www.heraldsun.com Open in urlscan Pro
104.111.219.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mailview.bulletinintelligence.com/mailview.aspx?m=2018042602capone&r=email-d53e&l=03b-6b9&t=c
Effective URL:
https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Submission: On August 03 via api (August 3rd 2018, 5:30:16 am UTC) from US

Summary HTTP 193 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 72 IPs in 7 countries across 52 domains to perform 193 HTTP transactions. The main IP is 104.111.219.11, located in Amsterdam, Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.heraldsun.com.
TLS certificate: Issued by DigiCert ECC Secure Server CA on March 6th 2018. Valid for: 10 months.

This is the only time www.heraldsun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.220.57.119 65.220.57.119	701 (UUNET) (UUNET - MCI Communications Services)
1 31	104.111.219.11 104.111.219.11	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY - Fastly)
1	34.251.105.46 34.251.105.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.130.176 151.101.130.176	54113 (FASTLY) (FASTLY - Fastly)
4	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2600:9000:201... 2600:9000:201a:400:15:d134:4e40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	34.251.231.74 34.251.231.74	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.27.226.96 52.27.226.96	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	172.82.228.19 172.82.228.19	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	34.248.66.236 34.248.66.236	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.216.226.179 52.216.226.179	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.82.228.20 172.82.228.20	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	18.185.222.18 18.185.222.18	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	54.77.250.122 54.77.250.122	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	166.108.32.238 166.108.32.238	6118 (MCCLATCHY...) (MCCLATCHY-CORP - MCCLATCHY MANAGEMENT SERVICES)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:204... 2600:9000:2047:7e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.192.38.110 54.192.38.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a03:2880:f12... 2a03:2880:f12d:86:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	54.239.18.44 54.239.18.44	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	52.6.138.7 52.6.138.7	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	37.252.172.40 37.252.172.40	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2	2a02:fa8:8805... 2a02:fa8:8805:10::750	41041 (VCLK-EU-) (VCLK-EU-)
1	2400:cb00:204... 2400:cb00:2048:1::6814:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	88.214.194.64 88.214.194.64	46636 (NATCOWEB) (NATCOWEB - NatCoWeb Corp.)
1	213.219.37.124 213.219.37.124	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2400:cb00:204... 2400:cb00:2048:1::681c:12e8	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
9	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
2	2.18.232.23 2.18.232.23	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2a00:1450:400... 2a00:1450:4001:81d::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
3	52.85.100.248 52.85.100.248	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:182::31c6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	37.252.167.207 37.252.167.207	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	37.252.167.201 37.252.167.201	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	2a00:1450:400... 2a00:1450:400c:c0b::5e	15169 (GOOGLE) (GOOGLE - Google LLC)
20	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.252.3.209 34.252.3.209	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.200.33.142 52.200.33.142	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2.18.232.75 2.18.232.75	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2.18.234.227 2.18.234.227	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	213.254.244.25 213.254.244.25	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	34.235.178.90 34.235.178.90	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	54.154.28.106 54.154.28.106	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	34.251.196.37 34.251.196.37	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.209.50.117 52.209.50.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.243.179.137 54.243.179.137	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2600:9000:204... 2600:9000:2047:9000:18:1fcd:348:2461	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.192.37.14 54.192.37.14	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	54.171.229.6 54.171.229.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.23.255.82 23.23.255.82	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.0.100.49 52.0.100.49	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.1.134.178 52.1.134.178	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	213.254.244.14 213.254.244.14	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
193	72

1 65.220.57.119 (Rockville, United States) 1 redirects

ASN701 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US)
PTR: colo119.bulletinnews.com

mailview.bulletinintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.111.219.11 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-219-11.deploy.static.akamaitechnologies.com

www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.charlotteobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.105.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-105-46.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.176 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.relaymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:201a:400:15:d134:4e40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ovp.iris.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.231.74 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-231-74.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.226.96 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-27-226-96.us-west-2.compute.amazonaws.com

mcclatchy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.82.228.19 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net

mcclatchy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.66.236 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-66-236.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.226.179 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.82.228.20 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.112.2O7.net

nandomedia.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.222.18 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-222-18.eu-central-1.compute.amazonaws.com

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.250.122 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-250-122.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.108.32.238 (Sacramento, United States)

ASN6118 (MCCLATCHY-CORP - MCCLATCHY MANAGEMENT SERVICES, INC., US)
PTR: vnet659.ejoco.com

ece-logger.nandomedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:7e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.38.110 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-38-110.jfk1.r.cloudfront.net

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:86:face:b00c:0:50fb (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.18.44 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.6.138.7 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-6-138-7.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.141 (Smithfield, United States)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.142 (Smithfield, United States)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.40 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

mcclatchy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8805:10::750 (Sweden)

ASN41041 (VCLK-EU-, SE)

media.msg.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6814:ff3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prebid.districtm.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.214.194.64 (United Kingdom)

ASN46636 (NATCOWEB - NatCoWeb Corp., US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.219.37.124 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1096-124.members.linode.com

thor.rtk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::681c:12e8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.14.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.23 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2006 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.100.248 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-100-248.jfk1.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:182::31c6 (European Union)

ASN20940 (AKAMAI-ASN1, US)

static.mcclatchyinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.167.207 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 24.ratbait.prod.ams1.adnexus.net

rb.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.167.201 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 14.ratbait.prod.ams1.adnexus.net

rb.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::5e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:81d::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.3.209 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-3-209.eu-west-1.compute.amazonaws.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.33.142 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-33-142.compute-1.amazonaws.com

www.gomnlt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.75 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-75.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.227 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-227.deploy.static.akamaitechnologies.com

cdn.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.25 (Germany)

ASN3257 (GTT-BACKBONE GTT, DE)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.235.178.90 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-235-178-90.compute-1.amazonaws.com

www.moonlightingapi-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.28.106 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-28-106.eu-west-1.compute.amazonaws.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.214.103 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.196.37 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-251-196-37.eu-west-1.compute.amazonaws.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.50.117 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-209-50-117.eu-west-1.compute.amazonaws.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.179.137 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-243-179-137.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:9000:18:1fcd:348:2461 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.37.14 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-37-14.jfk1.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.229.6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-229-6.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.255.82 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-255-82.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.100.49 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-0-100-49.compute-1.amazonaws.com

srv-2018-08-03-05.config.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.134.178 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-134-178.compute-1.amazonaws.com

