9NDA1JaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMkMmElRDMlMmU1RwMkMmA3RDqCNmMmMTM1MmAmODM5MmQmNwMmN0Q3QwQmMmMmMTqEN0I1MmY0MmM2NDMmNEM2RTRBNxM1QTMlNxM3QTY0NDp1Nwp5NEM1NmY4NxM2MmZENDY3MmVBNDMmNTZBNwImMwMjM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2RwZDNwx2RTp1Nmt3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRaq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJTJGJzFjpFN0o3JyVXJfPSZupHBQpzy2YWN5UG9fnWN5PSZupHBJp1BunWQ9JzFjpFZypaNco249JaNxn3Y9JzFjpERyqzVfo3Bypw0zZ2ViTGF0nT00Ml42MmE5Jzqyo0kiozp9LTp5LwM3MTYzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTxzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4WDEkJTNCK0kcoaV4K3t4Ny82NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEmMS4jLwAhMCgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFuoWVlnWNuozuioWV0o3qhoWVxnWEhY29gJTJDMDAjMwEyMxMkJaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJzNmqXVcZD02NmQ0MmZyY2NuN2NuJzNvqXN0ZXI9MTpmMwUlMmp1Nmp0NQ==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D31312D32355F31307D7B7331353038393436337D7B4333317D7B53643364334C6E4A6C5A326C7A644756794C57686C636D46735A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6C696E75787D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2607%3A5300%3A60%3A7867%3A%3A9&userUA=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F131.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1732523757&csuuid=674436ecca7ca&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.register-herald.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&isOriginImg=0&gdpr=0&gdprConsent=&contentFeedId=&geoLati=43.6319&geoLong=-79.3716&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D&appName=&appBundleId=https%3A%2F%2Fwww.register-herald.com%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
a84779f488e10b2425de021fbf949db04492c167c3d41e59f145921a18f76f68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
ZG_hI0W6C62nO8EFVHuWdeyjpk3KYfH4m1Gy1n4RtF1cI1k_VvsVPA==
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
application/json; charset=utf-8
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
content-length
15139
x-amz-cf-pop
JFK52-P5
server
nginx
p
api.segment.io/v1/ 		21 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-151-220.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.register-herald.com
content-length
21
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
application/json
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
45 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2376568413150008&correlator=343514278782421&eid=31088952%2C31089065%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Crichmedia&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C300x50%7C320x50%7C728x90%7C970x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1732523757812&lmt=1732523608&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=338x-1&msz=300x-1&fws=516&ohw=1600&td=1&egid=7353&tan=4e8ed457-507f-409c-87f0-689c841b35df&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732523752190&idt=2384&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Dd5bc24f4-3fd8-4f11-bfad-46ff6c158ca3%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_sticky_footer%26fs_ad_product%3DstickyFooter%26pos%3Dbtf%26amznbid%3Dlrj20w%26amznp%3D19z1mo0%26fsbid%3Dtimeout%26amzniid%3DJANobWuTG4hFmgMW9rG5WmkAAAGTYnaQCQEAAAJYAQBhcHNfdHhuX2JpZDIgICBhcHNfdHhuX2ltcDEgICDB8PbB%26amznsz%3D728x90%26amznactt%3DOPEN&cust_params=fs_session_id%3Dfa45480c-aad7-45d5-918a-a17f39d92388%26fs_pageview_id%3D016f25009908806ea26c4c964f8985f7%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-NY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D23%26fs_clientservermask%3D23032322200233320002202%26fs_testgroup%3Doptimised&adks=2260609792&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
61dd6de57773800a3c5911743f0b4efc68b936a29ba89fe880ec3ee4bb79c8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
45972
x-xss-protection
0
server
cafe
/
photos.register-herald.com/services/api/json/1.4.0/ Frame 4AAF 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://photos.register-herald.com/services/api/json/1.4.0/?albumId=22663428&albumKey=WsC5r2&returnModelList=true&idCopy=true&PageNumber=2&PageSize=10&method=rpc.gallery.getalbum
Requested by
Host: cdn.smugmug.com
URL: https://cdn.smugmug.com/include/js/bundles/chunks/chunk-E3BNR3EF.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.235.58.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-58-193.compute-1.amazonaws.com
Software
nginx / SmugMug-API/1.4.0
Resource Hash
8f48d97d3112bc9bf95ef0d70d30e7ec78041b3b498251ccd183fb18686139ac
Security Headers
Name Value
X-Frame-Options DENY

Request headers

sentry-trace
3825de2c10fd4a7fab0305f3744d1196-b5aaed583763df94-0
Referer
https://photos.register-herald.com/frame/slideshow?key=WsC5r2&autoStart=1&captions=0&navigation=1&playButton=0&speed=3&transition=fade&transitionSpeed=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
baggage
sentry-environment=live,sentry-release=7a39b8fda2922a45a71a2e382c1b012275a6351a,sentry-public_key=a50725d1f5884564b5c9f506e44fde72,sentry-trace_id=3825de2c10fd4a7fab0305f3744d1196,sentry-sample_rate=0,sentry-sampled=false

Response headers

x-ttfb
0.1088
x-request-id
eb86fc53
content-encoding
gzip
x-smugmug-values
5/5 - Empower Passion
x-env
a=live, b=www, c=e8889be1, d=i-04b541d63012615d5
expires
Mon, 25 Nov 2024 08:35:57 GMT
smug-cdn
cloudflare (via photos.register-herald.com)
p3p
CP="This is not a P3P policy. SmugMug respects your privacy. Learn more at https://www.smugmug.com/about/privacy"
api-method
rpc.gallery.getalbum
Date
Mon, 25 Nov 2024 08:35:57 GMT
x-ua-compatible
IE=edge
Content-Type
application/json; charset=utf-8
vary
Accept-Encoding
x-s
100.13.45:1584083
x-frame-options
DENY
x-ttfb-l
33555
cache-control
private, no-store, no-cache, max-age=0
x-smugmug-hiring
How to love what you do: https://jobs.smugmug.com/
Connection
keep-alive
Content-Length
4471
x-powered-by
SmugMug-API/1.4.0
Server
nginx
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&src=aps&ver=1.14.0&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.register-herald.com/

Response headers

cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
application/json
vary
origin
xdEizrWJ.js
tpc.googlesyndication.com/sodar/ Frame 51A2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/xdEizrWJ.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
321
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:20:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:30:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
15273
x-xss-protection
0
server
sffe
iu3
s.amazon-adsystem.com/ Frame D3F1
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-cadent_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-na...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-cadent_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-na...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-cadent_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-nativo_n-Outbrain_n-minuteMedia_n-adMediaV1_snb_n-Beeswax_n-inmobi_cnv_n-sharethrough_rbd_ppt_an-db5_3lift&dcc=t
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
503
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 25 Nov 2024 08:35:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TD7KQ4766XAJEWZ2EA04

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 25 Nov 2024 08:35:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-mediagrid_n-LoopMe_rx_n-acuityads_n-MediaNet_ox-db5_n-cadent_n-smaato_n-adman-v2_n-onetag_pm-db5_n-simpli.fi_ym_n-vmg_n-Vidazoo_n-nativo_n-Outbrain_n-minuteMedia_n-adMediaV1_snb_n-Beeswax_n-inmobi_cnv_n-sharethrough_rbd_ppt_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VSQJ7CHV43F4KDZXQAQK
prebid
ib.adnxs.com/ut/v3/ Frame 51A2 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
91b2c98c30f6d5166263c7bdbeba248ec0e87c470097669620902240c4e9288c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
an-x-request-uuid
d7f6b9a8-ff32-41e0-b8fc-93601c60aa24
content-length
144
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
liveInternalSsp.php
rtb.primis.tech/live/ Frame 51A2 		51 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Atrue%2C%22data%22%3A%22%5C%22rJmgXNgm6wwS%2F1i2IVXsPhDl7YIsEmLMaG%2FOJTU5OoO1LlaZFdDB2F5LDfa566pyS5YMubRLNdanAAVYLoVheV%2B3WcrL6OeCqR9jDq8X3zX7%2F96kAi7fThB7RYbexeVxhj1Kzc8%2FhkSCQVb2BriFYYTy%2BDMh2xDHyfHe9gyVmjgJD%2B2L6FcGIRzTjZGebzElX8tMsBfKkjNcuVL8SRYNibOkHURqhQX1%2B1OFqp0QFSjE%2BYFxhLmJIp4KF0mH81bldocxozuH8C%2FjbMmrJRQUlwUOrRB84b7uHJrdLJ7TBdG8WvD3V1k2iCo8dlVz%2BIGxzHUZl2D2lK43KCIlXoJSyKagtocpU6PT0xVqexR0QS5cR%2FyMvhnkIjD3o5dW92ugto6UGp67GAoHH7vzcJT9nZJxOyQ0M5SlcwnKgRFaAel%2FbenpsXbDyozpQ0q0cC%2FyT5La6MKqBuYIts1%2F%2F3KpCj9xmZY1fu%2FH4X3b%2FkP%2BXVZVwi%2FElr8E0x8DL7K8xCs5%2FosiXm6LDOlpLCFo%2B1rpLxhrZCIooOc4wzXmNjTrbuzdvpFCyv5Hhyl%2BZ4Wrb7f9N5cxFMWWFmx6Indd4sbCjRDpLcuQdEciGEHEd6oIpyPOF4kVVPlqjzr9Xyf1auPKpD1n4BeyzZWWK0HUhq2lffZ39UDPAiGzJt8bsobcp5I%2BDRrW3vAFAufxxFnpy9VQe5MZ9N924MMAH8nxWOc67kS4Gf9joYeZjQ1SboahyINTm7NK5v0LljMzZUFN%2BTX69E98tlw9gUfF3jAQxclzyWjxlYjH7GSWySgEqJPfLKlMifYJJUkXyprarEzKeOmFbmvFpShuhIOm27KcU534040hqFygyLccDPEII9%2F3QclzKEcFNBEFP7I7GOnsMtVAjVWePGt%2Fa6cJUcJZZT3X8EC2EuaZrSwj3LHiwGIaSxZ%2BtdPR2EH%2BlHVfqjoQt1lx1QLShOcjyRNpl%2B9W2qUt5cq5Xd5kX%2BVyOGaza4cZWn8QG5RK3gBdxDc24LvAEULWzvQaFDcHEUGwrFKD8o4mrN3qwe7%2B0I2MVuUv80LVXFR77DywbZgVAKgRhwQ1tUj1esF%2FJdv68K6uBbE7ur9Q0nAx3eXxFAb96V5zIgCJ3CAMQN91I6XGCpz%2BUyc9KwIfyEXXJxoKTd4300PeK8kch43%2BjZLeLyBldghjIUtE0v1GoIOxoAWt%2FfaJ2%2BzMhtdneK5JhtUk7bxqjJ8rgtWMdQLyV80Teh%2BGfA9Dh5wtXwpJSphvdfh%2FpMc64jgyerRLAYwCSJbZSqdVHQRoSWGCMbWREGcxOphQNS8FTpryrJdXcZQAkjLgI0ro2r4VdyyuvIxjlDb8souqIDX%2B4qh24eEhrldMO6MDXNikqGdhhthmHndneItQWbz1yK7LWvs%2FPL3mYw92i%2F6%2Fofbvd0cb8VGwwRMOlk0d40qUEnCOMNuj1yBLT7zcAJFE5HSBvwz2%2FdLg4OeatZg9rrDzRPYIRfW%2BDDw9hCjdZn1lG63LtcJvaziTm4Qu3yqr7Mn6f36WuUy1aLEqOvnG%2FpT3udl7NfvcHz3JmeEtVDIhgDzh5JgxfjHuJHRnAhR%2FKvveMRLwkLhpbZkCPUQ5bPdqzghnbYDBZzvvFqu%2BSfVJ3VVA%2B2mdC0SuYSUDxNnncKuYtAaIlaWkjuyBsYVbVNK2oUNsL6R9JcQHuGjko8XsYwtVx5tgqtL%2BRWW2%2BoXK6CXmE0yOVjZJq9TY8lLROWsQEbLTtJYYu3dOrIlWMNO%2FIl0udihKWtIYpAfv3npsQatqcR%2BWVQ58eWZ5Bt0Rn5xsUuB6BeRy4PArBvft1i37LL5DEkptQVn%2FqnYtgtWF2Vqo9csB%2BBGfqxP2l5z9CJkRqchXkyjlwtJjWkjJfRLfPvD2wSDWq%2FjmQnmtNACkpXAnkJec3kHEvhd%2BIfSlzbDA5zS2mjw3YHKbaGxiAyx%2Bqjoo2lKvkVdOuNgl5xR1M8Jl0njRn5n9SASzxZFw9jbHaZEfzdQXNciBjF736%2FAT5hylVx%2BgAzg%2F5dOKq%2BeEjBvIQ7vic3n7QF37Uyw%2BnHz6H6oUuZuT1KRvBh1NnQOOOjL%2BZhuV79b3raQHlJ%2BT9Roba4H5v5RAF8xYShCBA0S7%2F%2BPo1%2FhlYRdlw1ALSdt%2F1MKodAU%2FDfTp%2BXS10HLnVtgk7IuZ2oFdbZs%2B%2FnvFgedidBntarvnfHTRj80N0mi2I%2Bxy6zfFpH9rXwaRlNGOEQuboTs9NNLS2w7e0eTPhhHoZ2FBGM%2Bo%2FPRSQihf0Zp%2F96auRh7uRh7uRh5uz%2FfhssrjWtP098ZzuSfKobgrWFMadEuRXT8glcm7bWysYW2clH%2BwHG36a9MEMliXaTKxITqU64A67yTtrTQdpAqqWQhPz5aN%2BZkjfQaw26d2N5IOzRvbZqbPFsAzKtD832rnGoSpgyRAnDiGIhPuKdCs%2Fi2btLn6c6hALPUDGKoOlMZZOtI7smolUa82zexk%2FCI7p3mgiguUE3mK%2F7uPRQS%2BL0g5abaDdSCvNqJ%2BP82mTuwbKrVvqllwGYQXBIwjo8O3%2F6jmuePETQ0MRzg8ONiqwczDGr%2FE0YOEZQgeyZ%2FhA2esBzcqicJ2FdtVaAnt1z%2FB%2FGvbNqO%2FI6tV1X1Fnki2GODHou1ew7M79iyv4zzLbrq3scgDsg%2Fd6LOt2t6TohxlTlmRMdATWg%2BCjvejKbDEknENIiNlsJXpYqHlSMn7EVnlFfhVumE%2FZc1SfmwC4D3C3zV184HBm2GjeOIQBdfvpQm2%2BH7Hf2Cj4DSAjUF8zeyeca9HGCld%2B7Ew5WNHli%2FSwcTAfR1oD8rNHSzrHYRhbPglr0rKjJbwyISnf30bvTqRExExsJqaUBKC07nSpOmI2JNjhJLbcX9HSxJU9kWVRCgeh%2F0qaw2OcGP%2BGH%2FHlphR2hW9cRVt3BxDm6wfrHL3j41%2FM3AxeQ2lE4mwlI%2Fo9sfDmXtB90nopU8Eck%2FwHqHW%2B4EMa7snKoB7yhxRKKbWRm5Q9C1QNBmDIZvmbGwLnRgFPqp7lq3RS%2F9%2BULSg7vhvKF0BpKEMpBNErc%2ByPXYwgXHeMEi7yPWfU0HY32On90AY2gE05hAUlAHoRSwg%2FM%2FWQHgKSkQxEgjOKpcm0nergTGKa983jiMAiD2R%2FZ69ImjDYVAsy8UkFaUYuKE5nhFjxmxd4ltKW1V3BN5L2%2BMD798E78rllKswspgcG%2B%2BDprgAPkoir%2BasD9631X1N18evvS1WMHsqu%2FWBeY4dijme4XTZtdm6Glt2Vt5ubjSFGstmrlmEibWNyEP7LzBUi87OBfp4IXfWB7eFgpIINhJZTi1bETuRLXsyHWqmW7t5uNym9enFdurjrkG2MmQ3HVhRDkic926111GOtHq5RiFw%2BsK%2FiXlc0aplMqaroSZdbjovMCsF4lxBkQCggCuVDYKefEf7e3eCML354jf%2F%2BS4PdsIwm%2Fpoc4wirluBi63tVCmfsa1ATJ2L1Vd%2BQA9xmf9CsAYHYWOreG5is%2BvMxbENqo0dtihRQUgfRkhPBF6brNm8%2BR0%2FpRrhktkVATwG31ZB1GCSjIH%2FHMOuqygHzBtRoJADsgB6Ia%2FgfbBoEXwN1B8oFU%2BMpOtsZCZmA%2BcjCobMBfJ0ZcfBRdnDgryKc1J240j0bQEPih3FqdvgQkawO7%2BrQ19Lfnvu6CfEmWa%2F8fDmi12UNUfoXdYJKpCome2%2BNykFbOFMptLBksOlVipG7OtmGXze2kIAyhXMiJvD0M%2FxAq8nvKMOkepf4E6RhobskJqABZcgc%2BQR%2BffdjVzGEyVuZRz0%2FK4kBrqQ1TiU%2FX3B2jBUDbG9JsAi1U2QvCnja0eQL%2FYnedwtEQXf2Sh0kP%2BAX0wNEVI8w9ACI%2BvNARZCJqdUpGSEPjm0uxtvrc8aQQxg84ouaEfp3McBUyI21OIXXzSpmuZphYAfcbQwQffBCvYxEO5llBBPCJZARawgKJRNAR3wu5atWcpsKG86DBYYhQKcM0BZAt%2BtkKeSQtS3M0Bc5EH46V8IoyYRoqv%2FXYVDC056ukLtMczfdY0T9LIiVhvkH95qEFNDWmK48tPDmRkMCcxx8RFtuEcWfILBluT2banV4ARrLb7JsBWA22RppPwpuaf2uWhAa4Kq8I3RE5tenrhHMnXQtvhhLGFicSKKlqkGFcEGdnW6QxnWvjrtzpAHj5EzdasLjHlCDho9ZZepG8FC90TXsjNzDo8d%5C%22%22%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:2800:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
653e273bbc432403bb37db126e8e43f758c7bd998691759be0bc2b3f4515b274

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
age
0
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
S3BPsHRdSkXRTDczGLfrDOi-GPgVzxKy1MMK6m8eCW3jwka_TG3JDg==
date
Mon, 25 Nov 2024 08:35:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store
pragma
no-cache
access-control-allow-credentials
true
via
1.1 e8d43fa48b39621b588a1a1ac423b626.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-amz-cf-pop
JFK52-P5
server
nginx
liveView.php
live.primis.tech/live/ 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNmMlNTImNmU3JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTplNwA1OTYzrD03MwAzrT00MDUzoXN0YT0kNTA4OTQ2MlZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTxzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuYMTEyM0IyMwBMnW51rCUlMHt4Ny82NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMmEhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY3NDQmNzVwY2E3Y2EzpaZhPSR7VyBsUyZOX01BQ1JPsSZuqHRyoXB0TXVfqGyjoGyypw0lMCZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZjoGFwZW1yoaRTqHJyYW1UrXByPTEzp3NjX2y1pm0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MmI1MwM3NTtjNDEzqWyxPVNyn2yhZG9TUGkurWVlNwp0NDM2ZWQkOWYkNCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phpzVanXN0ZXIgnGVlYWkxLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXEzpHucZD1wOTt2MGVuMmMkNwMkNwxjYWI3NwVzYzUlMTA2YwY1Nt==
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
max-age=315360000
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
D5eiC2tKO16L4W2jSJRbnz5VucnSj8LOPjfzC60XwQ8dJFde6IptRg==
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
content-disposition
inline; filename="pixel.gif"
server
nginx
x-amz-cf-pop
JFK52-P5
map
bcp.crwdcntrl.net/6/ 		156 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
98.83.224.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-83-224-108.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e6e0e4b4a100861c4b8a7b35d922a263e0eb531eb00687385d54fed4d158abb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
156
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
application/json;charset=utf-8
x-server
10.40.8.47
server
Jetty(9.4.38.v20210224)
39f39a1f5a2c082ad98fb55be1ea6442bb118393
bandborder.com/d25e797f3bb1/ 		3 B
493 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/d25e797f3bb1/39f39a1f5a2c082ad98fb55be1ea6442bb118393
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/mxcdqqqkvW5shJlAklvFmf2pXjqdgZh1OIGAMZRMiRX6KRuXEyx0wmt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-us-central1-75nr
expires
Mon, 25 Nov 2024 08:35:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
priority
u=1,i
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-us-central1
via
1.1 google
cf-ray
8e804ef02c9da226-YYZ
access-control-allow-origin
https://www.register-herald.com
content-length
3
x-buildnumber
1553448542
server
cloudflare
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=register-herald.com&t=desktop&k=1&r=1&c=CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key,x-lm
Access-Control-Request-Method
GET
Origin
https://www.register-herald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.register-herald.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
cache-status
disabled
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		757 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors?d=register-herald.com&t=desktop&k=1&r=1&c=CA
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9cd8002a5b4f9e621e945a19449220d9e3c085b403e6f20b01303e9e81d4c54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.register-herald.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
x-lm
1