srv-2018-08-03-05.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.14 (Germany)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps20226.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	heraldsun.com 1 redirects www.heraldsun.com media.heraldsun.com	793 KB
25	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	439 KB
12	boltdns.net manifest.prod.boltdns.net cf-images.us-east-1.prod.boltdns.net	548 KB
11	adnxs.com acdn.adnxs.com ib.adnxs.com rb.adnxs.com	88 KB
10	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	145 KB
9	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	30 KB
7	teads.tv 1 redirects a.teads.tv cdn.teads.tv t.teads.tv sync.teads.tv	179 KB
6	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com tps.doubleverify.com tps20226.doubleverify.com	75 KB
4	colossusssp.com colossusssp.com	916 B
4	rubiconproject.com fastlane.rubiconproject.com	6 KB
4	omtrdc.net 1 redirects mcclatchy.sc.omtrdc.net	2 KB
4	gstatic.com www.gstatic.com csi.gstatic.com	76 KB
4	demdex.net dpm.demdex.net mcclatchy.demdex.net	3 KB
4	googleapis.com imasdk.googleapis.com	79 KB
4	crwdcntrl.net 1 redirects ad.crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net	12 KB
3	2mdn.net s0.2mdn.net	49 KB
3	brightcove.com edge.api.brightcove.com	18 KB
3	google-analytics.com www.google-analytics.com	14 KB
3	facebook.com 1 redirects staticxx.facebook.com www.facebook.com	507 B
3	amazonaws.com s3.amazonaws.com sqs.us-east-1.amazonaws.com	14 KB
3	iris.tv ovp.iris.tv	226 KB
3	google.com www.google.com adservice.google.com	819 B
2	parsely.com srv-2018-08-03-05.config.parsely.com srv-2018-08-03-05.pixel.parsely.com	1 KB
2	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	22 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	moonlightingapi-ads.com www.moonlightingapi-ads.com	1 KB
2	gomnlt.com www.gomnlt.com	126 KB
2	adobedtm.com assets.adobedtm.com	42 KB
2	dotomi.com media.msg.dotomi.com	1 KB
2	google.de adservice.google.de www.google.de	278 B
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	709 B
2	quantserve.com edge.quantserve.com pixel.quantserve.com	6 KB
2	2o7.net 1 redirects nandomedia.112.2o7.net	919 B
2	charlotteobserver.com www.charlotteobserver.com	120 KB
1	chartbeat.net ping.chartbeat.net	213 B
1	chartbeat.com static.chartbeat.com	22 KB
1	ipify.org api.ipify.org	251 B
1	mcclatchyinteractive.com static.mcclatchyinteractive.com	3 KB
1	districtm.io cdn.districtm.io
1	rtk.io thor.rtk.io	686 B
1	districtm.ca prebid.districtm.ca	7 KB
1	openx.net mcclatchy-d.openx.net	664 B
1	casalemedia.com as-sec.casalemedia.com	2 KB
1	quantcount.com rules.quantcount.com	991 B
1	nandomedia.com ece-logger.nandomedia.com	121 B
1	googletagservices.com www.googletagservices.com	8 KB
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	googleadservices.com www.googleadservices.com	7 KB
1	relaymedia.com cdn.relaymedia.com	391 B
1	facebook.net connect.facebook.net	66 KB
1	ntv.io s.ntv.io	73 KB
1	bulletinintelligence.com 1 redirects mailview.bulletinintelligence.com	420 B
193	52

	Domain	Requested by
22	www.heraldsun.com	1 redirects www.heraldsun.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.heraldsun.com tpc.googlesyndication.com
9	manifest.prod.boltdns.net	www.heraldsun.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.heraldsun.com
7	www.i.matheranalytics.com	www.heraldsun.com
7	media.heraldsun.com	www.heraldsun.com media.heraldsun.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net s0.2mdn.net www.heraldsun.com
5	rb.adnxs.com	acdn.adnxs.com
5	ib.adnxs.com	acdn.adnxs.com prebid.districtm.ca
4	colossusssp.com	acdn.adnxs.com
4	fastlane.rubiconproject.com	acdn.adnxs.com
4	mcclatchy.sc.omtrdc.net	1 redirects www.heraldsun.com media.heraldsun.com
4	imasdk.googleapis.com	www.heraldsun.com imasdk.googleapis.com
3	csi.gstatic.com	imasdk.googleapis.com
3	cf-images.us-east-1.prod.boltdns.net	www.heraldsun.com
3	s0.2mdn.net	imasdk.googleapis.com www.heraldsun.com s0.2mdn.net
3	edge.api.brightcove.com	www.heraldsun.com
3	www.google-analytics.com	media.heraldsun.com www.heraldsun.com
3	dpm.demdex.net	media.heraldsun.com www.heraldsun.com
3	ovp.iris.tv	www.heraldsun.com ovp.iris.tv
2	tps20226.doubleverify.com	cdn.doubleverify.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	d1z2jf7jlzjs58.cloudfront.net	media.heraldsun.com d1z2jf7jlzjs58.cloudfront.net
2	sync.teads.tv	1 redirects cdn.teads.tv
2	t.teads.tv	www.heraldsun.com
2	sb.scorecardresearch.com	1 redirects www.heraldsun.com
2	www.moonlightingapi-ads.com	www.gomnlt.com www.heraldsun.com
2	cdn.doubleverify.com	s0.2mdn.net www.heraldsun.com
2	www.gomnlt.com	www.heraldsun.com
2	a.teads.tv	www.heraldsun.com cdn.teads.tv
2	assets.adobedtm.com	media.heraldsun.com assets.adobedtm.com
2	media.msg.dotomi.com	acdn.adnxs.com
2	www.facebook.com	1 redirects connect.facebook.net
2	secure-us.imrworldwide.com	1 redirects www.heraldsun.com
2	js.matheranalytics.com	1 redirects www.heraldsun.com
2	nandomedia.112.2o7.net	1 redirects www.heraldsun.com
2	s3.amazonaws.com	www.heraldsun.com
2	www.charlotteobserver.com	www.heraldsun.com
2	www.google.com	www.heraldsun.com
1	srv-2018-08-03-05.pixel.parsely.com
1	srv-2018-08-03-05.config.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	ping.chartbeat.net
1	static.chartbeat.com	media.heraldsun.com
1	api.ipify.org	www.heraldsun.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	cdn.teads.tv	a.teads.tv
1	googleads4.g.doubleclick.net	www.heraldsun.com
1	static.mcclatchyinteractive.com	assets.adobedtm.com
1	cdn.districtm.io	prebid.districtm.ca
1	thor.rtk.io	acdn.adnxs.com
1	prebid.districtm.ca	acdn.adnxs.com
1	mcclatchy-d.openx.net	acdn.adnxs.com
1	as-sec.casalemedia.com	acdn.adnxs.com
1	sqs.us-east-1.amazonaws.com	s3.amazonaws.com
1	www.google.de	www.heraldsun.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	pixel.quantserve.com	www.heraldsun.com
1	rules.quantcount.com	edge.quantserve.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	ece-logger.nandomedia.com	www.heraldsun.com
1	edge.quantserve.com	media.heraldsun.com
1	staticxx.facebook.com	connect.facebook.net
1	www.googletagservices.com	www.heraldsun.com
1	cm.everesttech.net	1 redirects
1	mcclatchy.demdex.net	media.heraldsun.com
1	www.gstatic.com	www.google.com
1	tags.crwdcntrl.net	www.heraldsun.com
1	www.googleadservices.com	www.heraldsun.com
1	cdn.relaymedia.com	www.heraldsun.com
1	connect.facebook.net	www.heraldsun.com
1	s.ntv.io	www.heraldsun.com
1	ad.crwdcntrl.net	www.heraldsun.com
1	acdn.adnxs.com	www.heraldsun.com
1	mailview.bulletinintelligence.com	1 redirects
193	76

This site contains links to these domains. Also see Links.

Domain
account.heraldsun.com
digital.olivesoftware.com
heraldsun.mycapture.com
x.email.heraldsun.com
heraldsun.newsbank.com
events.triangle.com
games.heraldsun.com
www.legacy.com
classifieds.heraldsun.com
www.newsobserver.com
jobs.newsobserver.com
durhamheraldsun.adperfect.com
www.facebook.com
twitter.com
www.linkedin.com
plus.google.com
www.pinterest.com
www.reddit.com
www.mcclatchyreprints.com
www.charlotteobserver.com
teads.tv
mcciservices.newscyclecloud.com
nie.heraldsun.com
instagram.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert ECC Secure Server CA	`2018-03-06` - `2019-01-02`	10 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2018-04-26` - `2019-04-26`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-07-24` - `2018-10-02`	2 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2018-07-24` - `2018-10-02`	2 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-07-24` - `2018-10-02`	2 months	crt.sh
*.doubleverify.com Symantec Class 3 Secure Server CA - G4	`2017-07-11` - `2018-10-10`	a year	crt.sh
*.teads.tv Gandi Standard SSL CA 2	`2018-04-13` - `2019-05-06`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2016-06-28` - `2019-06-28`	3 years	crt.sh

This page contains 23 frames:

Primary Page: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Frame ID: FDFDF487810F40629E9453AE713F2FDC
Requests: 145 HTTP requests in this frame

Frame: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: B69223623F14839A0AEFF36061604FDD
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Frame ID: 6FA5F782CAD4D83F6093462D18F645CE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?href=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&limit=10&order_by=reverse_time&width=100%25&app_id=105440539523&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3c031305e3e79%26domain%3Dwww.heraldsun.com%26origin%3Dhttps%253A%252F%252Fwww.heraldsun.com%252Ff19f73f44981884%26relation%3Dparent.parent&sdk=joey
Frame ID: 9433015DFBA277CE7F4E36CFDD388326
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 1B32C7A22C93F95185EABA9CCDA10128
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.225.0_en.html
Frame ID: 8695DB909FF97287665F4E7D119D5BB2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.225.0_en.html
Frame ID: C50D7475BD59E402CF84B7F3B63E542D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.225.0_en.html
Frame ID: E9774691F4E4CBD75AF959F43E703AEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/abg.js
Frame ID: F22F34E43DA3B5BC8069D80C44A144B0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: EC1081898FAF5C67D4480E3A74281878
Requests: 1 HTTP requests in this frame

Frame: https://a.teads.tv/page/75660/tag
Frame ID: 25109855ACB92D829988D095600A3D44
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: 151AC2ED4370F1A428EFB0BEB6E765EF
Requests: 1 HTTP requests in this frame

Frame: https://www.gomnlt.com/partner_resources/full_job_card_loader_prod.min.js
Frame ID: 69FC62E2E40541B235A5DA07003A695B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: A51F4DD55872946C30E8065A68515B31
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_241.js
Frame ID: A14B1989C8BB65FC7FC4C211419EC059
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/abg.js
Frame ID: 12D47411FE9B4DFA42BBD68CF59FB534
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/osd_listener.js
Frame ID: 9319532E9D6A80BF3008335A06F6A53A
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/6uQTKQJz.html
Frame ID: 200E811CEF6BE4B5A8AE7A1164456380
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/2276943/1523392961914/index.html
Frame ID: 59EFB82944E1DBFDBFB90EBB6FFDA6C4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements234.js
Frame ID: 7F171C9CBE00BBCDF72885C4CCB2CCE0
Requests: 4 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: F70FF7AA4D6F6CA5622D84CB3D77F638
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe/redirect
Frame ID: 4A994B3235625F9AD126B22F096D7EAF
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2366619%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state/int=%23OpR%2367084%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina/int=%23OpR%2367085%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina%20%3A%20article/med=%23OpR%2368729%23Meta%20keyword%20%3A%20bank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders%2Cbank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders/rt=ifr
Frame ID: 4001ED2563E71223DFDC2D8922F43FDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mailview.bulletinintelligence.com/mailview.aspx?m=2018042602capone&r=email-d53e&l=03b-6b9&t=c HTTP 302
http://www.heraldsun.com/news/state/north-carolina/article209736429.html HTTP 301
https://www.heraldsun.com/news/state/north-carolina/article209736429.html Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx(?:$|\?)/i

VideoJS (Video Players) Expand

Overall confidence: 100%
Detected patterns

env /^VideoJS$/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^requirejs$/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx(?:$|\?)/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i
env /PREBID_TIMEOUT/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_sf_(?:endpt|async_config)$/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
script /2mdn\.net/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

Parse.ly (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^PARSELY$/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^quantserve$/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^s_(?:account|objectID|code|INST)$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

193
Requests

22 %
HTTPS

27 %
IPv6

52
Domains

76
Subdomains

72
IPs

7
Countries

3309 kB
Transfer

7517 kB
Size

7
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://account.heraldsun.com/static/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: https://account.heraldsun.com/static/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://digital.olivesoftware.com/Olive/ODN/DurhamHeraldSun/default.aspx
Title: eEdition

Search URL Search Domain Scan URL

URL: http://heraldsun.mycapture.com/mycapture/index.asp#navlink=subnav
Title: Buy Photo

Search URL Search Domain Scan URL

URL: http://x.email.heraldsun.com/ats/url.aspx?cr=663&wu=73#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://heraldsun.newsbank.com/#navlink=subnav
Title: Archives

Search URL Search Domain Scan URL

URL: http://events.triangle.com/
Title: Triangle Area Events

Search URL Search Domain Scan URL

URL: http://games.heraldsun.com/
Title: Puzzles & Games

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/heraldsun/#linknav=subnav
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://classifieds.heraldsun.com/#navlink=subnav
Title: Classified Ads