Response headers

strict-transport-security
max-age=31536000
access-control-max-age
3600
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
via
1.1 google
expires
0
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:35:58 GMT
cache-status
disabled
content-type
application/json
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key, x-lm
container.html
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9807 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:35:57 GMT
expires
Mon, 25 Nov 2024 08:35:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C181 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2AUvXhI5DQ79wqtaUGssfOrSv2fCIbOoqko6C1EbVp4upZIuA_LjLK1drUNwGTiZsVgZC4m5AqTiXV7VzIBw64iy_mW8IDZsxjcbhlblQ8zY7Vg2CsEE70Ek4PKLb-zYurLzLSi8_y9WBWOqoAGtocwgoHVMoOE7Wo_DAuEHGigABWPV5laHVjnn4vx9ui14xDPXRLWZCGX0QKSrClJQnX6Fb4r70jjzIT5liZ-gBkZ9P9BPZo1bycWX9VoyvqTuwMnaIeeDBhMrUUMo9j7ajcx-IdGRYJ1HfiwlxIV3P3KbAjd6PHX_uakC6AbbCdbfvbxXU7WCQWJMwRcOYJgLGgCN-iQ0X2Tm1TSvb3LF9DxX9C-6BUbm8aPn25eJZ_skeenluPFGDoc8iPm67k0kYtg-pmmJAq-0La2Dbzuo8AD2bRRv6dshPajZrOTRmsV7dZYoJuhmam725M1o&sai=AMfl-YRMeqijXa0vPMCwIVzAdotPMkKJ-wxXSGk3CsFgFOlCo6jW9e4oyAb8Gz_SaA3gm6_W41_Hz69EGRu38Ft9UyrV4Zb_Zq0xeMu233nCg9yjyKwTjkJyZlpFLx9d&sig=Cg0ArKJSzOkK9ohFVzAiEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame C181 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
47
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:35:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C181 		217 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
11617648121830268693
tpc.googlesyndication.com/simgad/ Frame C181 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11617648121830268693
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afcfba1248dcf052028a4db047d783a04a69089158cca9a0c214fac79ea74410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
252830
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 10:22:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 22 Nov 2024 10:22:08 GMT
last-modified
Thu, 14 Nov 2024 16:50:19 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
44653
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame C181 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame F30B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0SEgSmjZzkKeQz5Mt01AePf0yA7wp83gfYMDO4SReS8vhMfFlbCge4Yrkly-zh5IQiZWORKrgDYEBDRm6SiASBgyasNbBPOWp0tZ1yPMo8c6MKIgJWmSgQhzPL31Z8VoZ8BdhANhu7Xy6Be_iK2HvVgLaXjNVevULbXXaaPuEibbkbCyzCOmDY7h-ICU33JL12LL33Y8MRtCF-Q_EbPxDLphYmXNqHDdvCi6DSxopyx8PYJeT6WAnOlIlTzMqC_11sSzFTujWVAaDypOPVVn61GbI_EhHpMIl-BG2ieBbu_5FLrNFeEnAMbEOJWYpRrj5_-D4miRWegvdGGQ8LyoCXHV_eptRavWoMi4xAB7I98jJEg4ci-VQ5_oc2PMIoDgUKdoM5U10T8O2NeVPEfCd40H6V8GdJg23EuevrBzPNjFFssINoU7ZTP6_ZE62RDYTAEU6sEFJ2B5pQKM&sai=AMfl-YSmm4BVRKsFUgS8l5DzziJExqfOp6khSAmSKX0tt7v33b7MnDQJ4UPyjyS9hmXHk-lIc1z57CIl5e6cqBGxXfq1075LezngfqZc-ma8IMOM50MdMeyVzRCkTCJs&sig=Cg0ArKJSzBhF6bgHJkZ6EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame F30B 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
47
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:35:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F30B 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
11266636035982443175
tpc.googlesyndication.com/simgad/ Frame F30B 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11266636035982443175
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1a65a57e7f6b993a1391834169835e58ef71d4989aed912ac7a3f60038503f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 08:35:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/jpeg
last-modified
Thu, 14 Nov 2024 16:51:39 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
59779
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame F30B 		0
0
truncated
/ Frame F30B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b18166185105bccd50108a0ca0cb0caa40ca568972adc06f484ee2473700b008

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
container.html
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4283 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:35:57 GMT
expires
Mon, 25 Nov 2024 08:35:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 40FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf8CCeFFJ3Wh9_F6_JlVLjuif1rPgFtKx9TteBOuSy7UlZgREYfCqb4TptpntQpFqtKjRO7UffnUpbfo7vLg9QNSgxbEC6mxMsoI_QqNgo3CBIuBnjtKM4Snty4oy8iRj4eWQoKXn46dSpOjhS9ZJEZmosJaMtZfPYjhN9cgTIkfIwi-7RR2cn9KHpEeDq_9QqzpwBpLAMf3D06NrVk-LA9BlJDKACSEsATrrfQ63OUdh5qRKD62Ix7nVjhx0ycyL3Ikev2T8aUS6PD_rxgtDPYFFVnGQbqMhrJAkjQvuH_JTocX8yQtynj5zK5lrHaHsAWvmQnxLHwaiWkktr5vT91It1JNgDq91NWr4jLesfhnDK_TUIFa55xkO_nhp0NJqZwVRhzeO-55ElJCXuznP8h_AHQBAgiFiMgGCwPmvQKAYuFCXj41SZf1HUL5kRA80AaEjXIUT-a6sfboE&sai=AMfl-YSu0PJKBVhnJBainNbw1YiaVODx4hqYle7A2QZWBUsRlRrTZ5HUgBnJpHgt_81wKHE6kv_O37JxW1tdclYVxZ46vvG7oMRKxmp93vZ8GZaiGqx0OA_yzrNW7sc_&sig=Cg0ArKJSzKOc92-FOro6EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 40FA 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
47
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:35:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 40FA 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
17357751420022192605
tpc.googlesyndication.com/simgad/ Frame 40FA 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17357751420022192605
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a27160745cc3ce00fa6ff83370750f75b39e22b86f302e1617b80502fd955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 08:35:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/gif
last-modified
Thu, 14 Nov 2024 16:51:47 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
74391
x-xss-protection
0
server
sffe
view
securepubads.g.doubleclick.net/pcs/ Frame 7407 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubTmiDbuNraP6-x1hPkcwDtehd35HHbfNZp7zX2E1KqhJPH0pAJhq6mE2DDpJ6xHN369tkDVm0MXaqSDMSIqnxzuJq2Pdp7B3aw1cLTS6qyTBUDhhclwxdpSMqAg37rDBe9a-h8o9xbd-hx2MvVm_daXq70UHPFxUv4b-H2lQ1iEG3-j4P0Zb1tFk4NeWqYt2r-rohLvslRYM0q2-3CKc9c6REH-E2rZ-o4v20YSJTtQZ1VhHNtsfSJafvUbBSDHk74ktYb_-eWk6S9vcqg9kIjn9UxJ48KP2DfXHh33fmvFnLVvrHRuVz_2iJ8kqxG8on0z8OUWjPBPru2a3l1qcILi1DS8ocQxScBao0uPYEtZ_mAnLAGnoz4kVX3PndaAkkauU33NlSJD91sQRaxjBJuhw-D0MlM46K5WkCuQSgNDcxKU0FUY8wbDQFwHaPNBoI2BMWpz6cqBY-Jnk&sai=AMfl-YTfYAILKHExBNb-ySpMWrqC82N9liAkN_ZHpW6BU-feLAE_5skxXEreVGfK9uPxJOPU9i3mOtMDAJYnvk_aKw9aZyOErPPWQ75KBvranlY1v_ZT-Dzuld-ZUl3G&sig=Cg0ArKJSzBXM8NFGfhCAEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 7407 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
47
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:35:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7407 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
1850757535227545623
tpc.googlesyndication.com/simgad/ Frame 7407 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1850757535227545623
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3f0c37ccbeaedaf783f06fb420768dab9ae40440f79296f8eb63f75c8205aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
260341
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 08:16:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 22 Nov 2024 08:16:57 GMT
last-modified
Thu, 14 Nov 2024 16:51:26 GMT
content-type
image/gif
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
28508
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 7407 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9FB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthnsTaFQJMNtwXgaz7kbyHqYUVlhcGEuQN_ZsR4Qx8nfUarUC-Hw7Ohkf0dlEZ2oyFYQ2R6DSXb8xQs23icK9tsLrskBsPzDBLQUexG4O2ArZ83sOZ1OZmObk0Usslwxr1KL3hc_Bi9YUh1gcIbxw2MMTNYm_rLpaffAaOQTlXF78yKYlOStA4wN0y37EvyMJkvOdVBrMUeQYM5QbJGyI-pwM4V-ytHeO3iUNEh7ubc5gBNQhMFqoG2c8A3wuhg9Nc1HAzczEJvvzjHPU4rde4rAr57xPwjwOUx5ic52oXdUMnVGRIW-Kh8myzfadrJQ4R65292SbNPJnQ8MwhCuwusBchxZXLqLezm_MrQvDZftVLRrnru1OxVzBlgEiMWsrVvXHE5Ws5xShirhNuTtk1XZzQIYg28OR_dw4_e6yQNwSYSymUaEZx0LqAgt22EGDQXR1IZF1Y6WCdcv4&sai=AMfl-YQgWo3jGaUfGNx62dJEJJ1uafezTOWr-7YoBbVJD8wR9XPstNSxn1yQZJGgxODLSHK5rl9wCceYlQkklHnmld6T-G5c6YgZAgqTTKy1LrFdO3jLa-TY6S7thNbd&sig=Cg0ArKJSzGgO2rsmSLz-EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 9FB6 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
47
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:35:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9FB6 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
11720759287746141154
tpc.googlesyndication.com/simgad/ Frame 9FB6 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11720759287746141154
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a3d07edaed7c877448706fd0fff8b146093e704f70e6ee636d22a4811ec52fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
212128
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 21:40:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 22 Nov 2024 21:40:30 GMT
last-modified
Thu, 14 Nov 2024 17:09:28 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
55248
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 9FB6 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6F7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzXeLFFZj7JDXjdzwj46URiw_MqZ7fzgdIowBu_ZUctdoMosGmcYChZSGWupvl-HvlrcW37d1qekLKsJTnabBQxA8hs-Z9HFG-fj-Jd9jONcZzCBpn3dhy0g6fO_GdgxgAvKnAC4Qn0bPuA_-cblQCCMDk48nzP0YxLvYOgtStz5slv0RCZqaq8T0utQPtY-a_C5PCX6pRISvtsSQ7in5pAbHpDcpnNf5WWxAvC54nnCPugzwFaWhMzuu5GUOMQxci35uGZsPgsY46c0rU4QHJ8pqIzstfsaWi-HkpRq6mmVyUpsDBBW-wahL_y8MH2v_1fYhWrclNbf_vRSjJrnR3oI3WjCa1Wsny6EhUfHXTP8QunfuR5lg9vo5Na3D6BbZGStcud2HkI9ExZ0jA1uhwBONxSLjn3_whDtV-UnBa-my1Lf50BXdGo4UIotM_OUSM4O2ld5gk51BELBk&sai=AMfl-YShrw8wGaGSo-vbOiVvXVf1uLi6AX8vcrnjywNUD88JEE1mDHjD23UnUOcQqnOEldpO5-0PIoUxb4eaz11v8H1WfgJkfL6P84dXHGpv4pdbW1VuzX9I5lo21djO&sig=Cg0ArKJSzE12N57OXIigEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 6F7D 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
47
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:35:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6F7D 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
14525210001590587400
tpc.googlesyndication.com/simgad/ Frame 6F7D 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14525210001590587400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923148f2865df9ae5d959ad24ccce06b805e5c241ae9f2cba863d5d95fedf3b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 08:35:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
image/jpeg
last-modified
Thu, 14 Nov 2024 17:11:11 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
35771
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 6F7D 		0
0
truncated
/ Frame 40FA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
478b1873c8b53787b6faea310b4bc5efb1f5a807d1a64e2d9315cdb8aa9e68c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 7407 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa1a0eb6a196c2be268f3c9b0c5b5d509ed05804b8ab90122c5437a07f2f9fd2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 9FB6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc2d4551a314543adffaa267219459c425cb73feb92084022bf43d199a772ef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 6F7D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efb2d0576416989fac9f5f430927d55bd6b90d8c3eb3c3fb3111ffe1d10e1502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame F30B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame C181 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7407 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 7407 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDbgoTivkm3qVKmI_Y1GKf7XV0kKJHW8Zg--GWmbfb7aoC1vmVZGWXXXzZKNgZwrCOI691wdVq_B58BTym_xp_Oj8WcHpHiEZasnhow-L-oFnzaKwEuQeWAu-0-FUWR8QVmuLekCM75QOcEClgInuTCJUnFTsjwmbzWjee_t7xydQD3Gp4ejiPV6fj433FPRGnrBjkjot8nfSa5rpJ7BBX3_gKQ3X2OuQCaUL9mFygv0410SPliLat95v__TdZCGZunIcgSzscMfBYv7hFZH-VgQ--HguqjGr1IY4F6fgFc4dS9vZl_Wi9ucDEDL0UFraL_3AsWPfH0jTLUS6tp7-atA-EY37DISq3reaUpNGyHl34KjxNZfPBJfdPlngzbBPtYOFdhez6s4WVwFX3Buq3wo0sWQ1x2hYeSIaRaikhYPdaEMirYgihEYoF14BXXQDJEkC2vB2kxPRYj6Ebgw&sai=AMfl-YQGqooFGH0lBQ_ZxvTGbUwlVeUv5xI5NtksXzKFKIydVdI6cTwti8XnEQX8wEPe1F0hklex0N9uT_-GChM8bjzNmpx8myabcon9zxHBa3avi-zpOJiEGQDFsRgQ&sig=Cg0ArKJSzHjeJZy-aqdTEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 9FB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZDE7tB_jbXWcekiQomGEgVw3Fv7pul5aE0dV9m2KgZd_AO8byJIN3d8BcAXwmjjjZiDKWdba36JhZlhMz1i8oZkr8uLth5UTN0v4FLYAoMBr_EwYPjV4yWXEq3JAM2AIe86nFxL9Mz3Cdv8Fw2lQ0SBkOxUeb34pPZ9G0-oZCnqokAcCQlfG88_2eB9Ve8gGGeAV7p50MRGlHWgW1CsY7bgQzayt4i4mw4_-bfyquz8tKfMj1Juf9B4qqxwTdYW0GfciU443baryj0ybKjM3PIcZ4kDTQbEiuo_y23AYGae4VRbn-0T-Ycuw-GOK1xPW3MxHhBAqeSMPSW62951PeZGKJJPoRQs8YMro-Oc7Dg6UaG78F2hDUUXh7jaSzrBw7Y1E9kUt767VzouN67E7IrWHdcsHDpTsFreJ_AOioN3HO39TFLEqIlT06_uRvSFZnmNJXPML6U0ujgGmYyg&sai=AMfl-YQ06P7YZvhaAQqrVBJyJjumm_vwaZfxbVEoQYDcJzFkvs7FPFIREBZKUi0OZB3mxdxNogZfcOKXg8nUMwDsZX8JtqriP4d0l_okJXAF6zZ2ARb3NbCX4LqoLosa&sig=Cg0ArKJSzACFek3f3zWyEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 6F7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHv0tShFOprDJTlJ04jowNrYFUorh6yDJI8PaFl7b37uj5-Je60_U_NVUQobiIWpmm_WYhpSBtN14v5IReEUnzXd5hmt50RXfVPKj0f8l64OD3GkCzxJSaxyUnbbQvtIuChXhxjlAwFW3FFhlVKQ4Ef3o8GkbKI2ik4bI6w8t5ziuFMxuY6s1AcJ-A4Qh4FPWUGH1sE4U0Lfp1mZzxZ_8Tkh73ldPpbMov9fJ_KwhdcQz3Oe22MmLQchHvXVa-K9C01uqmp2TuAgfcBVosA1T5TfZ2r8kQK0vSCq1BvQWKQhIrLC3wRZHPrIqquMLcWKw3X2g4gO3ZSqPJ3aJBBZjD0jS2EsvrGov0neu55fj7SJYRwT9dOWKpcAp3R27ZJe_LMNa8O5xallXCEcrzUrsMfXFXB3QKHTqpK6sOHXeo_OrAvNItER2qZpiytq8fWDybQyLW3VFF_oCTBr0ewg&sai=AMfl-YTiTbQUEiIKzlYHS0_yxKVl75dzMIjQ-5sklbixWKe9zsaPcIgYBP2gJvwdRRC_NNwuv13Rkze1XVpuq-lBXbdy1REm4TQFdyHn8FnEvZSAETGxleF-DTfet5Xr&sig=Cg0ArKJSzM8gLTnc0ZhQEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		143 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2376568413150008&correlator=4033191168516621&eid=31088952%2C31089065%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Cregister-herald.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dddfd60b0b4fa4b78%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_MZMg8Ashw8ZsJeyGsVMwG7KXLTrbg&gpic=UID%3D00000e9f04c242b8%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_Mbkct2cDNwCmzPOAQe9DN3iBCm0EA&abxe=1&dt=1732523758815&lmt=1732523608&adxs=1180%2C840&adys=2266%2C4849&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7%7C8&ucis=c%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x250%7C300x250&msz=300x-1%7C300x-1&fws=4%2C4&ohw=1600%2C1600&td=1&egid=7353&tan=4e8ed457-507f-409c-87f0-689c841b35e0%2C4e8ed457-507f-409c-87f0-689c841b35e1&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732523752190&idt=2384&prev_scp=slotName%3Dldgr1%26pubDom%3Dregister-herald.com%26atab%3Dtrue%26frstlk%3Dtrue%26fsbid%3Dtimeout%7CslotName%3Dldgr4%26pubDom%3Dregister-herald.com%26atab%3Dtrue%26frstlk%3Dtrue%26fsbid%3Dtimeout&cust_params=fs_session_id%3Dfa45480c-aad7-45d5-918a-a17f39d92388%26fs_pageview_id%3D016f25009908806ea26c4c964f8985f7%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-NY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D23%26fs_clientservermask%3D23032322200233320002202%26fs_testgroup%3Doptimised&adks=8025154%2C8025182&frm=20&eo_id_str=ID%3D45cddbfda77153d3%3AT%3D1732523757%3ART%3D1732523757%3AS%3DAA-Afjb1KJzve6O1gdxoYerON46Y
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
c3957eaddd8ea77e90cbb9d1082d74f86973ea305310db090a6deff93f3f82b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
6256584425,-1
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138438729367,-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
57978
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame F30B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bid
aax.amazon-adsystem.com/e/dtb/ 		793 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.register-herald.com%2F&pid=PbKydPQrx4DgF&cb=2&ws=1600x1200&v=24.1105.2150&t=1005&slots=%5B%7B%22sd%22%3A%22_fs-sf-registerherald_siderail_300x600_sticky_btf_3-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F9869277%2Fcnhi%2Fregisterherald%2Ftotalaudience%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C1795%2C1%2C%2C%2C&sm=470614ce-65bf-4d64-a6ca-dd5480941835&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22%257B%2522id%2522%253A%257B%2522hadronId%2522%253A%25220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%2522%257D%257D%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.140.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-140-223.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
b2a68f47899fd9e8da0a9dcfe67962de8311c2b0c98e4889f9957e11e1ddf947