Search URL Search Domain Scan URL

URL: http://www.newsobserver.com/cars/#navlink=subnav
Title: Cars

Search URL Search Domain Scan URL

URL: http://www.newsobserver.com/homes/#navlink=subnav
Title: Homes

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: http://durhamheraldsun.adperfect.com/
Title: Place a Classifieds

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Bank+of+America+CEO+on+gun+violence:+%27We+have+to+help.%27&url=https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.heraldsun.com/news/state/north-carolina/article209736429.html&title=Bank%20of%20America%20CEO%20on%20gun%20violence:%20%27We%20have%20to%20help.%27
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Title: Google+

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://www.heraldsun.com/news/state/north-carolina/article209736429.html&description=Bank%20of%20America%20CEO%20on%20gun%20violence:%20%27We%20have%20to%20help.%27&media=https://www.charlotteobserver.com/latest-news/n37qza/picture209793864/alternates/LANDSCAPE_1140/Brian%20Moynihan.JPG
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.mcclatchyreprints.com/
Title: Order Reprint of this Story

Search URL Search Domain Scan URL

URL: http://www.charlotteobserver.com/news/business/banking/article208550079.html
Title: manufacturers of military-style guns sold for civilian use

Search URL Search Domain Scan URL

URL: http://teads.tv/inread-outstream/
Title: inRead invented by Teads

Search URL Search Domain Scan URL

URL: https://account.heraldsun.com/subscribe/create?param=fHpDCUs=&cid=CTA_.991mo_firsttoknow
Title: SIGN ME UP!

Search URL Search Domain Scan URL

URL: https://www.charlotteobserver.com/news/business/banking/article206541204.html#storylink=readmore_inline
Title:

Search URL Search Domain Scan URL

URL: http://www.charlotteobserver.com/news/business/banking/article195054024.html#storylink=cpy
Title: racked up $18 billion in net income in 2017

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.charlotteobserver.com%2Flatest-news%2Farticle209806709.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.charlotteobserver.com%2Flatest-news%2Farticle209806709.html&text=The%20Rev.%20Jesse%20Jackson%20on%20Charlotte%27s%20upward%20mobility%20challenge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle215487250.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle215487250.html&text=Take%20a%20look%20at%20the%2010-foot%20cliff%20that%20closed%20Nags%20Head%20beach%20in%20NC%E2%80%99s%20Outer%20Banks

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle215403350.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle215403350.html&text=New%20shark%20tracker%20shows%20locations%20of%20sharks%20and%20commercial%20fishing

Search URL Search Domain Scan URL

URL: https://account.heraldsun.com/static/subscribe#navlink=mi_footer
Title: Start a Subscription

Search URL Search Domain Scan URL

URL: https://mcciservices.newscyclecloud.com/cgi-bin/cmo_mcc-c-cmdb-est-01.sh/custservice/web/login.html?siteid=DUR#navlink=mi_footer
Title: Customer Service

Search URL Search Domain Scan URL

URL: http://digital.olivesoftware.com/Olive/ODN/DurhamHeraldSun/default.aspx#navlink=mi_footer
Title: eEdition

Search URL Search Domain Scan URL

URL: http://x.email.heraldsun.com/ats/url.aspx?cr=663&wu=73#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: http://nie.heraldsun.com/#navlink=mi_footer
Title: News in Education

Search URL Search Domain Scan URL

URL: https://heraldsun.newsbank.com/#navlink=mi_footer
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theheraldsun/#navlink=mi_footer
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TheHerald_Sun
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/durhamheraldsun/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mailview.bulletinintelligence.com/mailview.aspx?m=2018042602capone&r=email-d53e&l=03b-6b9&t=c HTTP 302
http://www.heraldsun.com/news/state/north-carolina/article209736429.html HTTP 301
https://www.heraldsun.com/news/state/north-carolina/article209736429.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037 HTTP 302
https://nandomedia.112.2o7.net/id?AQB=1&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1

Request Chain 42

https://cm.everesttech.net/cm/dd?d_uuid=25126373676608556080258619103188295077 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=W2PoWgAABoIh8xKk

Request Chain 48

https://nandomedia.112.2o7.net/id?AQB=1&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1 HTTP 302
https://mcclatchy.sc.omtrdc.net/id?AQB=1&vmr=true&&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1

Request Chain 49

https://js.matheranalytics.com/s/ma12095/74930333/sp.js?cb=1479 HTTP 301
https://js.matheranalytics.com/static/2_2_18-c/sp.gz.js

Request Chain 53

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/news/state/north-carolina/article209736429.html&rp=&ts=compact&rnd=1533274202429 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/news/state/north-carolina/article209736429.html&rp=&ts=compact&rnd=1533274202429&ja=1

Request Chain 68

https://www.facebook.com/plugins/comments.php?api_key=&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3c031305e3e79%26domain%3Dwww.heraldsun.com%26origin%3Dhttps%253A%252F%252Fwww.heraldsun.com%252Ff19f73f44981884%26relation%3Dparent.parent&locale=en_US&numposts=10&sdk=joey&title=Bank%20of%20America%20speaks%20on%20gun%20violence%20at%20shareholder%20meeting%20%7C%20The%20Herald%20Sun&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&version=v2.5&width=100%25&xid=https%253A%252F%252Fwww.heraldsun.com%252Fnews%252Fstate%252Fnorth-carolina%252Farticle209736429.html HTTP 301
https://www.facebook.com/plugins/feedback.php?href=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&limit=10&order_by=reverse_time&width=100%25&app_id=105440539523&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3c031305e3e79%26domain%3Dwww.heraldsun.com%26origin%3Dhttps%253A%252F%252Fwww.heraldsun.com%252Ff19f73f44981884%26relation%3Dparent.parent&sdk=joey

Request Chain 174

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1533274204960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=62939783&cs_ucfr=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1533274204960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=62939783&cs_ucfr=1

Request Chain 180

https://sync.teads.tv/iframe?pid=81968&userId=d3c051f1-ced1-41bb-8c88-97bb842ab041&gdprIab={%22status%22:22,%22consent%22:%22%22}&1533274205099 HTTP 302
https://sync.teads.tv/iframe/redirect

Request Chain 191

https://bcp.crwdcntrl.net/5/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2366619%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state/int=%23OpR%2367084%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina/int=%23OpR%2367085%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina%20%3A%20article/med=%23OpR%2368729%23Meta%20keyword%20%3A%20bank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders%2Cbank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2366619%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state/int=%23OpR%2367084%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina/int=%23OpR%2367085%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina%20%3A%20article/med=%23OpR%2368729%23Meta%20keyword%20%3A%20bank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders%2Cbank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders/rt=ifr

193 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request article209736429.html Show response
www.heraldsun.com/news/state/north-carolina/
Redirect Chain

http://mailview.bulletinintelligence.com/mailview.aspx?m=2018042602capone&r=email-d53e&l=03b-6b9&t=c
http://www.heraldsun.com/news/state/north-carolina/article209736429.html
https://www.heraldsun.com/news/state/north-carolina/article209736429.html

95 KB
95 KB

1219ms
1188ms

Document
text/html

104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f3298d5c78cb7e927dd5d76d2907c68453cbc5cf3911deab701ba5277b3ceb47

Request headers

Host: www.heraldsun.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC

Response headers

Server: MI
Content-Length: 96956
Content-Type: text/html;charset=utf-8
MI-API: WPS
X-Meter: a
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 86400
Vary: Accept-Encoding
MI-Cache: MISS
MI-Cache-Age: 0
X-MI-In-Market: 0
X-Varnish: 326769196, 610894569
ETag: W/"17098-3ea3RqLSFKUwnEY4V/YAng"
Surrogate-Control: varnish=ESI/2.1
Cache-Control: max-age=110
Date: Fri, 03 Aug 2018 05:30:01 GMT
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Date: Fri, 03 Aug 2018 05:30:00 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK require.js Show response
www.heraldsun.com/wps/source/scripts/libs/ 15 KB
7 KB 37ms
9ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/scripts/libs/require.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: beec98d383e6249c59c306dca3810f332bb8804ef60db6c89f245a3c6fc396ca

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 1574359
Connection: keep-alive
Content-Length: 6443
Last-Modified: Mon, 04 Jun 2018 20:23:50 GMT
Server: MI
ETag: W/"3dd1-163cc785bf0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 598934480, 1069352351 494076861
Access-Control-Allow-Origin: *
Cache-Control: max-age=457737
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK heraldsun-3a44ce1d79.css
www.heraldsun.com/wps/build/css/theme.markets/ 443 KB
74 KB 36ms
9ms Stylesheet
text/css 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fcb66426977dd6ccf45b33eaefb97699739694ef2590d2b919e0014d87aff0e1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 212
Connection: keep-alive
Content-Length: 74905
Last-Modified: Wed, 25 Jul 2018 15:13:58 GMT
Server: MI
ETag: W/"6ed46-164d200fef0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 505382134 463312536
Access-Control-Allow-Origin: *
Cache-Control: max-age=386536
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
www.heraldsun.com/wps/source/scripts/libs/ 91 KB
33 KB 35ms
8ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/scripts/libs/jquery-1.10.2.min.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 1237488
Connection: keep-alive
Content-Length: 32825
Last-Modified: Mon, 04 Jun 2018 20:23:50 GMT
Server: MI
ETag: W/"16bb3-163cc785bf0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 218006303 590874308, 1009692265 56033685
Access-Control-Allow-Origin: *
Cache-Control: max-age=539979
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK mi-header-23a3b7c7b0.js Show response
www.heraldsun.com/wps/build/js/ 99 KB
29 KB 36ms
9ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/js/mi-header-23a3b7c7b0.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 95b85bb8d1df27842dbf1623189c97eab76164ddbebd88644d04e5839272916e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 5
Connection: keep-alive
Content-Length: 28685
Last-Modified: Tue, 31 Jul 2018 13:34:56 GMT
Server: MI
ETag: W/"18a71-164f08c7c00"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 590348984, 243992489 257950267
Access-Control-Allow-Origin: *
Cache-Control: max-age=391050
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK guid.js Show response
www.heraldsun.com/wps/source/scripts/libs/ 1 KB
1 KB 34ms
8ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 532693
Connection: keep-alive
Content-Length: 547
Last-Modified: Mon, 18 Jun 2018 14:05:17 GMT
Server: MI
ETag: W/"505-1641336d148"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 193038598, 36210611 556794562
Access-Control-Allow-Origin: *
Cache-Control: max-age=461870
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK heraldsun.js Show response
media.heraldsun.com/misites/dur/ 2 KB
1 KB 402ms
376ms Script
text/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldsun.com/misites/dur/heraldsun.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4a0511cec76e6b8ffd80f6bdae32eaee60ffcc43f4a8b41d4b976da1123f1342

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: media.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Apr 2018 21:38:27 GMT
Server: Apache
ETag: "9c6-56b038eb73ac0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1046

GET
H/1.1 200
OK pb.js Show response
acdn.adnxs.com/prebid/c/7543_nc-ky-pa/ 596 KB
83 KB 92ms
9ms Script
application/javascript 151.101.113.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 151.101.113.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash: 3bd8625a80d225f81e82f1c7e72be59e50f7811a94d6cb2620db86816c89e3d9

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Age: 57490
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 84115
X-Served-By: cache-jfk8127-JFK, cache-hhn1532-HHN
Access-Control-Allow-Origin: *
Last-Modified: Fri, 15 Jun 2018 21:12:35 GMT
Server: nginx/1.9.13
X-Timer: S1533274202.962160,VS0,VE1
Fastly-Debug-Digest: b20afe497a125f9afdbbedb6be734b14e086606362cd3cc924661e3c1dd06b31
ETag: W/"5b242bc3-94e1e"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Sun, 17 Jun 2018 13:30:02 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 20, 1

GET
H/1.1 200
OK callback=extractPid Show response
ad.crwdcntrl.net/5/c=7436/pe=y/ 75 B
389 B 110ms
26ms Script
application/javascript 34.251.105.46
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=7436/pe=y/callback=extractPid
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 34.251.105.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-105-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dae4d33d995616958774b76553c6e7ed2ad69f4aaefb156cf51167fd812d125d

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:01 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.26.19.141
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Content-Length: 75
Expires: 0

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 249 KB
73 KB 32ms
15ms Script
application/x-javascript 2.18.234.163
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 2.18.234.163 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e97e28a4547b2b8ea5521c9c95e75389e2757a037ff77e4037995520f79e791b

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
x-amz-request-id: 63C7B797B1C99BF1
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 4k5deOyOtY19YvL4ZAnlAxF2VutrCgAXzsRVP38JwI5sqkHLVeepbqUobaIk2YRJcUiA2kVm8Vk=
Last-Modified: Wed, 01 Aug 2018 23:14:06 GMT
Server: AmazonS3
ETag: "fc75de6ce037a955cb5887478fdf3a6f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
S 200 sdk.js Show response
connect.facebook.net/en_US/ 220 KB
66 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

eb6d031b5abaa41e271dc5f48d831a50e6e36dc3633e24a647d371ffdbe9799b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cGGeJd0G1FV1dObkpq9NNQ==
status: 200
content-length: 67537
x-xss-protection: 0
x-fb-debug: 6Ixczjdt6AkXPefDVbi8DesoEX1EyNxlEZQghcI5N9UFjQ6yWMugl9dorMy2UzOQtP79nwxOUNyvfBQinO15sQ==
x-fb-content-md5: a8b83651201e5fd322d94f7e49700380
x-frame-options: DENY
date: Fri, 03 Aug 2018 05:30:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cdac1db6dd2be9510bdfef07ace644b7"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Fri, 03 Aug 2018 05:47:01 GMT