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 ec0c03792167c1faa09ce29d408be53a.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.register-herald.com
x-cache
Miss from cloudfront
content-length
531
x-amz-cf-id
nQlegPF3WU035DazYmAvEEARii3B9Q_9MkRGokvqbof-bQJLkN5c8w==
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK52-P2
server
Server
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:35:58 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame C181 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7407 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FB6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
vid6585d027bec9f430708534.jpg
video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/ 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn1/video/users/converted/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.jpg?cbuster=1703268393
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:2400:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5dd17d6d3d06cb368353a5f88107c97674b9a8f4107dd0cf77c38495b3ec15af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

etag
"441e7aeeb97229720c8f603f3ab38ded"
age
24013
expires
Tue, 26 Nov 2024 01:55:45 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
85CT08FZHfCplUzk_VZLrq8Adg_bxQCWaMKQ6xvBYOrSbUmTHJrkpg==
date
Mon, 25 Nov 2024 07:15:37 GMT
content-type
image/jpeg
vary
Accept-Encoding
last-modified
Fri, 22 Dec 2023 18:07:35 GMT
cache-control
max-age=86400
via
1.1 6f18ca2e5109f8aa7cd1212932dc4e9a.cloudfront.net (CloudFront), 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
26165
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256
view
securepubads.g.doubleclick.net/pcs/ Frame C181 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTQOtS3NA2FKBPIc_3XX0zSErbNSLGZ67mhnYzbNcq5LWtvAvmQxQ-NVUBupovHD-tBbGydW90mMWVxEAtxsz6FsFSiRGELrVASPxqoFWyc7dFQwY64cCYbC8s4Kq635dQ8lWNR6MaYjEF57k82xfWrmZCLn-uQN74LL4hMG9UPdB2zm9nGYqh2NYVBzSudZCbGhvJ63lmV7fKLAiIsylwX-IxFutw73EYvnOqznBTh7y1VIW43owBjN0-o1vDba66LDNWbw61yLLJDQSUZ6wrLfmlMybBnu1aFsQekOLZ4KTnLL9_9A5KnexHni9YLGJ5eX4dYbFMlGDuEwzcIaxBA838r2fJxZuNBPokDdEEZKHr532g_4qraLXEi-Wr85D0pGmpG6UVm7pUdlXCDqUuvy6fwd4-qzaf21I96p8uF5VH5_FKX1Ysf7AscXOL1diH8eGUhdJ8grx0EXFlkw&sai=AMfl-YR1eTNWbfoaDR3xzFaX4UAJNT0to20BEin3p5NLY6u9ncpfdY-c992P_TEr6AZsoudHNSvG7FupGpybASYJM0UexPX-4eaDOLWLYO6UaxmOS_sa9X-LZplQdH2f&sig=Cg0ArKJSzAhpgyWbfGG5EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame F30B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE4Ro8Kj2jYFVWtk-2dm-LfX82ewta4iOCnymt9lzCJOEpU4hL1FoiZjLIFgxauSJo71L8nLP39S45XjiMChS4unT67L6SjPbo9EiyCnVNxOA7m2OrePSt7f40TBhW-gEckOJJme4dFaQADh0IvC13Yzlc-CtMXx-QUMEp9vL8fdUGwIlpQmmveg9nHFlqBip7Pa4ze2wG7dGWEWeXHXR8D-l-xtMeKSh85vjCZvBs3w2xCybvqT3V6ktaG-7i-d8RP0h2Ai1JFy2yuB8OtDOZ3vhRKbSiueABtK_EjB9FkFpLDvei6vTDDr6wS8kQajmoKW8hCLiJUgksY_R5SZcC1G0F_ISrrqgXNWCmr8sBXiWQayLEiSqInW-pmLCtrz1qdAl9HjdUxVqgecUpJeu1xDjEG416Nm5TjBXeN0_IeQYlswC24wTQLWxy-5YFgWqqxWyc63RFS1N-D6gmuA&sai=AMfl-YRvgFENgrls2gwfyRTO_jhqR85T3FIuQ6aeudGlgIGtpjmJrjsTghH5S2AB8hLk1tuQ77PWpJOALj4cP_PMTUxCejG-fOtXILuaLM2UWodHOmuMtMO-12kr52Lh&sig=Cg0ArKJSzKpD4YDgzQzNEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 40FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS0eO3htGdTdokX3mE_7zD3XnhkttPg01oxoNlBxBAwuia_Jcmz7pDUsyVQ_SoYvMdrMFI3KniJPOi45SBQS_AaXdKhOeyQePWlnfuwG4h6HEa-Jq6gH4Hcs1ltc_Vx1n3YRfofjwwjJC4H2hk1HfRXiJrRivDwtYOFFxpzFSRlbNrK5AtlIvALlUF6Nk7vmxUKdrItM_13nEBemc1qUPe9ekwJxXSF_iXUZzJFDzDTxFv0aAEgPG-1eJqVfM_Kh18TELDHf5lJ5v3gR6nrvua4nihPdmrXWxU4dLNw7q_1Wjq2yeKp78LBJXabx42vJGz1jQR52SnqspKYMsRayvY6hnOnNIol9Lkb3-_B-LnXTegEu-STFXpFIQgLngszCYDlUr22AvbXHeLwydLmp_a-43s2bOVURD1MvBRkn6nwB9ivI5tAqbMlnkOsL8GhFIlFkt34dO8c0blPPc_rw&sai=AMfl-YQeS6EdWCzEzXIsWcJnAzPQvMMXmNZLrF_0BbqNUKDkwP5q5IGX_DJq5tESTI8F8Yv3eUfephTDAZvV9DnCAkFCXGrS8n6N99A3xAAfpPxUA8tfzNxkN7Iwo6Dj&sig=Cg0ArKJSzLF_z2uUYC5VEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:58 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
container.html
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:35:57 GMT
expires
Mon, 25 Nov 2024 08:35:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
75
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 09:35:56 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC5Fj7HE3MUckBlXGDleu2s1GvimNm08i9dZgxIE0WaxEbUxm_jxQq3pb8YC8kHwso4-fxnBbX7VKA
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ee41b03aa95-YYZ
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
LVEN46HQ.html
tpc.googlesyndication.com/sodar/ Frame 1DC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/LVEN46HQ.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/xdEizrWJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
8534
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:21:51 GMT
expires
Mon, 25 Nov 2024 09:11:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		421 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2376568413150008&correlator=4033191168516621&eid=31088952%2C31089065%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Cweatherhousead&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x60&ifi=14&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D634e425e076a6208%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_MaSaD5to3aZFaamA-xJuTwpoQLMVw&gpic=UID%3D00000f9e4be1db4c%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_Ma0lxfKHcjkFXxxRO-o6B_4Kh8Drg&abxe=1&dt=1732523759241&lmt=1732523608&adxs=133&adys=113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=120x82&msz=95x82&fws=4&ohw=1600&psts=AOrYGsmpbbDxgU18sctqV69Oe738dDANb34wpUlWxMX6GbRIKJD4bryj3FTEfWPZtZKj-NrAS5l5kQphYn0bGIVN0fpnvq8EJA%2CAOrYGskTO_aOfTokb2XgszpN3aEDiZJtl-HEUhjk4_rH01E6iyC9PPGiXmJXVNuJ_pyd6-Vesabdv74vXOmF2YY9iQC6MKUDnA%2CAOrYGsn3NMC92Qi3rMb_oUY90AjKQMRKM9HO5KTTuApDEpEwL9RmjbY2BbNab5NjsWzFIwQYWMpSCBnd9JxafF4k7e_rXa2iyA%2CAOrYGskUQ6KnAo4V31z6QVog--5nUTW6dRCSG9HSht4O2tEWRqibf0CUAHAQoUCQcwwnnoJrx5OxqdNYP8KUiUiLq8SCQwEnrg%2CAOrYGskXYafqloL0aNohL8-A9-F7_zRqLIJwJBI5nNbOeHbj_B818slq0z33DB7VTZBM5YRD7uJf6ow5uAX0E_IrM-5ddhRzjg%2CAOrYGskJ0fIv3mDdki82E1to_BHZFEy7zJH2_ffbjudNr3F3v1ND2jen7sGr7rRGg7KWCUD6aTwIgNaNpZx6DSKiGjg342v2tg%2CAOrYGsnc0yD51fOQQLWQcOKRcXYCZeaA9aFhIxLosILMssfAtEARDD9MGKDDz3HB02JMgod_ITeH6KdM4hi1H-08RD4xvCTPYg%2CAOrYGslVi8PBG0I6C2TCrGeWGPzWBuB8rwLlhagKDWLtBaGEpL6bkUNcYRDrFHy_0AtFG6zx0bJhS1li2O1K0gB1vHdSnpzgJQ%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=7353&tan=4e8ed457-507f-409c-87f0-689c841b35e2&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732523752190&idt=2384&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D55ee00fb-4bab-4aee-84e3-a4e463623eff%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_weather_120x60_atf%26fs_ad_product%3Dbanner%26pos%3Datf%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fs-auuid%3Dd0dc74f4-202d-465a-8bc0-c9ffd4f1bff1&cust_params=fs_session_id%3Dfa45480c-aad7-45d5-918a-a17f39d92388%26fs_pageview_id%3D016f25009908806ea26c4c964f8985f7%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-NY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D23%26fs_clientservermask%3D23032322200233320002202%26fs_testgroup%3Doptimised&adks=3338393650&frm=20&eo_id_str=ID%3Dd0e031f0ae965744%3AT%3D1732523757%3ART%3D1732523757%3AS%3DAA-AfjaQrZwQdoXUdx-m6x1lOJyi
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
0009bb27ee1654fd3a96c0491406762dd74c47d64b720523c5e427d29538c961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
142
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		416 B
170 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2376568413150008&correlator=4033191168516621&eid=31088952%2C31089065%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Creveal&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=15&sfv=1-0-40&rcs=1&ists=1&eri=1&sc=1&cookie=ID%3D634e425e076a6208%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_MaSaD5to3aZFaamA-xJuTwpoQLMVw&gpic=UID%3D00000f9e4be1db4c%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_Ma0lxfKHcjkFXxxRO-o6B_4Kh8Drg&abxe=1&dt=1732523759249&lmt=1732523608&adxs=805&adys=13108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=1360x803&msz=1310x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmpbbDxgU18sctqV69Oe738dDANb34wpUlWxMX6GbRIKJD4bryj3FTEfWPZtZKj-NrAS5l5kQphYn0bGIVN0fpnvq8EJA%2CAOrYGskTO_aOfTokb2XgszpN3aEDiZJtl-HEUhjk4_rH01E6iyC9PPGiXmJXVNuJ_pyd6-Vesabdv74vXOmF2YY9iQC6MKUDnA%2CAOrYGsn3NMC92Qi3rMb_oUY90AjKQMRKM9HO5KTTuApDEpEwL9RmjbY2BbNab5NjsWzFIwQYWMpSCBnd9JxafF4k7e_rXa2iyA%2CAOrYGskUQ6KnAo4V31z6QVog--5nUTW6dRCSG9HSht4O2tEWRqibf0CUAHAQoUCQcwwnnoJrx5OxqdNYP8KUiUiLq8SCQwEnrg%2CAOrYGskXYafqloL0aNohL8-A9-F7_zRqLIJwJBI5nNbOeHbj_B818slq0z33DB7VTZBM5YRD7uJf6ow5uAX0E_IrM-5ddhRzjg%2CAOrYGskJ0fIv3mDdki82E1to_BHZFEy7zJH2_ffbjudNr3F3v1ND2jen7sGr7rRGg7KWCUD6aTwIgNaNpZx6DSKiGjg342v2tg%2CAOrYGsnc0yD51fOQQLWQcOKRcXYCZeaA9aFhIxLosILMssfAtEARDD9MGKDDz3HB02JMgod_ITeH6KdM4hi1H-08RD4xvCTPYg%2CAOrYGslVi8PBG0I6C2TCrGeWGPzWBuB8rwLlhagKDWLtBaGEpL6bkUNcYRDrFHy_0AtFG6zx0bJhS1li2O1K0gB1vHdSnpzgJQ&td=1&egid=7353&tan=4e8ed457-507f-409c-87f0-689c841b35e3&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732523752190&idt=2384&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D5a7583de-2cc9-4a78-899a-c3be5c6dd5e7%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_reveal%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26fs-auuid%3D3a39b086-ac64-45fb-ae1a-1bc54e2d6c9d&cust_params=fs_session_id%3Dfa45480c-aad7-45d5-918a-a17f39d92388%26fs_pageview_id%3D016f25009908806ea26c4c964f8985f7%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-NY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D23%26fs_clientservermask%3D23032322200233320002202%26fs_testgroup%3Doptimised&adks=1245358332&frm=20&eo_id_str=ID%3Dd0e031f0ae965744%3AT%3D1732523757%3ART%3D1732523757%3AS%3DAA-AfjaQrZwQdoXUdx-m6x1lOJyi
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
13972218e046f9282d620bf3d8f6ed8ccd3f23a2897659311d649ca5117cc873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
141
x-xss-protection
0
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2376568413150008&correlator=4033191168516621&eid=31088952%2C31089065%2C31086809&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cregisterherald%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=16&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D634e425e076a6208%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_MaSaD5to3aZFaamA-xJuTwpoQLMVw&gpic=UID%3D00000f9e4be1db4c%3AT%3D1732523757%3ART%3D1732523757%3AS%3DALNI_Ma0lxfKHcjkFXxxRO-o6B_4Kh8Drg&abxe=1&dt=1732523759296&lmt=1732523608&adxs=1180&adys=10441&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=10&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.register-herald.com%2F&vis=1&psz=300x622&msz=300x17&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmpbbDxgU18sctqV69Oe738dDANb34wpUlWxMX6GbRIKJD4bryj3FTEfWPZtZKj-NrAS5l5kQphYn0bGIVN0fpnvq8EJA%2CAOrYGskTO_aOfTokb2XgszpN3aEDiZJtl-HEUhjk4_rH01E6iyC9PPGiXmJXVNuJ_pyd6-Vesabdv74vXOmF2YY9iQC6MKUDnA%2CAOrYGsn3NMC92Qi3rMb_oUY90AjKQMRKM9HO5KTTuApDEpEwL9RmjbY2BbNab5NjsWzFIwQYWMpSCBnd9JxafF4k7e_rXa2iyA%2CAOrYGskUQ6KnAo4V31z6QVog--5nUTW6dRCSG9HSht4O2tEWRqibf0CUAHAQoUCQcwwnnoJrx5OxqdNYP8KUiUiLq8SCQwEnrg%2CAOrYGskXYafqloL0aNohL8-A9-F7_zRqLIJwJBI5nNbOeHbj_B818slq0z33DB7VTZBM5YRD7uJf6ow5uAX0E_IrM-5ddhRzjg%2CAOrYGskJ0fIv3mDdki82E1to_BHZFEy7zJH2_ffbjudNr3F3v1ND2jen7sGr7rRGg7KWCUD6aTwIgNaNpZx6DSKiGjg342v2tg%2CAOrYGsnc0yD51fOQQLWQcOKRcXYCZeaA9aFhIxLosILMssfAtEARDD9MGKDDz3HB02JMgod_ITeH6KdM4hi1H-08RD4xvCTPYg%2CAOrYGslVi8PBG0I6C2TCrGeWGPzWBuB8rwLlhagKDWLtBaGEpL6bkUNcYRDrFHy_0AtFG6zx0bJhS1li2O1K0gB1vHdSnpzgJQ%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&td=1&egid=7353&tan=4e8ed457-507f-409c-87f0-689c841b35e4&tdf=2&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1732523752190&idt=2384&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Df669af5a-b74f-41af-8315-db4c9d941d1a%26floors_id%3Dlearning%26floors_hour%3D8%26fs_placementName%3Dregisterherald_siderail_300x600_sticky_btf_3%26fs_ad_product%3Dbanner%26fs-sf-uuid%3De66a2a9d-fe37-4228-9f9d-bdd03d6d41f9%26fs-sf-index%3D1%26amznbid%3D1emctts%26amznp%3Ddscq9s%26amzniid%3DJLReDLyhtSgX_O6qT0kQ19oAAAGTYnaWCgEAAAJYAQBhcHNfdHhuX2JpZDIgICBhcHNfdHhuX2ltcDEgICCmWzKD%26amznsz%3D300x250%26amznactt%3DOPEN&cust_params=fs_session_id%3Dfa45480c-aad7-45d5-918a-a17f39d92388%26fs_pageview_id%3D016f25009908806ea26c4c964f8985f7%26fs_version%3D6.34.1%26user-agent%3DChrome%26fsitf%3DY-YYY-YYYY-YY-NY------------------------%26fs_liveintent%3DY%26section%3Dhomepage%26floors_user%3D1%26floors_rtt%3D23%26fs_clientservermask%3D23032322200233320002202%26fs_testgroup%3Doptimised&adks=4153261017&frm=20&eo_id_str=ID%3Dd0e031f0ae965744%3AT%3D1732523757%3ART%3D1732523757%3AS%3DAA-AfjaQrZwQdoXUdx-m6x1lOJyi
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
e746dd744aaef29a2be87c2474d12c79c1a0dea6e926d657d606e9345584b1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
google-lineitem-id
6831607576
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 25 Nov 2024 08:36:00 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138497176847
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.register-herald.com
content-length
19569
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 51A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?length=924&loaderinit=1732523757663&nonreq=1732523757664&nonload=1732523759321&srvcstrt=1732523757656&srvcend=1732523758087&lid=1&sdkv=h.0.0.0&palv=1.32.0&e=95322027%2C95326337%2C95331589%2C95332046%2C95336736&id=pal_html5&c=544241495226462&domain=www.register-herald.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 8FA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts1pd1iq4QWZD2ei8FehpppokuzWr5o4VaxzF8yhEnW83co3FdF045SAG3BbjBXED9UvVO8qQzQZ3Ya5o3gzzOsCQBFSKk0uJu9riqSwYGbw6FUMst4dL_S-k17KYeuOiccdeFCgZrdnNqpUyFgvNcE1kbBPvJjnrAdnOHhpZoBK3W8H_x-fy8XfohEfABBjtkOSgWQfuZTp5B7Q8Z4yQY-bKIG1AH-lcuAWWNH8A2fPoG34kzK1xhQkVXnnuMvWUnpdsj-m0erFCr3OCRdnUdn19LYoL88reKer_rmYh8ZNtsCwLgreH5b3JXyOVlgh52nThhex8pnXjKqXzQPS-V9C8YEVInJTG3uFIOM5PuHA0RomiQgG1FsfAGta350aGZzA8KFQ-BN3T_ddk2vmvWCUPB2EVkDCBIzWktMvMWZm8zNuLB0qEx0mhDGw94TuujwLpj&sai=AMfl-YTS1bgJXiIwjmzA15wnBRu8GpWGLCJnXjk42MwO_zjao86leKPlrdiQvUEiNc96xB7ArrmC5pS-fbM1KiSWsNHc1fW66_8-_hNXvwpbnZBAj1j9uZaYMfpYH3zQ&sig=Cg0ArKJSzH7yWRwne8XzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/ Frame 8FA2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
11581923691383104463
age
76
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:34:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:34:43 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9052
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8FA2 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
6037038067888185022
tpc.googlesyndication.com/simgad/ Frame 8FA2 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6037038067888185022?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b19839fe4ce34d785425e7621679f4c9e0e342a44bd86f301e81f81f4f400113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
405036
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 20 Nov 2025 16:05:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 20 Nov 2024 16:05:23 GMT
last-modified
Thu, 29 Jun 2023 18:18:54 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
167401
x-xss-protection
0
server
sffe
container.html
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A3F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 08:35:57 GMT
expires
Mon, 25 Nov 2024 08:35:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 8FA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst58hKdB54IYxrocDvuTybBLmaHBOzm5LQFRq08PKDEjwlN9SjfUGurFXWMJObt6CdDnTUx6FIowAmHnSohqVIdQWqz_QrUu90JLuUrZBwl9E1kLY0h-GwYir6sZdNydnwZrYOQqsVQbQYXPPIe64O6DYGrbFwgNH9FS9-u8e5Eyv0gsO019zQmjxZJnj_xnkitcd6gi4FDX_QyAYRwd2mGsG45Dso4rKX5tAQshOXbBnDpqjIA5b_KnDaQP5L83z_X6ZXaGPFjEgBotUQWvV5d8tSuHtzAHcrrXfkCFR8XjS2NSHrlAySFHFxePF1d5hsLjymisyNjlmTdQY6u6_E17Q8wQRJL-P9Ly_QbgCGZUozI2e7dKVAy49M6Qxj1vTUywZ1KPQeSWK7pbgX76F5D7Hu9oUFx4n0UTzS9Am8CU0-HgFTDqnt3o2TWLQc4eK11SpfX9dA&sai=AMfl-YSHncTQVqgp4cL-a1mMABaM9nL_bavfVDtga_rueNoylw49v1vnGIqKxvbmuzMv9HgqazBswu0eZDGLMICsv_7gXJiCF3sYsYyJG8KVaDmnD7Wibau_9OSfNkiv&sig=Cg0ArKJSzK7wV18vSExeEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:35:59 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 8FA2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c039f0a1f814c3265903cbd02794156260d6eafef702deb2947f3580ccd670eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:35:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
prebid
id5-sync.com/api/config/ Frame 51A2 		167 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
2940655625cbe9168662c87a72288297d67e21a12ca7b63954003dc7bb0410f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ Frame 51A2 		0
0
id
id.crwdcntrl.net/ Frame 51A2 		152 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
98.83.224.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-83-224-108.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1599a22a3d851f2f14feee3e2a9b77ecae22314366932098ae578d3583c7e71b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.register-herald.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
152
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
application/json;charset=utf-8
x-server
10.40.48.193
server
Jetty(9.4.38.v20210224)
rid
match.adsrvr.org/track/ Frame 51A2 		108 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f48ddd69967259832586624a6d57c094fb697b865e442bf3e89fed148b708fb0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Wed, 25 Dec 2024 08:35:59 GMT
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 08:35:59 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
activeview
pagead2.googlesyndication.com/pcs/ Frame F30B 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuugWoxBKExDyNi3I6VtvRZLkBuP1f6hdqYnlwZqaeZHrxr5UkQdxPVX7XIT3rC__OpeURJE1j_zAV5AXPNbiMqpy7Im7biARyRP9sWUTABLB8kcRlk36jzfXgG59KnZ7nKEYMIgJHCRtt-E6jnOlANY7toEEGJTvjbxaUADT2H8tzMrTnokmbB8TikMOMDPNXO0w&sig=Cg0ArKJSzK81sL-mjAzLEAE&id=lidar2&mcvt=1012&p=698,1180,1298,1480&tm=1399.599998474121&tu=387.8999996185303&mtos=0,1012,1012,1012,1012&tos=0,1012,0,0,0&v=20241120&bin=7&avms=nio&bs=1600,1200&mc=0.82&vu=1&app=0&itpl=3&adk=2376654946&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2845655800&rst=1732523758245&rpt=698&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 25 Nov 2024 08:36:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
v1
lb.eu-1-id5-sync.com/lb/ Frame 51A2 		45 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_29.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.register-herald.com
date
Mon, 25 Nov 2024 08:36:00 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
212.json
id5-sync.com/g/v2/ Frame 51A2 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0969 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrzClJWW7nz3hxGCjMzw8ebDPwnA-DB3ycC9UvGpR_RuUnTmTzpBq-CHS_AgSGCiJZdXFOAdnV7zmcOzw4b0cGt6w-AASwsa4HiCKJPkV5JgBn4331oFX8GA3sccGChwrZJ7_0TPeVnKb5WLGFm_24rvhNiAB_glPkh3-twA-_oUuIw_Nrw8S1L-1iVqS4IPznZgSzKTsVzCaGTeb28Z9jJ7sQScnWLfWm3ir6lWFsAfZmHqp2Uv_8DAQQtWhbu5fdgOn1yGyA2QuYYD2snDjUcIdR8GjmXuMa3MoXjokNOYTmp7TQ2mzI84BUkgvtUkGiWizLu1l9fc2gG_K6ufbb-R0LnidZ5XRNr59nUCovvmGHYHWSWhMNlWulpqCQBKQJEJHntrXn38YXLt4algA15kE7Ja33rM7XB08OHK5kclRSDkOZMziA_--LApbkm5zqEObo&sai=AMfl-YRo9uwuuEXHe7LADR-korvTqApPs_gCFhcILkKc0PHlBbcSHlu4M85Ms1LGwMzgLzpx57FY42lHHLlHieJmU5HYwULohKTt-qUy-OoOrNxgVc254o2Y4wm3kQ4&sig=Cg0ArKJSzAwjZ4pI9jY9EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:36:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/ Frame 0969 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241120/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
47
x-content-type-options
nosniff
expires
Mon, 09 Dec 2024 08:35:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:35:11 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0969 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-encoding
br
etag
12158714353530318320
age
419
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:28:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 08:28:59 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69014
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0969 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:36:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
1841860998714219934
tpc.googlesyndication.com/simgad/ Frame 0969 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1841860998714219934
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f1.1e100.net
Software
sffe /
Resource Hash
87ef0c1a19a14f4bbd668ae8c9c727dd27dbb375b9f47ca4ee44f56da4b01293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