GET
S 200 api.js Show response
www.google.com/recaptcha/ 762 B
541 B 18ms
17ms Script
text/javascript 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

15fb78f5fcd5a3308922cd286a2c38d139e783503536622830d099604c4297df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 448
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 05:30:01 GMT

GET
H/1.1 200
OK logo-lg.png
www.heraldsun.com/wps/build/images/heraldsun/ 7 KB
7 KB 10ms
10ms Image
image/png 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/logo-lg.png
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: efb250b2c48812199e6fb52343b2c8eb861f41dc1dce0c95160d0cc6fbf54d53

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 176338
Connection: keep-alive
Content-Length: 6749
Last-Modified: Thu, 28 Jun 2018 20:46:32 GMT
Server: MI
ETag: W/"1a5d-1644825c440"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 785155936 294881539
Access-Control-Allow-Origin: *
Cache-Control: max-age=380481
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/png;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 7.png
www.heraldsun.com/wps/source/images/widgets/weather/small/ 445 B
1 KB 43ms
33ms Image
image/png 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/source/images/widgets/weather/small/7.png
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bb528dc0208374ecd613718db87b4fe9bc5f82e029c143ca6e081dd0fb40e92c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 142925
Connection: keep-alive
Content-Length: 445
Last-Modified: Wed, 25 Jul 2018 15:09:01 GMT
Server: MI
ETag: W/"1bd-164d1fc76c8"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 282268028, 511574203 2558688
Access-Control-Allow-Origin: *
Cache-Control: max-age=432166
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/png;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK Brian%20Moynihan.JPG
www.charlotteobserver.com/latest-news/n37qza/picture209793864/alternates/LANDSCAPE_1140/ 48 KB
49 KB 46ms
14ms Image
image/jpeg 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/latest-news/n37qza/picture209793864/alternates/LANDSCAPE_1140/Brian%20Moynihan.JPG
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 99f3ecd6dcebdb421c1c3c38a962ca1129d97205ade80800161e79e020974385

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 0
Connection: keep-alive
Content-Length: 49585
Last-Modified: Wed, 25 Apr 2018 16:25:51 GMT
Server: MI
ETag: "004abe3e3dc331fddb14e650370b0061"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 503679473, 243335942
Access-Control-Allow-Origin: *
Cache-Control: max-age=390180
Access-Control-Allow-Credentials: false
MI-Cache: MISS
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK TIM_SLOAN_01%20(1).JPG
www.charlotteobserver.com/latest-news/j3q4cp/picture206968904/alternates/LANDSCAPE_1140/ 71 KB
71 KB 37ms
10ms Image
image/jpeg 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charlotteobserver.com/latest-news/j3q4cp/picture206968904/alternates/LANDSCAPE_1140/TIM_SLOAN_01%20(1).JPG
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 244d3458f0bd1a1bbe200794131df6cf67c1976384a92b6d5e1b009ee5ba8807

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 0
Connection: keep-alive
Content-Length: 72380
Last-Modified: Tue, 27 Mar 2018 15:57:22 GMT
Server: MI
ETag: "e1bcafe1106f153c8ed2c9ec9e3f5fdb"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 208274391, 506792966
Access-Control-Allow-Origin: *
Cache-Control: max-age=390182
Access-Control-Allow-Credentials: false
MI-Cache: MISS
Content-Type: image/jpeg
Access-Control-Allow-Headers: *

GET
S 200 ping
cdn.relaymedia.com/ 95 B
391 B 366ms
327ms Image
image/png 151.101.130.176
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.relaymedia.com/ping?url=%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 151.101.130.176 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
age: 0
x-rm-refresh-due-in: 300
status: 200
x-cache: MISS
content-length: 102
x-served-by: cache-fra19142-FRA
x-timer: S1533274202.954904,VS0,VE322
etag: W/"5f-DsY7FAN0unBKWPoMdDyzV2gzE90"
vary: Accept-Encoding
content-type: image/png
via: 1.1 google, 1.1 varnish
x-rm-powered-by: Relay Media Accelerated Mobile Pages
cache-control: public, max-age=30
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK logo-sm.png
www.heraldsun.com/wps/build/images/heraldsun/ 3 KB
3 KB 217ms
9ms Image
image/png 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/logo-sm.png
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bb479d2f6b83f17b43d7832514afe52d308b24966cea98c0f39bd35c0c18b1c9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 37343
Connection: keep-alive
Content-Length: 2989
Last-Modified: Thu, 28 Jun 2018 20:46:32 GMT
Server: MI
ETag: W/"bad-1644825c440"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 7020206 644680132
Access-Control-Allow-Origin: *
Cache-Control: max-age=380505
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: image/png;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK escenic_s_code.js Show response
media.heraldsun.com/mistats/products/ 86 KB
30 KB 391ms
379ms Script
text/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldsun.com/mistats/products/escenic_s_code.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4f7fa13f97d5e0722da4ac5c841c5ce9db18d9a5b8e564582f89f7a2fffa8385

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: media.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Aug 2018 15:45:50 GMT
Server: Apache
ETag: "1585c-5726196cb4878"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30270

GET
H/1.1 200
OK escenic.js Show response
media.heraldsun.com/mistats/products/ 52 KB
12 KB 453ms
453ms Script
text/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldsun.com/mistats/products/escenic.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8b715e41d99bcd803625c7877173411bfce531891697c45af90eea2725350f3d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: media.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Aug 2018 15:01:42 GMT
Server: Apache
ETag: "cff8-57260f8f500d4"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12270

GET
H/1.1 200
OK finalizestats.js Show response
media.heraldsun.com/mistats/ 50 KB
14 KB 387ms
384ms Script
text/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldsun.com/mistats/finalizestats.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0ecd21857aa2b3b7a89acbb5addfae9c6bcb3eddf40811e7058ecc6a6bfcd3d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: media.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Aug 2018 11:01:18 GMT
Server: Apache
ETag: "c945-57271bb07bd51"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14168

GET
H/1.1 200
OK mi-footer-5818ee789d.js Show response
www.heraldsun.com/wps/build/js/ 86 KB
27 KB 21ms
18ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/js/mi-footer-5818ee789d.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2e3aedf80f888b0105884dad000fc35e2c6606d8b3bea8026efd0d7ec6c19456

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 7047
Connection: keep-alive
Content-Length: 26601
Last-Modified: Wed, 25 Jul 2018 15:14:59 GMT
Server: MI
ETag: W/"15676-164d201ed38"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 384929271, 239469098 82610330
Access-Control-Allow-Origin: *
Cache-Control: max-age=382794
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
S 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 231 KB
79 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

58d691bab385679733ace3e3897224239ec3f2550c6e747003cc6fbb8b612ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 80590
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 05:30:01 GMT

GET
S 200 iris.adaptive.js Show response
ovp.iris.tv/libs/adaptive/v2/ 203 KB
203 KB 294ms
98ms Script
application/javascript 2600:9000:201a:400:15:d134:4e40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 2600:9000:201a:400:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a94f3eca2c48d8bdd5516d4e17adad37b978fefc21867a7f817a389fb0305594

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 23 Jul 2018 18:25:54 GMT
via: 1.1 6801928d54163af944bf854db8d5520e.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jul 2018 18:20:22 GMT
server: AmazonS3
age: 39843
etag: "e9ae557b833030827a5042985fb3691b"
x-cache: Hit from cloudfront
x-amz-version-id: WNRT0qnhHYuDP77dWHtKpKwcZPWn495e
status: 200
accept-ranges: bytes
content-type: application/javascript
content-length: 207486
x-amz-cf-id: NpCh98Oxj-QfU0I6WcUQGNWIL7L9T_AHYEacWsdDGIuZrjkt9ROoug==

GET
H/1.1 200
OK brightcoveVideo.bundle-297cf876af2ad54d4105.js Show response
www.heraldsun.com/wps/build/webpack/ 512 KB
137 KB 21ms
15ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6c4370889ac065737643cb60a4424cb7381c775b8ea95d57e2ce67fc6905b106

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 21797
Connection: keep-alive
Content-Length: 139801
Last-Modified: Wed, 25 Jul 2018 15:15:46 GMT
Server: MI
ETag: W/"7fe27-164d202a4d0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 58232252 878281366, 506398365 429392141
Access-Control-Allow-Origin: *
Cache-Control: max-age=382695
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
S 200 conversion.js Show response
www.googleadservices.com/pagead/ 19 KB
7 KB 21ms
15ms Script
text/javascript 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

6d636eb365fb3f421e0dc0779a92ceb7815a88c9a95b1db0217f97cf0d918650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7129
x-xss-protection: 1; mode=block
server: cafe
etag: 3062889905517436976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Aug 2018 05:30:01 GMT

GET
H/1.1 200
OK md5.min.js Show response
www.heraldsun.com/wps/source/scripts/libs/ 4 KB
2 KB 20ms
15ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/scripts/libs/md5.min.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dd96583d1c1525e48d9f7ccce5e741a352252297d6395962871d316e71454cc9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 546378
Connection: keep-alive
Content-Length: 1553
Last-Modified: Mon, 18 Jun 2018 14:05:17 GMT
Server: MI
ETag: W/"10da-1641336d148"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 39160433, 166368341 426640460
Access-Control-Allow-Origin: *
Cache-Control: max-age=484546
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
S 200 cc.js Show response
tags.crwdcntrl.net/c/7447/ 35 KB
10 KB 39ms
6ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/7447/cc.js?ns=_cc7447
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 93.184.220.113 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DB) /
Resource Hash: 6a06de98354dc692b991b65dcf6fe650d85628702d06aa7ff493a03a3aa4e4da

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:01 GMT
content-encoding: gzip
last-modified: Wed, 23 May 2018 20:23:14 GMT
server: ECS (fcn/40DB)
etag: "5b05cdb2-8c56+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 10433
expires: Sat, 04 Aug 2018 05:30:01 GMT

GET
H/1.1 200
OK identityModulev3.min.js Show response
www.heraldsun.com/wps/source/scripts/libs/ 35 KB
12 KB 14ms
13ms Script
application/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/scripts/libs/identityModulev3.min.js?misv=b7936d5
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/source/scripts/libs/require.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg=1; AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CMCMID%7C24500826006336119190236460761227389458%7CMCAAMLH-1533879002%7C6%7CMCAAMB-1533879002%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1533281402s%7CNONE%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 708
Connection: keep-alive
Content-Length: 11142
Last-Modified: Tue, 31 Jul 2018 13:29:18 GMT
Server: MI
ETag: W/"8dbb-164f08753b0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 595689840, 206113442 223774677
Access-Control-Allow-Origin: *
Cache-Control: max-age=390973
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK common.js Show response
media.heraldsun.com/misites/all/ 2 KB
1 KB 403ms
381ms Script
text/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldsun.com/misites/all/common.js
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/misites/dur/heraldsun.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fbf44b00f5debb1c2319c7cfc0fd6487f6fbb770bca2ea65974f8cbb48603a7b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: media.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jun 2018 11:30:12 GMT
Server: Apache
ETag: "8b1-56dcf41bb3900"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 800

GET
H/1.1 200
OK micb.js Show response
media.heraldsun.com/mistats/ 70 KB
22 KB 138ms
137ms Script
text/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldsun.com/mistats/micb.js
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/misites/dur/heraldsun.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9f7d29ee331c956ac52ae9168b78fec9964798feef65befadb68dd319ea1e170

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: media.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jul 2018 13:28:04 GMT
Server: Apache
ETag: "11678-571aa9d890cb4"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21972

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 368 B
1 KB 116ms
30ms XHR
application/json 34.251.231.74
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&ts=1533274201867
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/micb.js
Protocol: HTTP/1.1
Server: 34.251.231.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-231-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5e51390ca0075fb0b7f5640b5148a27e884606ed5f5e1950c70ba39541c684ee

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: irl1-prod-dcs-b3bb7873.edge-irl1.demdex.com 5.35.1.20180801150814 3ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: vZ2s1QCQT/E=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 306
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK McClatchySlab-Regular.woff
www.heraldsun.com/wps/source/fonts/mcclatchy-slab/ 27 KB
28 KB 209ms
195ms Font
application/font-woff 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/mcclatchy-slab/McClatchySlab-Regular.woff
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1a2e3d45b06026285fdc23fb7cc73bf9639e5a95f7e019dcf3309753b947c921

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 4976
Connection: keep-alive
Content-Length: 28128
Last-Modified: Wed, 25 Jul 2018 00:30:24 GMT
Server: MI
ETag: W/"6de0-164ced81100"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 311956137 253497430
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK McClatchySansCond-Semibold.woff
www.heraldsun.com/wps/source/fonts/mcclatchy-sans-condensed/ 23 KB
24 KB 218ms
216ms Font
application/font-woff 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/mcclatchy-sans-condensed/McClatchySansCond-Semibold.woff
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4760de1767829165bdb535d6f70a21d09e1df9182f850bbd045d2de2f0ee318a