age
255078
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 09:44:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 22 Nov 2024 09:44:42 GMT
last-modified
Thu, 14 Nov 2024 17:02:54 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
51732
x-xss-protection
0
server
sffe
truncated
/ Frame 0969 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9b976a601ff5db100a2280eeeefaf00a1127c6917abcc2942dbb94e1b1d8919

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0969 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 08:36:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 0969 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW3bvR2GzKxIdWSw6v272ahDloRbmdOc8XtQ8JIAsxzDNq7iwm8Ks9Rxtjn5GOtwf-BiufYLSNQ79YrvbEmOkfVs8XHtY7nDfVxEoIMgQssrOqCMze52fV6Vtf5xA81_7mgWChByr4KUWCtlvH0jOY1fa7TsLbYNLwxSC5TpPjknBOEQ4sEKbrXpOjWrQ1FVFw66Sfy3w_siroMT4DRgwWnZ7PGWIXUNoKc6fTs5gH_9KxParJfvELfhP9qfiNkPan3OYFUYdEsffjPoCCH6JrgXMeusezz6MN8VAJH5LfIDdUdo-GYzGYJbrzf7fjEoQ_yUNDszYwSOn4YXMI0yR8we9Clz7AmFwU69SnNkHln0dadqagv9-1H0HKbGv3yUtTkxaRGnn4kwSAiw7aZmkKtoCZAHPkaNqBbouX4Wis_SskaD0VmUTg7jzbXSTaa2SxEWUyrhk&sai=AMfl-YQRcuQsLRxbwoI6umpFvB8h7x_m9ueB6-QQ5OvJFy31xaGOWCBdntAZ8i1FliHUxdDoblZwR2I3TtnKgbAjZeQhLypuEj75sDfP7L6qF97nYPU6X9aQxmB05yM&sig=Cg0ArKJSzG3AwRfCMLbdEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 08:36:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 25 Nov 2024 08:36:00 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:36:00 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pd
us-u.openx.net/w/1.0/ Frame C2D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.register-herald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
737
content-type
text/html
date
Mon, 25 Nov 2024 08:36:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: www.register-herald.com
URL: https://www.register-herald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-goog-metageneration
2
access-control-expose-headers
*
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
cf-cache-status
HIT
etag
W/"326d6cbd977657e1205bd616d1f2faca"
age
75
content-encoding
br
x-goog-stored-content-encoding
identity
expires
Mon, 25 Nov 2024 09:35:56 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
1193
server-timing
cfExtPri
date
Mon, 25 Nov 2024 08:35:56 GMT
content-type
image/svg+xml
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
vary
Accept-Encoding
priority
u=3,i
x-guploader-uploadid
AFiumC5Fj7HE3MUckBlXGDleu2s1GvimNm08i9dZgxIE0WaxEbUxm_jxQq3pb8YC8kHwso4-fxnBbX7VKA
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e804ee41b03aa95-YYZ
access-control-allow-origin
*
x-goog-generation
1599584677716817
server
cloudflare
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:36:01 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
1.js
register-herald.com/content/tncms/ads/_popup/ 		0
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
7746d371a3cfeb7979a07fded0ae3112996aec48114324871c1b8519b4884dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13187
date
Mon, 25 Nov 2024 08:36:02 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
9da4da3d-113f-49c4-98c4-1e918c620665
https://www.register-herald.com/ Frame 		0
0
372cfbb9-922d-4476-af6b-04d15c37ed24
https://www.register-herald.com/ Frame 		0
0
collect
www.google-analytics.com/j/ 		1 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2059270248&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.register-herald.com%2F&ul=en-ca&de=UTF-8&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aDDAAEABAAAAAGAAI~&jid=172093234&gjid=402341027&cid=868779135.1732523755&tid=UA-3850501-28&_gid=1907392739.1732523755&_r=1&gtm=45He4bk0n71MJDQXDv71530764za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cd1=868779135.1732523755&cd4=false&cd5=false&z=176627708
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.46 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.register-herald.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:36:02 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
icon.ico
www.register-herald.com/content/tncms/site/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.register-herald.com/content/tncms/site/icon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
7c99db3b62d5db32c9ae45dfec0e4664f1de068a8300c179aabeec28edb8c315

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=43200
etag
"53fce901-57e"
age
25455
accept-ranges
bytes
content-length
1406
date
Mon, 25 Nov 2024 01:31:46 GMT
last-modified
Tue, 26 Aug 2014 20:07:29 GMT
content-type
image/x-icon
p
i.simpli.fi/ 		798 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=107348&cb=sifi_att_42656._hp
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.171.47.125 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
125.47.171.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
2439539a35daa3fcd3f09e41646ad7d5ab116d44b63871ee8a940da9efe74a40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
openresty
tcx-ping.php
japfg-trending-content.appspot.com/ 		207 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&h=www.register-herald.com&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2014 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
53675bf2b404d1ae8708696dadafdb9c1815087b25d10ee078f45948e1a491bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=364CFF4A1CB34C47A26FFA78C50922CF
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=43360bbe03&gdpr=0&gdpr_consent=
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=43360bbe03&gdpr=0&gdpr_consent=
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-fastly-to-nlb-rtt
29305
date
Mon, 25 Nov 2024 08:36:02 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache, must-revalidate
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=43360bbe03&gdpr=0&gdpr_consent=
via
1.1 3a689aadb5700d6900d339291d232698.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
ir0zLvoMm48RqhGliqbYYO0ND4ozz_ezg1qSsVtPcSr_LXzKrlzNBA==
date
Mon, 25 Nov 2024 08:36:02 GMT
x-amz-cf-pop
JFK52-P7
server
CloudFront
RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/364CFF4A1CB34C47A26FFA78C50922CF
  • https://sync.targeting.unrulymedia.com/csync/RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Mon, 25 Nov 2024 08:35:44 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005
date
Mon, 25 Nov 2024 08:36:02 GMT
pragma
no-cache
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=364CFF4A1CB34C47A26FFA78C50922CF&dongle=yf3
37 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=364CFF4A1CB34C47A26FFA78C50922CF&dongle=yf3
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://eb2.3lift.com/xuid?mid=7969&xuid=364CFF4A1CB34C47A26FFA78C50922CF&dongle=yf3
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=364CFF4A1CB34C47A26FFA78C50922CF
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H2
Server
2600:1f18:612b:4200:341b:e3d9:6b0a:5e23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif
server
nginx

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://simplifi.partners.tremorhub.com/sync?UISF=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=364CFF4A1CB34C47A26FFA78C50922CF
95 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=364CFF4A1CB34C47A26FFA78C50922CF
  • https://d.agkn.com/pixel/10751/?che=1732523762770&ip=167.114.209.103&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D212600605077009885144
  • https://um.simpli.fi/aa_px?sk=212600605077009885144
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
34.170.123.2 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
2.123.170.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
43
date
Mon, 25 Nov 2024 08:36:03 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
location
/empty.gif
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:03 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=364CFF4A1CB34C47A26FFA78C50922CF
43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H3
Server
18.164.124.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-48.jfk50.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 730892e4ac77b2223b5a9c9e3efa1152.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif
x-amz-cf-pop
JFK50-P7
x-amz-cf-id
D38fx-LNUosg6CRcavA0md_2PW5FlxsclLhhlFnG0eMhOtVcQ7jpxA==

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
tracker.rtb.admanmedia.com/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:364CFF4A1CB34C47A26FFA78C50922CF
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=158481&pmc=1&pr=https%3A%2F%2Ftracker.rtb.admanmedia.com%2Fsync%3Fid%3D1&uid=%24%7BPUBMATIC_UID%7D
  • https://tracker.rtb.admanmedia.com/sync?id=1
  • https://cs.admanmedia.com/1ec842ea24536b0173f75e91dc0e3a4d.gif?puid=b5b68df0-4cfb-70dc-3438-bfe26ab6afbb&redir=https%3A%2F%2Ftracker.rtb.admanmedia.com%2Fsync%3Fid%3D6%26uid%3D%7BUID%7D
  • https://tracker.rtb.admanmedia.com/sync?id=6&uid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
35 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.rtb.admanmedia.com/sync?id=6&uid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
Protocol
H2
Server
172.111.38.86 Reston, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
86-38-111-172.clients.gthost.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
permissions-policy
browsing-topics=()
access-control-allow-origin
*
content-length
35
content-type
image/gif
access-control-allow-headers
*

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Location
https://tracker.rtb.admanmedia.com/sync?id=6&uid=5a61301c-73bf-46b7-892b-0f7fdcb6e151
Pragma
no-cache
Connection
keep-alive
Expires
0
Content-Length
0
Date
Mon, 25 Nov 2024 08:36:03 GMT
Server
nginx
generic
sync.ipredictive.com/d/sync/cookie/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=364CFF4A1CB34C47A26FFA78C50922CF
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=fec76b34a81542c7c8bb56dc2ecf64&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume4016_7441696988127931396&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmVjNzZiMzRhODE1NDJjN2M4YmI1NmRjMmVjZjY0&gdpr=&gdpr_consent=&gdpr=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEN5OcoTEt_xJuVeT5-91X08&google_cver=1&gdpr=&gdpr_consent=&gdpr=null
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=&gdpr_consent=&gdpr=null
  • https://ads.stickyadstv.com/user-registering?userId=AATp2U7OiG4AABbIeuzZiQ&dataProviderId=817&gdpr=null
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/fec76b34a81542c7c8bb56dc2ecf64?gdpr=&gdpr_consent=&gdpr=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-duG5JNpE2oMH_XMQoNwEA9NN1KI9aOXPo9NElt1p~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e8e89820-78a3-4a2a-829f-578334a1b058&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=810980635046800621&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1580%26userId%3D$UID&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=819027098221802988696
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1592%26userId%3D%23PMUID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1592&userId=C2D9FF3A-462C-4565-A74E-96CF084FA79D
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=B8d2sRSQ1TfuzB5
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4947274&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
0
0
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=364CFF4A1CB34C47A26FFA78C50922CF;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=364CFF4A1CB34C47A26FFA78C50922CF;mimetype=img;sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTY4ODg5OTI4MzY5MTkyMTI4MjY=
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOMESkEWqh29SXPsNzPhx3Q&google_cver=1
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOMESkEWqh29SXPsNzPhx3Q&google_cver=1
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
anserver
gapp5.c.datonics-gcp-01.internal
expires
Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin
*
alt-svc
clear
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-length
43
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif
server
Apache-Coyote/1.1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEOMESkEWqh29SXPsNzPhx3Q&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
315
date
Mon, 25 Nov 2024 08:36:03 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=364CFF4A1CB34C47A26FFA78C50922CF&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=364CFF4A1CB34C47A26FFA78C50922CF&j=0&xl8blockcheck=1
0
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=364CFF4A1CB34C47A26FFA78C50922CF&j=0&xl8blockcheck=1
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Mon, 25 Nov 2024 08:36:02 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=364CFF4A1CB34C47A26FFA78C50922CF&j=0&xl8blockcheck=1
access-control-allow-credentials
true
content-length
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif
x-powered-by
Undertow/1
server
nginx
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=364CFF4A1CB34C47A26FFA78C50922CF
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H2
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 25 Nov 2024 08:36:02 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=364CFF4A1CB34C47A26FFA78C50922CF
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
HTTP/1.1
Server
3.82.182.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-82-182-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Date
Mon, 25 Nov 2024 08:36:02 GMT
Connection
keep-alive

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://sync.bfmio.com/sync?pid=141&uid=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=364CFF4A1CB34C47A26FFA78C50922CF
27 B
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
HTTP/1.1
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 25 Nov 2024 08:36:02 GMT
Content-Length
27
Date
Mon, 25 Nov 2024 08:36:02 GMT
AK-GRN
0.9902c417.1732523762.3a3d853
Content-Type
text/html

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://stags.bluekai.com/site/29931?id=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tpid=364CFF4A1CB34C47A26FFA78C50922CF
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=364CFF4A1CB34C47A26FFA78C50922CF
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H2
Server
98.83.224.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-83-224-108.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif
x-server
10.40.0.205
server
Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=364CFF4A1CB34C47A26FFA78C50922CF
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H2
Server
3.220.46.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-46-253.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ce.lijit.com/merge?pid=2&3pid=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=364CFF4A1CB34C47A26FFA78C50922CF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=810980635046800621
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=810980635046800621
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, private
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=810980635046800621
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
13c608f9-3791-4a2d-b019-3f20eec871f8
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 25 Nov 2024 08:36:02 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
www.google.ca/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1732523762444&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
  • https://www.google.ca/pagead/1p-conversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDs...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMIzpi6-4n3iQMV2lBHAR2vEBFQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5yZWdpc3Rlci1oZXJhbGQuY29tLw&is_vtc=1&cid=CAQSKQCa7L7dm5ETyKEYvMd576EHvszjbnVAfw5YD5G6RIlfFY_wyzVtydYH&random=3739319226&ipr=y
Protocol
H3
Server
142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 25 Nov 2024 08:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.ca/pagead/1p-conversion/1026675585/?random=2126621098&cv=7&fst=1732523762444&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMIzpi6-4n3iQMV2lBHAR2vEBFQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiBodHRwczovL3d3dy5yZWdpc3Rlci1oZXJhbGQuY29tLw&is_vtc=1&cid=CAQSKQCa7L7dm5ETyKEYvMd576EHvszjbnVAfw5YD5G6RIlfFY_wyzVtydYH&random=3739319226&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 25 Nov 2024 08:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.170.123.2 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
2.123.170.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
date
Mon, 25 Nov 2024 08:36:02 GMT
x-content-type-options
nosniff
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=364CFF4A1CB34C47A26FFA78C50922CF
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H2
Server
68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
167.114.209.103; 167.114.209.103; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
d6f748c3-358e-488d-9f57-74ce4ed3828f
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 25 Nov 2024 08:36:02 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://ib.adnxs.com/setuid?entity=66&code=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=364CFF4A1CB34C47A26FFA78C50922CF&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=364CFF4A1CB34C47A26FFA78C50922CF&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=364CFF4A1CB34C47A26FFA78C50922CF&expires=365
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=364CFF4A1CB34C47A26FFA78C50922CF
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=364CFF4A1CB34C47A26FFA78C50922CF
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=364CFF4A1CB34C47A26FFA78C50922CF
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
content-length
142
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/html
server
openresty
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESECF-1Lr_rVUKeEx0lFg0sNQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=364CFF4A1CB34C47A26FFA78C50922CF
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
34.170.123.2 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
2.123.170.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
no-cache
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 08:36:02 GMT
access-control-allow-origin
*
date
Mon, 25 Nov 2024 08:36:02 GMT
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control
no-cache, must-revalidate
location
https://um.simpli.fi/g_match?id=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
229
date
Mon, 25 Nov 2024 08:36:02 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/register-herald-com/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.register-herald.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.register-herald.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
date
Mon, 25 Nov 2024 08:36:02 GMT
content-type
text/plain;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4bk0v887101457za200zb861227858&_p=1732523753096&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=868779135.1732523755&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&dl=https%3A%2F%2Fwww.register-herald.com%2F&sid=1732523756&sct=1&seg=0&_s=2&tfd=11529
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.register-herald.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.register-herald.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:36:03 GMT
content-type
text/plain
server
Golfe2
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/ 		0
0
liveView.php
live.primis.tech/live/ 		0
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpmMwUlMmp1NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJaN1YxyxPXq3ql5lZWqcp3Rypv1bZXJuoGQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lNwA3JTNBNTMjMCUmQTYjJTNBNmt2NlUmQSUmQTxzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuYMTEyM0IyMwBMnW51rCUlMHt4Ny82NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMmEhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY3NDQmNzVwY2E3Y2EzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNmMlNTImNmY1NwQjJaVcZD1TZWgcozRiU1BfYXyypwY3NDQmNzVxMTyzMTQzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaJyZ2ymqGVlLWuypzFfZC5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWykJaB4nWQ9NwIkNmU1NTxkNwt3NWIkMwQjYzE3ZTQlOWRyZwxjNDM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.238.80.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-80-80.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

x-cache
Miss from cloudfront
cache-control
no-store
content-encoding
gzip
pragma
no-cache
age
0
via
1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-amz-cf-id
G85cgp90k787-dYbNS2JFyUGP8RugJsndf4L7G15sFl0IL8khQQ1rw==
date
Mon, 25 Nov 2024 08:36:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
JFK52-P5
chunklist_480.m3u8
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/ 		377 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.116.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
21cdf26ae6e5707dde7d53e32820cd09434665fe1962d03bce3d01aa945e62c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"f3be68853307d68ab9b5af15b539cba2"
age
10566
access-control-allow-methods
GET, HEAD
expires
Tue, 26 Nov 2024 05:39:59 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
nlFH1MugBtXeaju3FcjNsa8eHgDb2GY_zLcN52gSfZGv6zQ8afygmA==
date
Mon, 25 Nov 2024 08:36:04 GMT
content-type
application/vnd.apple.mpegurl
last-modified
Sat, 23 Dec 2023 01:19:38 GMT
vary
Accept-Encoding
cache-control
max-age=86400
via
1.1 ec22576e88e707bf58c11e0ee75d019c.cloudfront.net (CloudFront), 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
377
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256
883f8c6f-fdb6-40a6-a943-03b190544747
https://www.register-herald.com/ Frame 		0
0
w_480_00000.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/ 		447 KB
448 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.116.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
08f0f3e9f8578d63e4d901653a4b893cd0f8a8ef2dfc6eb8ee84e8d7bc2ed10a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"a13863b6a08ca912d3a7f7f1acf7a81a"
age
93575
access-control-allow-methods
GET, HEAD
expires
Sun, 08 Dec 2024 06:36:29 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
-w8oYwcaIvCdtWYuiadRHisJjeFi8poKhTOiw6JFqKBTICN3aQH3VA==
date
Mon, 25 Nov 2024 08:36:05 GMT
content-type
video/mp2t
last-modified
Sat, 23 Dec 2023 01:19:38 GMT
vary
Accept-Encoding
cache-control
max-age=1209600
via
1.1 924c3fd5fff04ef5cac09fbfc470e618.cloudfront.net (CloudFront), 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
457780
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256
w_480_00001.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/ 		422 KB
422 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.116.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f87e26402f28b2796a1d0a1e9ea3b9bafff588bdc62826a58b0542e5a90bc158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"7cc3a5c5bce74d1d7ff609ae03f8f25b"
age
93575
access-control-allow-methods
GET, HEAD
expires
Sun, 08 Dec 2024 06:36:29 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
ioPDwpx-M2sXnCIUIjnIbRKLKHKgggg437xVBUe8ZQXCBnPCo7G8IA==
date
Mon, 25 Nov 2024 08:36:05 GMT
content-type
video/mp2t
last-modified
Sat, 23 Dec 2023 01:19:38 GMT
vary
Accept-Encoding
cache-control
max-age=1209600
via
1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront), 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
431836
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256
w_480_00002.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/ 		489 KB
490 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.116.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c674558de45e46dee5232833765b383956c69c167abfa7a91e18fae869ad8b1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"648605c4587d1047273bed04b679c206"
age
93576
access-control-allow-methods
GET, HEAD
expires
Sun, 08 Dec 2024 06:36:29 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3P1Muu7p1Efr8GQqulgpr0KLxqoqKR7W6R2WJaZxIQ294u7EtVvKlQ==
date
Mon, 25 Nov 2024 08:36:06 GMT
content-type
video/mp2t
last-modified
Sat, 23 Dec 2023 01:19:38 GMT
vary
Accept-Encoding
cache-control
max-age=1209600
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront), 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
501020
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256
w_480_00003.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/ 		517 KB
518 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.116.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4d59e89a71de47b143c555172cb9c64db139072ba8587e0de84c9ac571521513

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"886e273694fb0169e4569430e5a8cef3"
age
93576
access-control-allow-methods
GET, HEAD
expires
Sun, 08 Dec 2024 06:36:30 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
-bHZbf89crqS8kDpMYSnn2DEqB9AgksXAa7j8GsmQutikqJSBlQBBg==
date
Mon, 25 Nov 2024 08:36:06 GMT
content-type
video/mp2t
last-modified
Sat, 23 Dec 2023 01:19:38 GMT
vary
Accept-Encoding
cache-control
max-age=1209600
via
1.1 1717f995f2ca7c5df4d0a972f90c1564.cloudfront.net (CloudFront), 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
529784
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256
w_480_00004.ts
video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/ 		448 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.164.116.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.register-herald.com/

Response headers

access-control-max-age
604800
etag
"e2a29eb7d66a248e264fad76e03743da"
access-control-allow-methods
GET, HEAD
expires
Mon, 09 Dec 2024 08:36:05 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
KhFUCfPDtDwe9W7JvuzQNJeRDFsDntKG3mIFo8zJDNJ2-rGL2o0FNQ==
date
Mon, 25 Nov 2024 08:36:05 GMT
content-type
video/mp2t
last-modified
Sat, 23 Dec 2023 01:19:38 GMT
vary
Accept-Encoding
cache-control
max-age=1209600
via
1.1 dc81af6f14945ade0fd126a735f82ac2.cloudfront.net (CloudFront), 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
523392
x-amz-cf-pop
IAD50-C2, JFK50-P6
server
nginx
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/fbf4f5df-388a-4599-b185-1ce1e10b4b36
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/dc20b75e-46eb-4cc9-b513-539a92befadc
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/990dc7fc-af3a-4a0c-924b-8d13821e050f
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/1f25092f-00fb-4520-a6c5-58e63c3b918e
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/c01e536c-87cf-4419-b3c3-18c11d08a7c6
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/5d573fee-ac77-42e0-b881-59f2977a273b
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/0a511551-cdec-4c0d-9040-df9d04d6cdf2
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/36866ea8-5779-4eb3-94f5-794057c8778b
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/45520b8e-7a74-40bc-b443-540848ffccda
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/93e28562-a845-40b6-811f-0b9d63bafc04
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/3103905d-5050-4b63-9873-94103782dbcc
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/dd9a2b9c-7c05-4d05-bfd9-fc5f7dcba3ba
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/8f2d9ca5-a694-416e-b7b7-52e35ed96bf2
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/7258cd8b-7dad-4495-ba8e-ea0aba663d36
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/af4c3659-0015-4fe2-9dec-c3ce1d82480d
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/4c89f203-752d-46c4-a729-2ee4a7581c5b
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/a66e5d49-7aaa-4387-89ac-4f37ab801ac5
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/af32b8c2-fbde-42a6-9f31-b9bc33710559
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/7f6bd2c5-494b-4904-9d8b-456fe3589ecf
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/a6909474-636c-49e8-ba7f-9f23dbffb137
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/49918b52-4077-4f35-b90f-56795b8b1d7e
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/e43ad970-87b2-4a8d-b7a1-bde9e5beb6cf
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/40e16943-66d5-4e08-946d-6d797275674b
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/882.json
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/882.json
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/159414c0-b15a-42ba-bde6-fea9bf50fb40
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuqihE5XnTFa9FxeL-5r3yJarY16Gi0lbhzBjCV9tEtsk6wmCz5n_bdTIggLLxydjfpHpKfcfj9sS-NaZhjWhm04dNSw
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKKoW-pkaFMy6Lib2CZYCnUUljxYXnzTaVi51rGJq5q_uA4SXJ87LG14kBJzh4M7bSfV35UxPvhnI4rnrsgA3eBVKzqg
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgI8DWHz36inNQrQ7ick9y5I4vIB78VtiEQ_kAODYaXFC7DC5Han0AvgI_QOkzd_9kLFFtQKePiGoJ7s-vevJFZgrjyw
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-WDI1YUyO_932NB1AKOAriMzULgnzbOVf4tXyIgbCmiFRGS9B7wKtmVoR74kScUFdvvG-lL2TayNU-9FUWLhC4frROQ
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBJIRryPlXmXJEcC08Ee2QEsvzX0WOjhYP1tlpSmvzKDE1Koo-wcuLOveaQ9vznunTsb8jncaDFp5r75FmcniuywbQzw
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Domain
id5-sync.com
URL
https://id5-sync.com/g/v2/212.json
Domain
register-herald.com
URL
https://register-herald.com/content/tncms/ads/_popup/1.js
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/9da4da3d-113f-49c4-98c4-1e918c620665
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/372cfbb9-922d-4476-af6b-04d15c37ed24
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4947274&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
Domain
video.primis.tech
URL
https://video.primis.tech/uploads/cn1/video/users/hls/22235/video_5df2c67d5a683172725343/vid6585d027bec9f430708534.mp4/chunklist_480.m3u8
Domain
www.register-herald.com
URL
blob:https://www.register-herald.com/883f8c6f-fdb6-40a6-a943-03b190544747

Verdicts & Comments Add Verdict or Comment

579 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 function| BigInt object| dataLayer function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset function| pageLoaded number| TNCMS_DotConnect_Tile object| TNCMS_Used_Ad boolean| TNCMS_PAGE_LOADED object| oReq object| aTemp string| sTemp string| regionType object| poll_config function| bizmarquee object| promo_design_config function| Osano object| regeneratorRuntime function| __uspapi object| flippxp function| admiral object| googletag object| freestar function| TNStats_Tracker object| TNTracker string| adType object| _pubfigInstanceManagerConfig object| sifi_att_42656 function| 4dm1r11545242527 function| handleMessageFromNative object| google_tag_manager object| google_tag_data object| fsprebid string| GoogleAnalyticsObject function| ga object| _qevents object| _sf_async_config function| ta_popupCallback number| ap_set_scroll number| ap_scroll_distance object| ap_popup_img function| ap_scroll_div function| ap_stop_scroll function| ap_create_popup_img function| ap_link_hover function| ap_get_popup function| ap_move_popup function| ap_hide_popup function| ap_show_popup function| removeDivIfAdListNotExists object| premium_text_ads function| shuffle string| adExists string| backgroundColor string| primaryColor string| secondaryColor string| tertiaryColor string| moreText number| numberToDisplay string| headerText boolean| boldFirstLine boolean| showWrapper object| accordionAds object| ggeac object| google_js_reporting_queue object| fsprebidChunk object| _pbjsGlobals object| mnet function| ta_getPaywallDomain function| ta_isMachineIdValid function| ta_createCookie function| ta_createCookieInDomain function| ta_readCookie function| ta_eraseCookie function| ta_eraseCookieInDomain function| ta_checkCookie function| ta_setValue function| ta_getValue function| ta_getCookiesByMatch string| ta_mac_id object| ta_mscript string| paywallScriptSrc string| ta_rnd object| body function| quantserve function| __qc object| ezt function| loginButtonLink function| subscribeButtonLink function| gamesButtonLink function| cookiePref object| gptAdSlots function| ta_catchEscKey function| ta_releaseEscKey function| ta_onStop function| ta_showContent function| ta_resetInterrupted function| ta_resetInterruptedTimeout function| ta_loaded function| dmpAction function| stick_in_parent function| tntDmpReactiveLotame function| tntDmpReactiveSegment object| google_reactive_ads_global_state object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| analytics object| litHtmlVersions object| gaGlobal object| gaplugins object| gaData function| postscribe object| google_tag_manager_external function| load_script object| confiant object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _snup function| ahmsll_release boolean| ahmsll number| ahmsllfail object| apstag function| _hadron object| edktInitializor string| ahm_tvx_placeId string| ahm_tcx_siteId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sPlayer string| ahm_tdx_sURL object| sRotd string| myPropertyId object| clientSettings object| google_tag_topics_state string| ta_MACHINE_ID string| ta_sessionString boolean| ta_supportStorages object| ta_configJSON object| ta_rulesJSON object| ta_productTypesJSON object| ta_subscriptionTypesJSON boolean| ta_showWelcomePopupJustOnHomepage number| ta_periodToShow string| ta_showCustomPopup boolean| ta_showLatestPopup boolean| ta_showPaywallPopup boolean| ta_isFreeProduct number| ta_validateRequestStatus string| ta_productType string| ta_userSubscriptions string| pSKValue string| challenge object| ta_MIN_THRESHOLDS string| ta_externalLoginDomain string| NO_COOKIES_POPUP_TRACK_NAME string| PRIVATE_MODE_POPUP_TRACK_NAME string| WELCOME_POPUP_TRACK_NAME string| FIRST_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PRODUCTS_LEFT_POPUP_TRACK_NAME string| ONE_PRODUCT_LEFT_POPUP_TRACK_NAME string| NO_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PAYWALL_POPUP_TRACK_NAME string| ACCOUNT_POPUP_TRACK_NAME string| CLICK_EVENT_TRACK_NAME string| OPEN_EVENT_TRACK_NAME string| CLOSE_EVENT_TRACK_NAME string| LOGIN_EVENT_TRACK_NAME string| LOGIN_SUCCESS_EVENT_TRACK_NAME string| LOGIN_FAILED_EVENT_TRACK_NAME string| LOGOUT_EVENT_TRACK_NAME string| FORGOT_PASSWORD_EVENT_TRACK_NAME string| LOGIN_LINK_TRACK_NAME string| LOGOUT_LINK_TRACK_NAME string| FORGOT_PASSWORD_LINK_TRACK_NAME string| TOKEN_AUTOLOGIN_NAME string| CHANGE_PASSWORD_EVENT_TRACK_NAME string| CHANGE_PASSWORD_LINK_TRACK_NAME string| pubkey_e string| pubkey_m function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| RSAKeyPair function| twoDigit function| encryptedString function| decryptedString number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod string| hex_chr function| ta_rhex function| ta_str2blks_MD5 function| ta_add function| ta_rol function| ta_cmn function| ta_ff function| ta_gg function| ta_hh function| ta_ii function| ta_calcMD5 function| retry function| isIE10OrLater function| detectPrivateMode function| ta_isIE function| ta_isIE7 function| ta_isIE8 function| ta_isIE11 function| ta_setClass function| ta_appendClass function| ta_getComputedStyle function| ta_truncateArticle function| ta_getPreservedImages function| ta_removePreservedImages function| ta_elementThresholdExempt function| ta_fillThreshold function| ta_articleTextCount function| ta_setElementsDisplay function| ta_hideElements function| ta_showElements function| ta_hideArticlePreview function| ta_hideProtectedMedia function| ta_showProtectedMedia function| ta_refundArticle function| ta_allowEscapeKeyIfBlocked function| ta_setClickAction function| ta_setForgotPasswordClickAction function| ta_setChangePasswordClickAction function| ta_isUserLoggedIn function| ta_checkUser function| ta_checkSubscription function| ta_openEedition function| ta_getTrackingParams function| ta_openCookiesNotEnabledPopup function| ta_showCookiesNotEnabledPopup function| ta_hideCookiesNotEnabledPopup function| ta_openPrivateModePopup function| ta_showPrivateModePopup function| ta_hidePrivateModePopup function| ta_openWelcomePopup function| ta_openPaymentAlertPopup function| ta_showPaymentAlertPopup function| ta_openProductsLeftPopup function| ta_openPagesLeftPopup function| ta_showPagesLeftPopup function| ta_showPaywall function| ta_showPopup function| ta_hidePopup function| ta_hidePaymentAlertPopup function| ta_hidePagesLeftPopup function| ta_hidePaywall function| hideAllPopups function| ta_pageReload function| ta_resetUserStatus function| ta_logout function| ta_callAfterLogoutCallback function| ta_stripToken function| ta_appendURLParam function| ta_removeQueryToFragment function| ta_getCallBackHome function| ta_appendBackground function| ta_appendInvisible function| ta_getLoginTable function| ta_fixIFrameHeight function| ta_getForgotPasswordTable function| ta_getChangePasswordTable function| ta_removeWrongLoginText function| ta_appendCookiesNotEnabledPopup function| ta_appendPrivateModePopup function| ta_appendPagesLeftPopup function| ta_appendPaywall function| ta_appendPaymentAlertPopup function| ta_loadNMUrlInIFrame function| ta_getExternalLoginLink function| ta_getExternalLogoutLink function| ta_openExternalLoginLink function| ta_openExternalLogoutLink function| ta_showLoginFormInPopup function| ta_refreshButtonsActions function| ta_showLogoutLinkInPaymentAlertPopup function| ta_showForgotPasswordFormInPopup function| ta_showChangePasswordFormInPopup function| ta_accountOptions function| ta_account function| ta_showAccountPopup function| ta_showSingleCreditButton function| ta_showPeriodCreditButton function| ta_createCORSRequest function| ta_hideForgotPasswordSubmitButton function| ta_showForgotPasswordSubmitButton function| ta_forgotPassword function| ta_forgotPasswordRequest function| ta_hideChangePasswordSubmitButton function| ta_showChangePasswordSubmitButton function| ta_changePassword function| ta_changePasswordRequest function| ta_hideLoginSubmitButton function| ta_showLoginSubmitButton function| ta_login function| ta_makeLoginRequest function| ta_checkToken function| ta_sendPostMessageLog function| ta_reloadWithoutToken function| ta_loginSuccess function| ta_makeLogoutRequest function| ta_makeAutoLogoutRequest function| ta_makeUserValidateRequest function| ta_makePagesRequest function| ta_validateContent function| ta_validateContentWithProductType function| ta_isHomepage function| ta_readMetaTag function| ta_getProductType function| ta_getMAX_THRESHOLDS function| ta_getMIN_THRESHOLDS function| ta_getFirstTimeNotFree function| ta_isAlreadyVisited function| ta_appendPageURL function| ta_isLocalStorageSupported function| ta_updateAccountButtonText function| ta_paywallSetup function| ta_storeLocally function| ta_getLocalValue function| ta_removeLocalValue function| ta_paywallRefresh function| ta_makeDoubleDelegate function| ta_openPaywall object| popups_style string| text function| ta_externalLoginIFrameOnLoad function| getIFrameByEvent object| ta_ga4_tracking_ids function| ta_gtag object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| pubgroup_config function| initActiveTab object| activeTab object| ahm_config object| ahmpb number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart string| params object| _aps boolean| apstagLOADED object| apscustom object| ahmpbChunk object| viewPortSize number| sekindoDisplayedPlacement function| constructsekindoParent523 number| google_unique_id number| google_global_correlator object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded string| sUserId function| lotameIsCompatible function| sync16576_aa function| sync16576_c function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ia object| sync16576_ja object| sync16576_s object| sync16576_wa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_ga function| sync16576_ha function| sync16576_t function| sync16576_v function| sync16576_w function| sync16576_x function| sync16576_ka function| sync16576_la function| sync16576_y function| sync16576_ma function| sync16576_z function| sync16576_A function| sync16576_u function| sync16576_C function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_qa function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_M function| sync16576_L function| sync16576_N function| sync16576_O function| sync16576_J function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_P function| sync16576_Q function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_za function| sync16576_Aa function| sync16576_S function| sync16576_Ba function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_T function| sync16576_Fa function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Ga function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_Ha function| sync16576_3 function| sync16576_Ja function| sync16576_Ia function| sync16576_4 function| sync16576_La function| sync16576_Ma function| sync16576_Ka function| sync16576_Na function| sync16576_Qa function| sync16576_Pa function| sync16576_Oa function| sync16576_Sa function| sync16576_Ua function| sync16576_Ra function| sync16576_6 function| sync16576_Ta function| sync16576_Xa function| sync16576_Wa function| sync16576_Va function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Ya function| sync16576_Za function| sync16576__a function| sync16576_0a function| sync16576_9 function| sync16576_1a function| sync16576_$ function| sync16576_2a function| sync16576_3a function| sync16576_4a function| _33AcrossIdMappingsProvider number| ahm_stacktime object| aRegionType string| domain object| GoogleGcLKhOms

320 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1732523759737
.3lift.com/sync Name: sync
Value: CgoIgAIQ1LLak7YyCgoIoQEQ1LLak7YyCgoI4gEQ1LLak7YyCgoI5gEQ1LLak7YyCgoIhwIQ1LLak7YyCgkIOhDUstqTtjIKCQgbENSy2pO2MgoKCIwCENSy2pO2MgoKCKwCENSy2pO2MgoJCF8Q1LLak7Yy
.smartadserver.com/api Name: pid
Value: 4438851394020492166
.register-herald.com/ Name: osano_consentmanager_uuid
Value: e777fab9-9f25-4a57-8cad-d62da19d93a6
.register-herald.com/ Name: osano_consentmanager
Value: jvB8YhdUPj-W3iJsNBK4SuBu8yvSrVpTbrxE8D8q0QS9wuwnTNQjGbJ8GczB1rNHD4oTBPBS2zfIRJyjYdeeH1FwZYS4IQAZhP1FII6OgWB3g-geghxLeq3whX82F7GOjPlCXqloVglYc9Mi8Oq02zg_O-ihIrNb5Q9WqEV4TGeKMqcNcrJ-3dZxwRw9COvh4hJuN8lntObKCDnKI8de1N9rUuS3j2olvcDxR7adcC5i0JU0gI1DbI6nKlwgv4rkLwYCQWsYZlhZpyDSam8SXwQMRutZ9LqaLIW-hZ4Bn_feeWtNpY8jOjTD1mLXBJQp5_NNp-5fpnA=
.simpli.fi/ Name: suid
Value: 364CFF4A1CB34C47A26FFA78C50922CF
.pub.network/ Name: _fsuid
Value: 0c2ef69c-aeb4-4a91-b934-49d96cbe7b08
www.register-herald.com/ Name: flipp-uid
Value: 9b872c74-6666-4beb-91e5-30ccb23ef27c
.p.flipp.com/ Name: gid
Value: "H/RB7QABVOfDL66aDDq+zQ=="
.photos.register-herald.com/ Name: Sreferrer
Value: https%3A%2F%2Fwww.register-herald.com%2F
.pippio.com/ Name: did
Value: xr2D6LB3zRbATXTY
.pippio.com/ Name: didts
Value: 1732523753
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.register-herald.com/ Name: ta_MACHINE_ID
Value: f29d2990f8bc3e72562c48abbf12e76d
.register-herald.com/ Name: _ga_D4QVJDNBRB
Value: GS1.1.1732523755.1.0.1732523755.0.0.0
.quantserve.com/ Name: mc
Value: 674436eb-0028e-e38cd-0220a
.register-herald.com/ Name: _gid
Value: GA1.2.1907392739.1732523755
.register-herald.com/ Name: _dc_gtm_UA-3850501-28
Value: 1
.register-herald.com/ Name: _dc_gtm_UA-2313981-1
Value: 1
.register-herald.com/ Name: _gat
Value: 1
.register-herald.com/ Name: usprivacy
Value: 1---
.register-herald.com/ Name: _ga_7YYJFLQXWS
Value: GS1.1.1732523755.1.0.1732523755.0.0.0
.register-herald.com/ Name: _cb
Value: CwJ-NoDuCpkvD0wRk2
.register-herald.com/ Name: _chartbeat2
Value: .1732523755249.1732523755249.1.Dt72NjDhzPOJD5BrXIByyHw1amYna.1
.register-herald.com/ Name: _cb_svref
Value: external
.register-herald.com/ Name: __qca
Value: P0-1865465956-1732523754967
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: e8e89820-78a3-4a2a-829f-578334a1b058
.id5-sync.com/ Name: id5
Value: cf66cf2e-9bba-705a-afcc-1e8260e4cfa9#1732523756135#1
.photos.register-herald.com/ Name: SMSESS
Value: 8d6b14c75270e0b092c6fd7f9ecdde98
.smugmug.com/ Name: SMSESS
Value: 8d6b14c75270e0b092c6fd7f9ecdde98
.photos.register-herald.com/ Name: _sp_ses.1e80
Value: *
.photos.register-herald.com/ Name: _sp_id.1e80
Value: 9fbdced5-cb97-459a-811b-76aa017a40a0.1732523757.1.1732523757.1732523757.e7df7519-c17f-4dd8-9c31-f3b8641e6f50
www.register-herald.com/ Name: ta_cookiesTest
Value: 1
www.register-herald.com/ Name: ta_vl
Value: 1
www.register-herald.com/ Name: ta_interrupted
Value: 0
.smugmug.com/ Name: sstrack
Value: 853ef076-950d-416c-8090-be1c6bd2f328
.register-herald.com/ Name: _ga_JD3VHQYLPF
Value: GS1.2.1732523756.1.0.1732523756.0.0.0
.primis.tech/ Name: csuuid
Value: 674436ecca7ca
www.register-herald.com/ Name: ta_ss
Value: cda0221528f6105d0868257a2c7fcc36
.lijit.com/ Name: ljt_reader
Value: JuZDABZHAKyXLV27RzSAj9yf
.register-herald.com/ Name: ajs_anonymous_id
Value: 0b48b312-1e81-4a40-8bae-6ef1aed042f4
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: vxlxynLvKL
.openx.net/ Name: i
Value: f84cf638-eb1d-052b-22fc-ac584ccfa1a1|1732523757
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1732523757498
www.register-herald.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.register-herald.com/ Name: _awl
Value: 2.1732523757.5-634e2e32106445b8aff831d8bfcb727f-6763652d75732d63656e7472616c31-0
.3lift.com/ Name: tluidp
Value: 819027098221802988696
.3lift.com/ Name: tluid
Value: 819027098221802988696
.rubiconproject.com/ Name: khaos
Value: M3WRWV6I-1U-KHY1
.rubiconproject.com/ Name: khaos_p
Value: M3WRWV6I-1U-KHY1
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.tremorhub.com/ Name: tvid
Value: be170c4c4653422798dab2010cff0c7f
.media.net/ Name: data-pri
Value: 674436ecca7ca~~34
.bidswitch.net/ Name: c
Value: 1732523757
.bidswitch.net/ Name: tuuid_lu
Value: 1732523757
.casalemedia.com/ Name: CMID
Value: Z0Q27dHM5zgAAAmvAjbDJwAA
.casalemedia.com/ Name: CMPS
Value: 1365
.casalemedia.com/ Name: CMPRO
Value: 1365
.adnxs.com/ Name: XANDR_PANID
Value: HwNWuDDiHMcfE5_d9uy4zq2nzQbk1kkhNMcL9fMtdCZ8BqSWn7cTyABkQ6qHd1yiZnwKxtUq4HIsICNfn2Iz5kBZ30pUDcwhpLxFLcnz9q4.
.adnxs.com/ Name: uuid2
Value: 810980635046800621
.smaato.net/ Name: SCM
Value: 43360bbe03
.smaato.net/ Name: SCMrise
Value: 43360bbe03
.go.sonobi.com/ Name: __uis
Value: e3fe3605-5a6d-4cc2-9729-1398f3e3cc22
.go.sonobi.com/ Name: HAPLB8G
Value: s8663|Z0Q28
.sharethrough.com/ Name: stx_user_id
Value: 6e2beac2-3e6f-48a6-a40b-68839b55bdae
.contextweb.com/ Name: V
Value: BMGIS2824NG4
.contextweb.com/ Name: VP
Value: part_BMGIS2824NG4
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 87c2c2aa5eb619c6
.ads.stickyadstv.com/ Name: UID
Value: fec76b34a81542c7c8bb56dc2ecf64
.tremorhub.com/ Name: tvssa
Value: 1732523757881
.media.net/ Name: visitor-id
Value: 3755253571978365000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.bidswitch.net/ Name: tuuid
Value: 15108dd9-63fb-4f19-b602-b08a9c84d63a
.admanmedia.com/ Name: admtr
Value: 5a61301c-73bf-46b7-892b-0f7fdcb6e151
.creativecdn.com/ Name: g
Value: 0jSmdX021s06VbaLwrR0_1732523758090
.creativecdn.com/ Name: ts
Value: 1732523758
.csync.loopme.me/ Name: viewer_token
Value: a92cb8ae-2a69-46a0-8e70-ff7ce51ec47f
.kueezrtb.com/ Name: vdz_sync
Value: 6a845be6-b181-da96-e6ba-3063afd0e60b
.ingage.tech/ Name: instUid
Value: 6f7630b3-68d7-4c55-abe7-ad5059a0da45
.ingage.tech/ Name: __cf_bm
Value: sshFazuTPy.oslVOrMnrHxSef5WUpfAyJm0HR.DZ5WM-1732523758-1.0.1.1-vcOFeee_hg8VOZhkgryDtO3xt7ZRt00odc7GmC8s3SXOa9jq2sP4uWKwEfgXwJUUB1545DGETageZRXzXSsAUA
.amazon-adsystem.com/ Name: ad-id
Value: A3A9r9e0u0PDop3DCnPJHHg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: icu
Value: ChkIq5WVARAKGAEgASgBMO7tkLoGOAFAAUgBEO7tkLoGGAA.
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 7cd6b697603623574f37c3209757fc65
.doubleclick.net/ Name: IDE
Value: AHWqTUlG6hi_vybdk8mEnF8FzbjFG-pQ5R2j-dJ5d8RcE90xU1L6wKKZ9wbc7j2AMNM
.register-herald.com/ Name: lotame_domain_check
Value: register-herald.com
.register-herald.com/ Name: _cc_id
Value: 7cd6b697603623574f37c3209757fc65
.turn.com/ Name: uid
Value: 7684957197179181433
.smaato.net/ Name: SCMaps
Value: 43360bbe03
.adform.net/ Name: uid
Value: 1497916495940886009
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C2D9FF3A-462C-4565-A74E-96CF084FA79D
.go.sonobi.com/ Name: __uin_tu
Value: 1
.go.sonobi.com/ Name: __uir_tu
Value: 59988958
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 59988958
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGsVy0zUtAT_9UlmEBEzx-o&KRTB&16514-CAESEGsVy0zUtAT_9UlmEBEzx-o&KRTB&23025-CAESEGsVy0zUtAT_9UlmEBEzx-o&KRTB&23386-CAESEGsVy0zUtAT_9UlmEBEzx-o
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e8e89820-78a3-4a2a-829f-578334a1b058&KRTB&22918-e8e89820-78a3-4a2a-829f-578334a1b058&KRTB&22926-e8e89820-78a3-4a2a-829f-578334a1b058&KRTB&23031-e8e89820-78a3-4a2a-829f-578334a1b058
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-Bwlpff60AcSD34_QHAIO-nk5eJSiQOpNlP5xyRMdstY&KRTB&23047-Bwlpff60AcSD34_QHAIO-nk5eJSiQOpNlP5xyRMdstY&KRTB&23234-Bwlpff60AcSD34_QHAIO-nk5eJSiQOpNlP5xyRMdstY&KRTB&23361-Bwlpff60AcSD34_QHAIO-nk5eJSiQOpNlP5xyRMdstY
.go.sonobi.com/ Name: __uir_td
Value: 257650612791106526
.go.sonobi.com/ Name: __uin_td
Value: e8e89820-78a3-4a2a-829f-578334a1b058
.register-herald.com/ Name: __gads
Value: ID=634e425e076a6208:T=1732523757:RT=1732523757:S=ALNI_MaSaD5to3aZFaamA-xJuTwpoQLMVw
.register-herald.com/ Name: __gpi
Value: UID=00000f9e4be1db4c:T=1732523757:RT=1732523757:S=ALNI_Ma0lxfKHcjkFXxxRO-o6B_4Kh8Drg
.register-herald.com/ Name: __eoi
Value: ID=d0e031f0ae965744:T=1732523757:RT=1732523757:S=AA-AfjaQrZwQdoXUdx-m6x1lOJyi
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7684957197179181433&KRTB&23150-7684957197179181433&KRTB&23527-7684957197179181433&KRTB&23629-7684957197179181433
.technoratimedia.com/ Name: tads_ipv6
Value: 2607:5300:60:7867::9
.zemanta.com/ Name: zuid
Value: A2GO4ZZNsKBhKTUPqZNm
.emxdgt.com/ Name: uid
Value: 47481732523759043393b6
.postrelease.com/ Name: visitor
Value: acc8f3fd-87fa-44db-8169-6e216d710459
.postrelease.com/ Name: status
Value: 0
.yieldmo.com/ Name: yieldmo_id
Value: VFx2oJJBD2JUb61ejk5m%7C1732492800000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1203981%7Ct%3D1203981%7Ctapad%3D1203981%7Cpub%3D1203981%7Cdv360%3D1203981
.cootlogix.com/ Name: vdz_sync
Value: 23482530-9e49-891d-5ec8-f938d15c9041
.minutemedia-prebid.com/ Name: wrvUserID
Value: wWFvCN4rkp_mm
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AATp2U7OiG4AABbIeuzZiQ
.admixer.net/ Name: am-uid
Value: 89e97524b8c24c45ad0bc1a7d72ecd56
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f5a595c3-5da4-5e07-4c0e-cf5528daa32a.FvOMVqzn5%2FbJ6ambVqxJR66AgzRBuPMOZr8Up%2F4YY0k
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9aWVw12kXgdMDs9VKNqjKqdy0Wc.De8IYD3yL21YfFHosd1SSUx1ESXVXWALXruVMq8PWsw
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:364CFF4A1CB34C47A26FFA78C50922CF&KRTB&23486-uid:364CFF4A1CB34C47A26FFA78C50922CF&KRTB&23489-uid:364CFF4A1CB34C47A26FFA78C50922CF&KRTB&23539-uid:364CFF4A1CB34C47A26FFA78C50922CF
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCDv7ZC6BjABOgSAOSS3QgTjwfc3.wisbxv3O3A2Wo3vSVr0ycELdTKu%2B%2FFqZneA0CjwUtLk
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPiNVVVjf4Tl9IQr6-i1WViXVQEozW0CRQSMhmC6a0aAEGcYBCDv7ZC6BjABOgSAOSS3QgTjwfc3.wisbxv3O3A2Wo3vSVr0ycELdTKu%2B%2FFqZneA0CjwUtLk
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0tjQys7AwMDIxNxXiM9T1SgoxK832cXb29zAAAKFbCT4lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0tjQys7AwMDIxNxXiM9T1SgoxK832cXb29zAAAKFbCT4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmxkamRsbmppZGgKAF7Sdt8QAAAA
.adgrx.com/ Name: ADGRX_UID
Value: 4bd57fec-ab08-11ef-b767-d3f372633978
.ipredictive.com/ Name: cu
Value: 69ff6b58-c4c4-452f-bdcd-9f7a057579f9|1732523759217
.semasio.net/ Name: SEUNCY
Value: 96996FE291E6D44A
.mxptint.net/ Name: mxpim
Value: R33646_11F8A6AB0_C7DC949C.1.0000000000000000674436EF
.sitescout.com/ Name: ssi
Value: cb6f836b-3b7e-4279-900b-b7d167aad6d3#1732523759260
.w55c.net/ Name: wfivefivec
Value: B8d2sRSQ1TfuzB5
.onaudience.com/ Name: cookie
Value: 3cf8791eb1e8c10b
.onaudience.com/ Name: done_redirects219
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: a9noeUs2aFopAJs90Xa8nu9cQOQVBbetsgX662tZc
.deepintent.com/ Name: CDIUSER
Value: di_20fb84e0fc38424c8c2db
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220241125%22%7D
.quantserve.com/ Name: sp
Value: CggIiQ0SAxD9DQ==
.yahoo.com/ Name: A3
Value: d=AQABBO82RGcCEKbiteeR8fsuBKBB0fNO0VkFEgEBAQGIRWdOZwAAAAAA_eMAAA&S=AQAAAhShl9T4J5vnddQaUZsb0zM
.temu.com/ Name: __cf_bm
Value: NTwY4fG.2xxne1O_FOFZbffWDqSeNMncK2SrKOpqIK0-1732523759-1.0.1.1-5M8zqtzrXLjn9rZqlCdv_aPBAd.25BkKmfGZpmn7lOmHM.tmkm1f_oj.TtzHYu8_kwb71e.OPCTuzQer9QzwNA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ed233c4b-0de7-4346-a61f-7e2acffaa12f-005%22%7D
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&ff8cff57-da72-47e0-897e-00c1387da863"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzI1MjM3NTk7MjswMjFp3QWlcC6ES4i7rChstqROVX5A5sgGwCW2boWlgCv7pg==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2913:u=1:x=1:i=1732523759:t=1732610159:v=2:sig=AQHigKOTFIm0RDIirAcamrUYpb5Wg76f"
.go.sonobi.com/ Name: __uir_st
Value: 257650612791106526
.go.sonobi.com/ Name: __uin_st
Value: 9aWVw12kXgdMDs9VKNqjKqdy0Wc
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-dd90588c-7ac7-4b25-92ad-5e5083058bed&KRTB&23011-dd90588c-7ac7-4b25-92ad-5e5083058bed&KRTB&23355-dd90588c-7ac7-4b25-92ad-5e5083058bed
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-50a1f963-fd0f-43ad-8f63-c6a4ebfea953&KRTB&23340-50a1f963-fd0f-43ad-8f63-c6a4ebfea953&KRTB&23498-50a1f963-fd0f-43ad-8f63-c6a4ebfea953
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23334-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23417-9aWVw12kXgdMDs9VKNqjKqdy0Wc&KRTB&23426-9aWVw12kXgdMDs9VKNqjKqdy0Wc
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1497916495940886009&KRTB&23231-1497916495940886009&KRTB&23263-1497916495940886009&KRTB&23481-1497916495940886009
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33646_11F8A6AB0_C7DC949C&KRTB&23092-R33646_11F8A6AB0_C7DC949C
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1797288139268802475&KRTB&23628-1797288139268802475
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTczMjUyMzc1OTM1NiwiNyI6MTczMjUyMzc1OTM1Nn0
.tapad.com/ Name: TapAd_TS
Value: 1732523759360
.tapad.com/ Name: TapAd_DID
Value: 75f87381-f535-4ce6-916c-7846cae49cdf
.storygize.net/ Name: U
Value: 5ea51a47-1195-4bec-b405-80f5a8c01c98
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-cb6f836b-3b7e-4279-900b-b7d167aad6d3-674436ef-5553&KRTB&23418-cb6f836b-3b7e-4279-900b-b7d167aad6d3-674436ef-5553&KRTB&23634-cb6f836b-3b7e-4279-900b-b7d167aad6d3-674436ef-5553
.adx.opera.com/ Name: UID
Value: OPUf73582671941485abf25390ff5a3dcaa
.go.sonobi.com/ Name: __uir_bw
Value: 257650612791106526
.go.sonobi.com/ Name: __uin_bw
Value: 15108dd9-63fb-4f19-b602-b08a9c84d63a
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQAAjdyz10_qwAJmYacuAQEBAQEBAQCSY3eWAwEBAJJjd5YD&KRTB&22715-AQAAjdyz10_qwAJmYacuAQEBAQEBAQCSY3eWAwEBAJJjd5YD&KRTB&23519-AQAAjdyz10_qwAJmYacuAQEBAQEBAQCSY3eWAwEBAJJjd5YD&KRTB&23632-AQAAjdyz10_qwAJmYacuAQEBAQEBAQCSY3eWAwEBAJJjd5YD
.w55c.net/ Name: matchpubmatic
Value: 5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7928
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 25534ca0-4925-4339-a102-fcc384e41f66
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 7ZdI%2BjEor%2Bmjo%2Fxym1NjQbZly%2B70Z8OgnMeN0cUBVUecshQdiocHTi1FcpNSmYqUgwwagyJIgi4P%2BwPUC8J84w%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-Y-syh2bqY9F47DaBbbkr1mbkZdd47DSBZb0l2gD4&KRTB&22979-Y-syh2bqY9F47DaBbbkr1mbkZdd47DSBZb0l2gD4&KRTB&23462-Y-syh2bqY9F47DaBbbkr1mbkZdd47DSBZb0l2gD4
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-4bd57fec-ab08-11ef-b767-d3f372633978&KRTB&23275-4bd57fec-ab08-11ef-b767-d3f372633978
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-15108dd9-63fb-4f19-b602-b08a9c84d63a&KRTB&23280-15108dd9-63fb-4f19-b602-b08a9c84d63a
.colossusssp.com/ Name: gtm_usr
Value: 27d12988-36b3-4744-8c90-f906b0f6a28e
.colossusssp.com/ Name: lmg_r
Value: 12
.inmobi.com/ Name: TEST-COOKIE
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUf73582671941485abf25390ff5a3dcaa&KRTB&23485-OPUf73582671941485abf25390ff5a3dcaa&KRTB&23524-OPUf73582671941485abf25390ff5a3dcaa&KRTB&23575-OPUf73582671941485abf25390ff5a3dcaa
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:B8d2sRSQ1TfuzB5&KRTB&23421-uid:B8d2sRSQ1TfuzB5
.33across.com/ Name: 33x_ps
Value: u%3D212893784694857%3As1%3D1732523759626%3Ats%3D1732523759626
.technoratimedia.com/ Name: tads_uidp_37
Value: 7ab3aef4-d911-33ad-b24a-96acd25fac2c
.technoratimedia.com/ Name: tads_uidp_46
Value: 8320974673051145315
.technoratimedia.com/ Name: tads_uidp_64
Value: s0Rq-A_5eHUljdhTqudJXoDnHedOVksW
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-7f7b6d42-b05a-4c2c-a760-413ca0b1eb52-003
.technoratimedia.com/ Name: tads_uid
Value: 8F96CF708E744231841D68A01C851D44
.technoratimedia.com/ Name: tads_uid_cd
Value: 20241123133331+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.pxl.iqm.com/ Name: vidazoo
Value: MTczMzczMzM1OTY3Mg==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 44ca835f-37e0-4f95-9e42-9e84b3373b05
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1uyr|8kt.0.1|7Bj.0.CAESEBxIgrZQA6Vnfgx85K8GA0c|4is.0.CAESEF2gOVAdH8SEYNGa68bqZIw|2N.0.AQAAjdyz10_qwwIG2ZePAQEBAQEBAQCSY3eWPwEBAJJjd5Y_|7dN.0.AATp2U7OiG4AABbIeuzZiQ|8i8.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1uyr|8kt.0.1|7Bj.0.CAESEBxIgrZQA6Vnfgx85K8GA0c|4is.0.CAESEF2gOVAdH8SEYNGa68bqZIw|2N.0.AQAAjdyz10_qwwIG2ZePAQEBAQEBAQCSY3eWPwEBAJJjd5Y_|7dN.0.AATp2U7OiG4AABbIeuzZiQ|8i8.0.1
.yellowblue.io/ Name: wrvUserID
Value: MWpXWENONDlDcF9z
.inmobi.com/ Name: iid
Value: ID5-1-1c553e21-1c48-4b30-8f70-4d44f3de2a66
www.register-herald.com/ Name: _lr_retry_request
Value: true
www.register-herald.com/ Name: _lr_env_src_ats
Value: false
.smaato.net/ Name: SCMinmobi
Value: 43360bbe03
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: fadf767b-4539-534a-bb65-94a0dc21a24f
.betweendigital.com/ Name: ss
Value: 1
.ads.yieldmo.com/ Name: ptrunl
Value: OPTOUT
.ads.yieldmo.com/ Name: ptrt
Value: e8e89820-78a3-4a2a-829f-578334a1b058
.illumin.com/ Name: vdz_sync
Value: 98176b04-52e7-0c31-bf8a-ce055b59cfa9
.lijit.com/ Name: _ljtrtb_80
Value: M3WRWV6I-1U-KHY1
.adsby.bidtheatre.com/ Name: __kuid
Value: 12f6cbb7-eb2a-4a33-831a-932b4ed23b1c.501737759
www.register-herald.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e8e89820-78a3-4a2a-829f-578334a1b058%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222024-10-25T08%3A35%3A59%22%7D
www.register-herald.com/ Name: pbjs-unifiedid_last
Value: Mon%2C%2025%20Nov%202024%2008%3A35%3A59%20GMT
.betweendigital.com/ Name: ut
Value: Z0Q27wAOjpDU5bEqxMLDRqk_oa1mkd8VtbBPSQ==
.zeotap.com/ Name: zc
Value: f4c0e64f-e2a9-44b9-546f-285f79dcc27e
.zeotap.com/ Name: zsc
Value: %FD%94q%0F%E2%A2%CD%1C%87bKt~%CDw%C48je%22%14U0%A2%0C%A8%5B%92q%94%1A%98%3FI%13%14G%CA%9E6%7Ba%3B%26%1F%E3ot%FF~%0D%8A%A5n8%86%3B%A6%3A%E0Q%15%F0f%CE%BE%22%C7%99%8DZ%8922%FA-H%19%84x%F8.%97
.inmobi.com/ Name: gob_cookie
Value: YES
.technoratimedia.com/ Name: tads_uidp_7
Value: e8e89820-78a3-4a2a-829f-578334a1b058
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQME9OMUsyszQ3MzA2MzI2NTdJMzZPNjYysDQ3NU9LNjNlAIJ0F7P3DAgAADh7Cdk%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIdzF7zwAHABX1AdE%3D"
.register-herald.com/ Name: panoramaId_expiry
Value: 1732610159961
.technoratimedia.com/ Name: tads_uidp_50
Value: 168c86df-25cd-02ef-12ea-7ad01c08acba
.register-herald.com/ Name: panoramaId
Value: fcc3ab47115667a7b7f88b97f448a9fb927a59256f453eb632261a73ea9a5e46
.technoratimedia.com/ Name: tads_uidp_82
Value: Z0Q26tHM6ZcAAE7mAXecRAAA&3579
.technoratimedia.com/ Name: tads_uidp_88
Value: 819027098221802988696
.go.sonobi.com/ Name: __uir_bs
Value: 257650617086073823
.go.sonobi.com/ Name: __uin_bs
Value: cb6f836b-3b7e-4279-900b-b7d167aad6d3-674436ef-5553
.adkernel.com/ Name: ADK_EX_11
Value: 1
.technoratimedia.com/ Name: tads_uidp_49
Value: AQAGFFQ9kZ2xwgIl6EIMAQEBAQEBAQCSY3eY_wEBAJJjd5j_
.ortb.net/ Name: lluid
Value: 05eefc4c-7187-96c6-aeeb-8a36a105e972
.ortb.net/ Name: llum
Value: eyJzaHIiOnsiMSI6MTczMjUyMzc2MDMxMX19
.360yield.com/ Name: tuuid
Value: 972df462-6118-4217-9884-9bd4c3a8971c
.360yield.com/ Name: tuuid_lu
Value: 1732523760
.blismedia.com/ Name: b
Value: 674436F06AD3BCE1329FCF13_
s2s.t13.io/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpbm1vYmkiOnsidWlkIjoiSUQ1LTEtMWM1NTNlMjEtMWM0OC00YjMwLThmNzAtNGQ0NGYzZGUyYTY2IiwiZXhwaXJlcyI6IjIwMjQtMTItMDlUMDg6MzY6MDAuMzcxNTM4NDc1WiJ9fX0=
.aralego.com/ Name: sspid
Value: 7ab3aef4-d911-33ad-b24a-96acd25fac2c
.technoratimedia.com/ Name: tads_uidp_79
Value: 972df462-6118-4217-9884-9bd4c3a8971c
.technoratimedia.com/ Name: tads_uidp_44
Value: M3WRWV6I-1U-KHY1
.smartadserver.com/ Name: pid
Value: 6582164684610651149
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AATp2U7OiG4AABbIeuzZiQ
.media.net/ Name: data-sy
Value: 8F96CF708E744231841D68A01C851D44~~3
.register-herald.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1732523756.1.0.1732523760.56.0.0
.admanmedia.com/ Name: lluid
Value: b5b68df0-4cfb-70dc-3438-bfe26ab6afbb
.technoratimedia.com/ Name: tads_uidp_62
Value: 3755253571978365000V10
.e-volution.ai/ Name: v_usr
Value: 8e83d5a7-d539-433a-b2f9-40712cdb61f4
.e-volution.ai/ Name: v_red
Value: 378
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AATp2U7OiG4AABbIeuzZiQ&KRTB&23649-AATp2U7OiG4AABbIeuzZiQ
.pubmatic.com/ Name: SyncRTB4
Value: 1732924800%3A216%7C1733702400%3A8_21_81_214_220_7_99_250_165_5_71_249_54_13_55_3_96_178_266_104_22_231_267_56_46_48_264_234_238_201_240_233_166_176_271%7C1733356800%3A63%7C1733097600%3A2_223_15%7C1735084800%3A224%7C1733788800%3A268_35%7C1737676800%3A69
sync.clearnview.com/ Name: uid
Value: 0168fe92-df30-5994-863c-bcf6b1e07c21
.adkernel.com/ Name: ADKUID
Value: A6615063853246586079
.tynt.com/ Name: uid
Value: 6iLoIGdENvHf04cqNei1HA==
.bing.com/ Name: MUID
Value: 0F3547D9E1F16C562CDC529BE0CA6DCE
.c.bing.com/ Name: MR
Value: 0
.openx.net/ Name: pd
Value: v2|1732523761|vMbwuYgag2hEvPkWgyiK
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1732523761049%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1732523761049%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1732523761049%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1732523761049%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1732523761049%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1732523761049%7D%5D
.omnitagjs.com/ Name: ayl_visitor
Value: 59dd5a26ea6c4c97bd4484ccd46ab48f
.dotomi.com/ Name: DotomiTest
Value: 3afba4da5b5d05c7
.teads.tv/ Name: tt_viewer
Value: 1410b25f-6e0d-4ea2-b43a-8e91657330e1
.mediago.io/ Name: __mguid_
Value: e94ce74ff0452ad72f22wa00m3wrwxqm
.admaster.cc/ Name: __mguid_
Value: e94ce74f58f5e8c92f9re900m3wrwxqx
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.technoratimedia.com/ Name: tads_uidp_61
Value: 212893784694857
.agkn.com/ Name: ab
Value: 0001%3AOtPZa2zRqnQC4URibh%2BU5gmA0Epl9Z18
.iqzone.com/ Name: iq_u_key
Value: 4213d702-c015-4419-b57d-f0284f7e916f
.iqzone.com/ Name: iq_r_key
Value: 277
.ctnsnet.com/ Name: cid_e6825fee5da74bc383bd96ad4fcaf2de
Value: 1
.mathtag.com/ Name: uuid
Value: e9016744-36f1-4300-8c0f-d18ebc69f968
.resetdigital.co/ Name: ckbk
Value: 000001682A78203D
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-02845a66-f93b-3aa3-acef-d2c7fcf1acc5
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e9016744-36f1-4300-8c0f-d18ebc69f968
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000001682A78203D&KRTB&23175-000001682A78203D
.krushmedia.com/ Name: krm_usr
Value: 402d1ffd-4e7d-5d1b-b196-02fdf2bd7272
.krushmedia.com/ Name: krm_r
Value: 615
.pubmatic.com/ Name: DPSync4
Value: 1733702400%3A228_245_219_226_197%7C1733097600%3A265_164_252%7C1732579200%3A248
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1732545361851
.visiblemeasures.com/ Name: vm_usr
Value: 015cebe7-ed64-456e-91bb-fac3d1da3994
.visiblemeasures.com/ Name: vm_r
Value: 74
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-xMz_GyunBY6s_Cdg8TZEZw&KRTB&23557-xMz_GyunBY6s_Cdg8TZEZw&KRTB&23586-xMz_GyunBY6s_Cdg8TZEZw
.pubmatic.com/ Name: PugT
Value: 1732523761
.register-herald.com/ Name: _ga
Value: GA1.2.868779135.1732523755
.register-herald.com/ Name: _gat_UA-3850501-28
Value: 1
.simpli.fi/ Name: uid_syncd_secure
Value: true
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 364CFF4A1CB34C47A26FFA78C50922CF
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2In5u?2MJ!]tbPl1N!7On*M$=BX=+e:eH`e9qwgfp7Tge<(gbgl#H`lvvftcxc@JkmPHVlFpPI/X%W#.wL4W1Qw2AJZZPl
.intentiq.com/ Name: IQPData
Value: 2809319783#1732523762753#0#1732523757498
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVVjd0OGxMIzEwMDQzXzAmVVY3dDk3TA
.rubiconproject.com/ Name: audit_p
Value: 1|Yi0B7ZIsgOjEliFnyx3F5wrWNQGRhikYzrsgdGKqVHc7wCFCn6f3ei7vfXt4HDSRi9op0rIMWT4kEa5N2k7U1SEEFoCDRlfY/7aCjgmMzEV2b4Yjeos0reXJgMYu/vVdaPPeOixKWntpJMsHZQ8b+85PdEegGA9+pmvllXEtYN4=
.rubiconproject.com/ Name: audit
Value: 1|Yi0B7ZIsgOjEliFnyx3F5wrWNQGRhikYzrsgdGKqVHc7wCFCn6f3ei7vfXt4HDSRi9op0rIMWT4kEa5N2k7U1SEEFoCDRlfY/7aCjgmMzEV2b4Yjeos0reXJgMYu/vVdaPPeOixKWntpJMsHZQ8b+85PdEegGA9+pmvllXEtYN4=
.rlcdn.com/ Name: rlas3
Value: SNTKih+LJrwtm5Ta9nLe+QRXNgCOjIefNgpYcL8BPZ8=
.rlcdn.com/ Name: pxrc
Value: COntkLoGEgUI6AcQABIFCOhHEAASBgi26gEQCRIGCLrqARAHEgYIwuoBEAgSBgi46wEQBRIGCPPCKxAG
.smaato.net/ Name: SCMt
Value: 43360bbe03
.smaato.net/ Name: SCM1001136
Value: 43360bbe03
.lijit.com/ Name: ljtrtb
Value: eJyrVrIwULJS8jUODwoPM%2FPUNQzV9faINFSqBQBRYgZ1
.lijit.com/ Name: _ljtrtb_2
Value: 364CFF4A1CB34C47A26FFA78C50922CF
.tremorhub.com/ Name: tv_UISF
Value: 364CFF4A1CB34C47A26FFA78C50922CF
.taboola.com/ Name: t_gid
Value: 490bd36a-7d97-4cc1-b49e-2f5da9a700a4-tucte3dbc72
.taboola.com/ Name: t_pt_gid
Value: 490bd36a-7d97-4cc1-b49e-2f5da9a700a4-tucte3dbc72
.exelator.com/ Name: EE
Value: "3aaebaacaae5a8c55fb0e1ac89ac1dff"
.bfmio.com/ Name: __141_cid
Value: 364CFF4A1CB34C47A26FFA78C50922CF
.bfmio.com/ Name: __io_cid
Value: 60a4494a5d6c6181df9f519266755c955f671d20
.pro-market.net/ Name: anHistory
Value: "-1gc7s5f9tltsq+2+!#7%.%c!a'l"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE4MTE1KTExGUiZJlokm5qmJRmkGiYmW1gmJhumpKUtLkstWrC0tDg1JenQkoqckpym1WXxoY7xbo6%252Bnj6Ry5wzivJzU1eAhcJcgxYbGhsuyS%252FKTF%252Fk7Li4KCWNYVFJ8angkxutAUDOLA0%253D"
.fwmrm.net/ Name: _uid
Value: ume4016_7441696988127931396
.agkn.com/ Name: u
Value: C|0AAAAAAAALtbzcwAAAAAA
.pubmatic.com/ Name: SPugT
Value: 1732523763
.pro-market.net/ Name: anProfile
Value: "-1gc7s5f9tltsq+1+1f=1+1g=1+1j=3k:1+rs=s+rt=26075300006078670000000000000009+s2=(snhzw2)+vm=24-364CFF4A1CB34C47A26FFA78C50922CF:53-CAESEOMESkEWqh29SXPsNzPhx3Q"
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: ume4016_7441696988127931396
.ads.stickyadstv.com/ Name: MRM_UID
Value: ume4016_7441696988127931396
.admanmedia.com/ Name: llum
Value: eyJwaW4iOnsiMyI6MTczMjUyMzc2MDU0MSwiMTAiOjE3MzI1MjM3NjEyNTIsIjgiOjE3MzI1MjM3NjEzMzEsIjIiOjE3MzI1MjM3NjE0OTQsIjciOjE3MzI1MjM3NjE1NDgsIjUiOjE3MzI1MjM3NjE2MzYsIjEyIjoxNzMyNTIzNzYxNjk4LCIxMyI6MTczMjUyMzc2MTk4MywiNiI6MTczMjUyMzc2MzE3OX19
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEN5OcoTEt_xJuVeT5-91X08
.admanmedia.com/ Name: ac_r
Value: CS116|CS43|CS112|CS208|CS155|CS222
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AATp2U7OiG4AABbIeuzZiQ
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-duG5JNpE2oMH_XMQoNwEA9NN1KI9aOXPo9NElt1p~A
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI2vH-gcfNxj0QBRIUCgV0YXBhZBILCJaa1ofHzcY9EAUSFgoHc3Z4OXQ1MBILCJa86Y3HzcY9EAUSFwoIbGl2ZXJhbXASCwj62ZGYx83GPRAFEhgKCWJpZHN3aXRjaBILCODv1JjHzcY9EAUYASABKAIyCwj2u73e3c3GPRAFOAFaCXN0aWNreWFkc2AC
.ads.stickyadstv.com/ Name: uid-bp-892
Value: e8e89820-78a3-4a2a-829f-578334a1b058
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 810980635046800621
.ads.stickyadstv.com/ Name: uid-bp-41396
Value: 819027098221802988696
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1592%26userId%3D%23PMUID^0^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 16
.ads.stickyadstv.com/ Name: uid-bp-41414
Value: C2D9FF3A-462C-4565-A74E-96CF084FA79D
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: B8d2sRSQ1TfuzB5

18 Console Messages

Source Level URL
Text
network error URL: https://www.register-herald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1732523753053505016001200485064932368&tnms_dt=register-herald.com%20%7C%20In%20Print.%20Online.%20Anytime.&tnms_upage=1&tnms_do=www.register-herald.com&tnms_uri=/&tnms_ref=&rt=1732523753057
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://cmp.osano.com/169jhmT062kCdFtLK/868af81d-6448-4b46-92ef-67eb4b0c26ae/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202410160/js/advertiserwidget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.register-herald.com/tncms/csrf/token/
Message:
Failed to load resource: the server responded with a status of 429 ()
javascript error URL: https://www.register-herald.com/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.register-herald.com/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.register-herald.com/
Message:
Access to fetch at 'https://id5-sync.com/g/v2/882.json' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://id5-sync.com/g/v2/882.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.register-herald.com/
Message:
Access to fetch at 'https://id5-sync.com/g/v2/882.json' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://id5-sync.com/g/v2/882.json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.register-herald.com/tncms/dmp/segment_audiences/?anonymous_id=0b48b312-1e81-4a40-8bae-6ef1aed042f4
Message:
Failed to load resource: the server responded with a status of 429 ()
javascript error URL: https://www.register-herald.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=34
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.register-herald.com/
Message:
Access to XMLHttpRequest at 'https://id5-sync.com/g/v2/212.json' from origin 'https://www.register-herald.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://id5-sync.com/g/v2/212.json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://stags.bluekai.com/site/29931?id=364CFF4A1CB34C47A26FFA78C50922CF
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4947274&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
aa.agkn.com
aax.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
analytics.google.com
ap.lijit.com
api.floors.dev
api.intentiq.com
api.rlcdn.com
api.segment.io
bandborder.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
c.pub.network
casmp.adperfect.com
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn-resources.prfct.cc
cdn.confiant-integrations.net
cdn.segment.com
cdn.smugmug.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cmp.osano.com
config.aps.amazon-adsystem.com
consent.api.osano.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
csync.loopme.me
d.agkn.com
d.pub.network
d1gzrgn7m19oq9.cloudfront.net
eb2.3lift.com
eeec5b7c0f757adbb54b1bc08b5f36e2.safeframe.googlesyndication.com
ep1.adtrafficquality.google
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
interactives.ap.org
japfg-trending-content.appspot.com
justapinch-com-d.openx.net
lb.eu-1-id5-sync.com
lexicon.33across.com
lh3.googleusercontent.com
live.primis.tech
loadm.exelator.com
match.adsrvr.org
match.sharethrough.com
mb9eo.publishers.tremorhub.com
optimise.net
p.flipp.com
pagead2.googlesyndication.com
pbid.pro-market.net
photos.register-herald.com
photos.smugmug.com
ping.chartbeat.net
pippio.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pubads.g.doubleclick.net
register-herald-cnhi-pw.newsmemory.com
register-herald.com
rtb.primis.tech
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
secure.quantserve.com
securepubads.g.doubleclick.net
sentry.io
simplifi.partners.tremorhub.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.cnhionline.com
stats-new.smugmug.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.ingage.tech
sync.intentiq.com
sync.ipredictive.com
sync.kueezrtb.com
sync.taboola.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tags.crwdcntrl.net
td.doubleclick.net
tpc.googlesyndication.com
tracker.rtb.admanmedia.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video.primis.tech
www.americanhometownmedia.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.justapinch.com
www.register-herald.com
www.smugmug.com
x.bidswitch.net
api.rlcdn.com
id5-sync.com
register-herald.com
sync.ipredictive.com
video.primis.tech
www.google.com
www.register-herald.com
104.16.132.24
104.18.20.206
104.18.25.111
104.18.26.193
104.18.28.101
107.178.254.65
108.138.106.59
108.138.112.90
108.138.128.124
108.138.128.128
108.139.29.105
13.226.94.26
13.249.86.140
130.211.10.17
137.184.29.95
141.226.224.48
141.95.33.120
142.250.80.46
142.250.80.98
142.250.81.225
142.251.35.162
142.251.35.164
142.251.40.130
142.251.40.162
142.251.40.163
142.251.40.168
142.251.40.194
142.251.40.195
142.251.40.98
162.19.138.120
172.111.38.86
172.64.144.166
18.164.116.41
18.164.116.7
18.164.124.48
18.173.132.98
18.173.140.223
18.212.103.81
18.233.192.61
18.238.55.62
18.238.80.80
192.104.182.209
2001:4860:4802:32::181
2001:4998:14:800::1000
207.65.37.182
216.17.34.107
23.105.14.100
23.199.48.23
23.46.225.71
23.51.57.13
2600:141b:1c00:1f98::279f
2600:1901:0:8eee::
2600:1f18:612b:4200:341b:e3d9:6b0a:5e23
2600:1f18:612b:4264:184f:183c:f286:1539
2600:9000:21dd:ae00:6:44e3:f8c0:93a1
2600:9000:21f9:6000:19:fc2c:a140:93a1
2600:9000:247b:1000:8:48e:53c0:93a1
2600:9000:24f1:6600:18:1fcd:354:4b41
2600:9000:2511:2400:1:6448:6d00:93a1
2600:9000:2512:7400:1b:6b7d:2300:93a1
2600:9000:2512:e400:1b:6b7d:2300:93a1
2600:9000:266a:2800:1a:5235:f980:93a1
2600:9000:266a:5c00:1a:5235:f980:93a1
2600:9000:266a:d400:1a:5235:f980:93a1
2600:9000:2807:a000:3:b7e:8940:93a1
2600:9000:2840:b000:1b:5138:8a40:93a1
2606:4700:10::6816:545
2606:4700::6812:196f
2606:4700::6812:1ad8
2607:f8b0:4004:c19::9c
2607:f8b0:4006:806::2001
2607:f8b0:4006:80d::2014
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2008
2620:112:f008:200::101
2620:116:800b:21:a021:b886:81cc:55cf
3.171.139.11
3.220.46.253
3.82.182.220
34.111.113.62
34.111.152.239
34.120.58.62
34.160.128.112
34.160.152.31
34.170.123.2
34.171.47.125
34.229.3.43
34.235.58.193
34.98.64.218
35.160.151.220
35.186.247.156
35.211.202.130
35.214.208.189
35.244.154.8
35.244.159.8
35.244.193.51
35.71.131.137
35.71.139.29
37.157.6.231
44.198.22.224
44.205.122.38
52.88.187.56
54.192.199.162
54.82.174.208
54.83.69.204
63.251.28.210
68.67.160.24
69.173.151.100
69.194.240.13
8.28.7.82
8.28.7.83
80.77.87.163
98.82.158.241
98.83.224.108
0009bb27ee1654fd3a96c0491406762dd74c47d64b720523c5e427d29538c961
026e82e122c595a5bc13571e5e25e7cbbfcc9a58166a3cfd149cc959bb08bd3a
05a0b7f4cb7ef38be18f11cbe7bcc0d37cf2d8227db3146eba5887f06e4dca43
05a2e11ca7eec8c417502083be1f1ab4739d7e88b9cf694fc7ad5a69195603c0
06387490c83a22e6ea8ce6eded7b073e8469bc46afa2be75e9afc416c6d0d4fe
0693bf82a6c3cfc499b9316adb25202beec3c702a832a82753495a8d37821ad8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08c9169c2b7794bd05638c48d359e14f040e1129328b45836d4266ff6050ab3f
08f0f3e9f8578d63e4d901653a4b893cd0f8a8ef2dfc6eb8ee84e8d7bc2ed10a
0b9799749aeec96fea2a910907f919bb39445cf79c00e2779090292c104f364e
0c11cb6090c93f5afe72d6f1921f816a2db6147dc10cced0b0a81c4e276e8b56
0c9623bc4920ca872d5a2169e494da19fa1e028981f5734ef0b423c83108cc75
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12ad3b3f691f918a13388d3af7b87e4986459f032632c91df7884f19fd43fa46
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13972218e046f9282d620bf3d8f6ed8ccd3f23a2897659311d649ca5117cc873
13c5c5ff33ab479db76e8e4baf65d72c49d115b8ab7e5097e8552a2c0e3ab777
1599a22a3d851f2f14feee3e2a9b77ecae22314366932098ae578d3583c7e71b
1657840bd7d87fd8e7eb2c95956a410ecb045fc4d5d950c0e9c61f67f5502077
16ea27af27e740ce6b0a05893f44d314de6b8e4d1f0a1f43d79e1fc421fac73a
187e36835b2bd991ca93ea63a3b3aa77d6fcf579ea1d30e78829c4cd4f3581dc
1895ad7b11c8904ba4f8c86b5221539f3cf6a8cf729a0a1e3e590623c9da896b
19e71b9750bed04d835845acb8610e99fdc726b81ee570b0f48e7bb843011fc4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20899d4215c29fdb483a29920675ecc094a9184c153d839f55dcbca59952ed3f
20c9f643f67728484f8b6826df78f2da34a00c20294e6d2a94ed9504f294e8d2
21cdf26ae6e5707dde7d53e32820cd09434665fe1962d03bce3d01aa945e62c9
2439539a35daa3fcd3f09e41646ad7d5ab116d44b63871ee8a940da9efe74a40
250210a531956f2cb9ba81de8405e3b4bfdbc9b70d26ba260b547885f866ec1d
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268a82621b02246caf8a54bb04015e1b9df065c23ef5aeae36d6608eaaac28bf
26f3384d6ac95613ad8ae184ff6bd4b771474ea8f138992c35eda1f758ab3bc2
281e701c74c7a82bd98ec52525a2d51ae64ab893db20f89443569077d88be841
2940655625cbe9168662c87a72288297d67e21a12ca7b63954003dc7bb0410f7
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2a50bb5eaf0814dbc3feaf1cb828980789b40ad73a139d136de4476173970efb
2d6a9ebc8beb548d6831dd41fad854010fa3066f3db466412687832595cc84c7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302abe4269895e6318fa84b97d3f2ab3664bf26efdb824039ebc530a87ec9560
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
32585c4ce1f4c35d5bf2a8b6d910ff18ec3c43850eff616406d0c4aa7115956a
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
36c64f44304b93bb203e30ce68d3518197832e3b2f0d17418731d9380857ffb6
3838f85787cad5579a56d4bb1e25cecdfe9166bf0ff56a2ff0464583d51debe3
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3ba48dfc33fe7421ce415e24343f993c3bee5554c49dc34d2a65831f9e0db4c0
3ba9a07cb4d783c069ce0ae2d5ba581612abbec9104f5198d7b24d4b1db8b0b8
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d7c9d22bc64bec9e1ab42f298cb72b96daf3e6f0fb3ca309437b3ca962645c4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
4181f322a3238bb2eb8094e8603ce1a6fa0c0ae25b90677767103b8d87dc1508
4198d9ae65e215bbfba8a14b4e9ed754198d186ba88aed0ca37ea54ecb7701b7
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
429c09ef872b45d80fa51a8ed156e581ed31fd094c179e4d6dd1d3f1bf18f20b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46311b08c6775f4a3598bec2532b2767d4c9ef866b8af6399e6cfa57079c4c38
4635963601b388f845ec836fff1c510db5dde31ef3591a87622feec8d851cd1b
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
4773b8181c2ae8d78001af7baa212e4e56337c9e948c4c3a5a40a73828195055
478b1873c8b53787b6faea310b4bc5efb1f5a807d1a64e2d9315cdb8aa9e68c0
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
48fd8b2824c2aaa6805d06553d9920e45a2c4ee96d72ac5809b0603d6eaa1ef3
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d59e89a71de47b143c555172cb9c64db139072ba8587e0de84c9ac571521513
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e20971ca76f3f3491aaaeb9ed361796ced1576fcfb42bda856bdde4070df29b
4f47b491ae1ac3f2b5d2ce897bd98dc340c0fb8d5059c354bf13c96eae884f6b
501fb04bc7409bdd6cb63b6ef46295c0788b45748eac14ba523833be84cf6311
505d1da0bb68322b9276866435a2b0b006ba5e51fe250942031e9fe3d214b7ff
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
51c80b68da6328822b6e3897025102798f10f5166d39e0ce73a42cf64e437f5b
52138849c09f70a1abd11ace9368267e599b99ac7d2a085f659b71efd74854d2
52db5b2414b37d257bb787cbefab7cadfbc282169e377e94bf256cee3f0479e3
534dc6dd738fbf4a765539735af2202ce2dcaf6b2899b5eed7834ac0d6964bbd
53675bf2b404d1ae8708696dadafdb9c1815087b25d10ee078f45948e1a491bd
53812a70761bb5417aaff5e06ab44c32dde8504c6aa903d4a85c2620b850b879
53b94e65768d49eda59af7f8c0f1ea06cae1bca8ff2697016f463818673df700
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
5748c66b763e7c561f8e57b036f76a58909c657cffda9a3acffff99103ffccda
58385770fe21f5d517ad31d59f069f6903960d6de1c88eba34b8442cddf251b9
5a179aff94697df1272b7433e1346f780d35ae375b7cb926f3b16dcd2bfd5cc5
5dd17d6d3d06cb368353a5f88107c97674b9a8f4107dd0cf77c38495b3ec15af
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
6175b90081cead91934049fee413677a53112b75f20b84128723247d4878d1d7
61dd6de57773800a3c5911743f0b4efc68b936a29ba89fe880ec3ee4bb79c8c6
62ed3cf655f7ac3b27c276fecd4f5b748f15b6fb138e7223d80b7b4333f2e6a1
64c07323b9f8816039655bc454c1a75563a252381a906f01d97c169659b27e63
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
6511b9f6283c0284e354451a62b50b637fb55f63c4cb7b88d312e6e0e1899423
653e273bbc432403bb37db126e8e43f758c7bd998691759be0bc2b3f4515b274
689c90e3d54cd33dc799dcb8f743d21832ffb124eaacbb96ee5846f88dc533ba
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc0358f1c76ca7437e0adfd927c5367f5827201112ec227c5bb9baa8436c5ed
6cb74b1c20520023a412d8e0bc04e0bcc832be2f66b0a584056db181dcd5a052
6d9322b8b4f8525979b85a89e99dab62e77573ea963fd8857965db849cf7151d
6dc9709f3e552523547345e7df9f22b4cf773a66f66590aede2a5a24c1c5834d
700bdd4916ae7cdc0bf47f650cbf21ed881fc282e4729afe2814678670e441c1
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
71a41e3f248643457282a6b017e6bad75a0d662ed43f46a3f9bf3bad2bba4107
73ac9295ec0ab84ce7f0e680b05a3840fede04a513fca28851010fff590b7429
7451db68b94c168c5c5745e48f73f2ce96a523668f1462e049a389e889ee8a78
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
7489f0c635545a67cfbe23ed9463eceae16a3a45b168c3de04faa3e72b52ed8c
74ab74e001689f9d87effd32607338d5728f219a86faff4f122a15f2e27887ff
76b2d22c9e0858cc8b08ff50dbd291d2679031e95a912fbaec60fda771b6c433
7746d371a3cfeb7979a07fded0ae3112996aec48114324871c1b8519b4884dd4
7b42cc79ee01c5ce06bc110b633ae542c3fc864c18894efa443d85a15a650bb8
7c99db3b62d5db32c9ae45dfec0e4664f1de068a8300c179aabeec28edb8c315
7cc23a6e123ece3f599d95ffefb91725b6dfe5b0a58e305f2ff68e32de0617a0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
7fc0df3dd0a51f255e779a3e5a82ccc0ddbb2712202ada034cd0b11e5ffb0862
7fe4cb97ef5e3d652dbf242e9d0424c81ddb8444848ad56be07105d94a908ad8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
870fb43084d88849bbf9c2f20491fde93d49d92c2aa71f12ed781b18c64d4658
87ef0c1a19a14f4bbd668ae8c9c727dd27dbb375b9f47ca4ee44f56da4b01293
8908154ab78aedae0914ded4c76fff4b8310d1b82beeb00dfadb340c77d7e90d
8a3d07edaed7c877448706fd0fff8b146093e704f70e6ee636d22a4811ec52fa
8aa7bc5bbd502aa230807ca86a6626896f8619fc20617f46bc581f0874503454
8b0256741fe94eceb488a73ce12f09f7e7ed179ecefbaeae216bf56e6a6511af
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
8ca8e9c3381b0d59292155e826f635c4df61cc4232f9503b0bc683373010c091
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
8d2678ff0715284456a48f52fa21c43a417bea04bcb4b6fcd516ab11dc047192
8ede1a550962b91f6eb9c99477224a857b9b2d94fc2549e93a7fbb6c2d74f135
8f48d97d3112bc9bf95ef0d70d30e7ec78041b3b498251ccd183fb18686139ac
8f9fce2d1efeb7ff84b096edcbd306fbeed42a83f2717b4d6e6a0502ce5ea160
91b2c98c30f6d5166263c7bdbeba248ec0e87c470097669620902240c4e9288c
923148f2865df9ae5d959ad24ccce06b805e5c241ae9f2cba863d5d95fedf3b6
93a27160745cc3ce00fa6ff83370750f75b39e22b86f302e1617b80502fd955b
93b14ed7784563efe04b1b2fb32f2955b1801d3eee2ab02bfcff3352ce5174d6
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
95d394113eceb60ef6b9476049e9ecb158362f835308eef2cb59ed6154ef9144
95ee6fc8810dfcbf054b898101151cb555278f15ff86e64a846cf1209c7184d0
97210a6f3bb5fd736f839127b138eb7a7786cde64d5983b53743cb6816d7079e
9971ed07771da4df4dda61168629d1f3533c4fe7a4578e60f64372c27dab655d
9cd8002a5b4f9e621e945a19449220d9e3c085b403e6f20b01303e9e81d4c54e
9e39d321532d4472593ff6110e51c09e688078726758971662ce3b1d26c78067
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a2047b79ff08a6bc34a0f42a906fd31d3213baba8f4347ea2337647b2e5bf5a5
a36cd619ac68a4a39eb1be94925967f014d1e7dc4a679f6dc86807416c2ae930
a84779f488e10b2425de021fbf949db04492c167c3d41e59f145921a18f76f68
a8d3d5441f4dc1096c579e787e33d3a80b5b8e174928ab9d3012035a3ab3a8b5
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
a9b976a601ff5db100a2280eeeefaf00a1127c6917abcc2942dbb94e1b1d8919
a9bc6c096296ab210888d390eedb0f52d963077a4dc083bd08e5c6e074c79d51
aa1a0eb6a196c2be268f3c9b0c5b5d509ed05804b8ab90122c5437a07f2f9fd2
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
abca570d68e4d643d2db448f8c1ea05d3f52494fe08453657316a5a1054a556d
ad0fab125019c8792c2639b29e81cbffb1f69c3f2764d026cbe042791feb07de
ae182cfa9c887e134c5bbeb853bfba308aeedb7e63c230b257eebe84f5782b75
af69970e4bdd1dae03743c2e01cc7a78d5b3cc946517170e3ec75f6ce781908b
afcfba1248dcf052028a4db047d783a04a69089158cca9a0c214fac79ea74410
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18166185105bccd50108a0ca0cb0caa40ca568972adc06f484ee2473700b008
b19839fe4ce34d785425e7621679f4c9e0e342a44bd86f301e81f81f4f400113
b2a68f47899fd9e8da0a9dcfe67962de8311c2b0c98e4889f9957e11e1ddf947
b2bb0f82681ca4b17ba49278bc70052a3723e2ada4bcc9a0598dcd1f60409c32
b55889ef6b0be911566f841cdf9e12e9d769a3d5324e34e1d9c3c9442218dae8
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b79952d2f1ba3781cff55366a1888587b3b6f13e2556cc3f775d2c722a1f8180
b95b2add8ced883d3eefbfc4e70b58fbed8de0bc9e5b3772c3c262212cb67564
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bac8ee57b7086f2eac3c07d0852d819ba937a57c16304f9065dfdafbf141d795
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc2d4551a314543adffaa267219459c425cb73feb92084022bf43d199a772ef7
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
be40e3da703faed33bd3e9c8977a3d814f53c17df10838fd4b257c7e9f6d074f
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c039f0a1f814c3265903cbd02794156260d6eafef702deb2947f3580ccd670eb
c06615f65bbd0fd24a7fc98664ebe6cc69c165be8bf47181a45c4b5876e5471e
c0f86e2e4aee90ce1ffeef49d951618e34e3ed4810a3ed1110ae66f9c051e3f4
c258612c0cd334872c05a3cf75f5db4f3cf2b4a4f4c562822e10ea2496ea98a3
c3957eaddd8ea77e90cbb9d1082d74f86973ea305310db090a6deff93f3f82b8
c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790
c5de348f617ee894c9c9851cf7ac48e9f6525e05a30d5415f7690a3e9afeb9b3
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b
c674558de45e46dee5232833765b383956c69c167abfa7a91e18fae869ad8b1f
c806aa312185f4a7b8941e85522f64aa5d7756169550169048bf5fc9a143e8fe
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a
c9c82d6446bd15b7b992cc15e86119da298f3dc805b81fb777baa24651593d93
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca46c7d904699d5673e1e9cf73ea6bb7c99b224a74fe06f9e43bd213faf52b95
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb58cb23cd0565f80dc68262022fd12ab1c3b28a4cff6ac14bc7cf87452373c6
cd9ead1d96f5e05bd49c8231ab7856822fdef385c83f0d91e2962ca07a562618
ce019fdf5ef58bd9f7f0f8c041682db9b1ea6efccddfdd26817f13bf600e4cc6
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfeec6d248d6cdbfea7e9c9c928b3af3a2562e5975348be91dece3a1c653593f
d01d7d21681301d2665586e1c0d2d722db01841bdbeb76db4659cb4698d9c9a9
d0f706e0e18946e3f7169ac9c06dac7fbb0c686a0683ba9da18ae64919e644e7
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
d1a65a57e7f6b993a1391834169835e58ef71d4989aed912ac7a3f60038503f8
d2879e1d888236d5e4f5712fab3e33f866c26b7a3123712cc6f294b83f2b0a81
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d720517727209364c05e7923b20067950059abd5bdacd5b80ebf1850b2b920ca
d7c25086a2305f99b43116f3935095d346eea4e1fc781bab31e81b6b9320032b
d8d0c6936da58940112f51b84fc4c2ea1393ad348963fe380643e38acabd677c
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
dac9147c2b74fb135d2bbfaf863ae1d12921a4e47f12da60467eab962c33d60a
dae8b59ed31e28c37e5102d6d0bb67629453b61cdca1c6c44624b2c714eb974c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddfaead26a52cb4c33361bbf0ab894dc95e0f304b8ffb46923058a24172ea6be
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2544873c9cde050a91b86eb99a2305aeeb5ba62a4a5a0e9d994e8c2fbacb366
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951
e6e0e4b4a100861c4b8a7b35d922a263e0eb531eb00687385d54fed4d158abb4
e746dd744aaef29a2be87c2474d12c79c1a0dea6e926d657d606e9345584b1f4
e752952af381ed1e89cd1f11c914d071199049f896192feac4a68b64f9fe62ba
e80799ebf2ac1a977b8926bb1b45767c640045522b15676c5a66b34faaa1ac31
e8b425b0454dfdeaacc90a822297f5386f87aa23cdb769f6843bfdc48d87a2bb
e97d58b269af03c7342d662b20f10aca683d15391bc34f06c1fb0c97d511d466
e99a8b2bb16e002eba81a971ff71f7eabe04c12b03cbadcfd13e3b448a8b4ebd
ea67ff6b5b7b47547079d888267aa933d278920933bf8d0b767dbbadb9a25be7
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ee5ebc2e5e093ee9ea3485ae13632e54bba29b488b7956923112de35efe7ded4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb2d0576416989fac9f5f430927d55bd6b90d8c3eb3c3fb3111ffe1d10e1502
f13328d6c37a7e3875d27e92de7141328ac4daab3fb3be114019d95db55867b3
f3ce13fad7c845235767cb1ce6dde20a5cd4024f0f305aeffc71c594284a91b1
f3f0c37ccbeaedaf783f06fb420768dab9ae40440f79296f8eb63f75c8205aa0
f439ccdf94fcc068976d8f7449406fdf70fef61a68993a29b1bccbe169545f34
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f48ddd69967259832586624a6d57c094fb697b865e442bf3e89fed148b708fb0
f619cf57dca7918f00dc75994dd6895895b7b5b03487754ac3beaf6b929bdd10
f7bc1865c10215913cd38a869630fd07c008811bb39ecdfc5b9d76a74a31b6b6
f87e26402f28b2796a1d0a1e9ea3b9bafff588bdc62826a58b0542e5a90bc158
f904a2ca780779a7cf0c27454b0dcaba169d158f5b9ba7936dc60a03155fb052
f90585228da20b1df3da076033ea6ee19b956d556a7c290585464a97e50f9243
f982d54df817cd30bcb7c640dc9fd3c71c4c775bbc789dedf835e589c6f1dfc9
fd7cf24e7130670073acb303d5d23086ed076f7813153ece3c67cf5037b5db67
fd8ec8afff835f923f221ffcdc2d917a9a26d87366f8f6566fabc484e56c944b