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 4815
Connection: keep-alive
Content-Length: 23832
Last-Modified: Wed, 25 Jul 2018 00:30:24 GMT
Server: MI
ETag: W/"5d18-164ced81100"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 239901253, 588914693 568198235
Access-Control-Allow-Origin: *
Cache-Control: max-age=116
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.heraldsun.com/wps/source/fonts/font-awesome/ 55 KB
56 KB 241ms
240ms Font
application/font-woff2 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 24807
Connection: keep-alive
Content-Length: 56780
Last-Modified: Wed, 25 Jul 2018 00:30:24 GMT
Server: MI
ETag: W/"ddcc-164ced81100"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 659787956 260179987
Access-Control-Allow-Origin: *
Cache-Control: max-age=110
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff2;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK McClatchySansCond-Bold.otf
www.heraldsun.com/wps/source/fonts/mcclatchy-sans-condensed/ 120 KB
49 KB 226ms
224ms Font
font/opentype 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/mcclatchy-sans-condensed/McClatchySansCond-Bold.otf
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: be559bd89b616ca664caad092f3f6ceaf0e70fb4fd03ec28db26ff19c990547a

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
Transfer-Encoding: chunked
MI-Cache-Age: 3642
Connection: keep-alive Transfer-Encoding
Last-Modified: Wed, 25 Jul 2018 00:30:24 GMT
Server: MI
ETag: W/"1e1bc-164ced81100"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 621609934 557092207
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: font/opentype;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
S 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1531759913576/ 236 KB
76 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1531759913576/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

SPDY

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2decb75353bde6e125575da2a76881b886fc06bcee2cb8b43cdd5b269bfdd880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 31 Jul 2018 00:10:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Jul 2018 21:15:00 GMT
server: sffe
age: 278357
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 77950
x-xss-protection: 1; mode=block
expires: Wed, 31 Jul 2019 00:10:44 GMT

GET
H/1.1 200
OK McClatchySans-Regular.woff
www.heraldsun.com/wps/source/fonts/mcclatchy-sans/ 39 KB
39 KB 448ms
445ms Font
application/font-woff 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/mcclatchy-sans/McClatchySans-Regular.woff
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 324fcd78238de4fa8e2b800b451e568a61143478c04e42b07fbc20186a5d3062

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 944
Connection: keep-alive
Content-Length: 39644
Last-Modified: Wed, 25 Jul 2018 00:30:24 GMT
Server: MI
ETag: W/"9adc-164ced81100"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 558041616, 280723903 235705395
Access-Control-Allow-Origin: *
Cache-Control: max-age=118
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK LyonTextWeb-Regular.woff
www.heraldsun.com/wps/source/fonts/lyon/ 35 KB
36 KB 246ms
222ms Font
application/font-woff 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/lyon/LyonTextWeb-Regular.woff
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1ead67088c8b4ba80d4e5765f2060b5713b97f05a2bd865be071df192b4b67dd

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 1269898
Connection: keep-alive
Content-Length: 35961
Last-Modified: Mon, 04 Jun 2018 20:23:50 GMT
Server: MI
ETag: W/"8c79-163cc785bf0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 377161151 665131493, 808426957 197637682
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK McClatchySlab-Semibold.woff
www.heraldsun.com/wps/source/fonts/mcclatchy-slab/ 27 KB
28 KB 672ms
542ms Font
application/font-woff 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/mcclatchy-slab/McClatchySlab-Semibold.woff
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a30c6140c16226ca8d8a72dbbb8d2997c986bf0d571e81c8822d0bcc0fe2066d

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 16459
Connection: keep-alive
Content-Length: 28096
Last-Modified: Wed, 25 Jul 2018 00:30:24 GMT
Server: MI
ETag: W/"6dc0-164ced81100"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 684164569 402690055
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK Cookie set dest5.html
mcclatchy.demdex.net/ Frame B692 0
0 736ms
183ms Document
text/html 52.27.226.96
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/micb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.226.96 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-27-226-96.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: mcclatchy.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Accept-Encoding: gzip, deflate
Cookie: demdex=25126373676608556080258619103188295077
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 03 Aug 2018 04:57:14 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=25126373676608556080258619103188295077;Path=/;Domain=.demdex.net;Expires=Wed, 30-Jan-2019 05:30:02 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: DgohRVVXTEU=
Content-Length: 2766
Connection: keep-alive

GET
H/1.1

302
Found

id Show response
nandomedia.112.2o7.net/
Redirect Chain

https://mcclatchy.sc.omtrdc.net/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037
https://nandomedia.112.2o7.net/id?AQB=1&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=...

0
-1 B

95ms
20ms

XHR
text/plain

172.82.228.19
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://nandomedia.112.2o7.net/id?AQB=1&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

HTTP/1.1

Server

172.82.228.19 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Sat, 04 Aug 2018 05:30:02 GMT
Server: Omniture DC
xserver: www186
Location: https://nandomedia.112.2o7.net/id?AQB=1&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1
Access-Control-Allow-Methods: GET, POST, DELETE
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Expires: Thu, 02 Aug 2018 05:30:02 GMT

Redirect headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Sat, 04 Aug 2018 05:30:02 GMT
Server: Omniture DC
xserver: www186
Location: https://nandomedia.112.2o7.net/id?AQB=1&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1
Access-Control-Allow-Methods: GET, POST, DELETE
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Expires: Thu, 02 Aug 2018 05:30:02 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=W2PoWgAABoIh8xKk
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=25126373676608556080258619103188295077
https://dpm.demdex.net/ibs:dpid=411&dpuuid=W2PoWgAABoIh8xKk

42 B
764 B

113ms
30ms

Image
image/gif

34.248.66.236
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=411&dpuuid=W2PoWgAABoIh8xKk
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 34.248.66.236 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-248-66-236.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: irl1-prod-dcs-0413e1f2c.edge-irl1.demdex.com 5.35.1.20180801150814 4ms
Pragma: no-cache
X-TID: cuq0MIr3Tb4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 03 Aug 2018 05:30:01 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=W2PoWgAABoIh8xKk
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1 200
OK McClatchySans-Semibold.woff
www.heraldsun.com/wps/source/fonts/mcclatchy-sans/ 23 KB
24 KB 584ms
522ms Font
application/font-woff 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/wps/source/fonts/mcclatchy-sans/McClatchySans-Semibold.woff
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 214ea8fb2010180998f98d056622e9b254a60f122a53fbc3405cc5bf31dba622

Request headers

Pragma: no-cache
Origin: https://www.heraldsun.com
Accept-Encoding: gzip, deflate
Host: www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Cookie: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg=1; AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CMCMID%7C24500826006336119190236460761227389458%7CMCAAMLH-1533879002%7C6%7CMCAAMB-1533879002%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1533281402s%7CNONE%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/wps/build/css/theme.markets/heraldsun-3a44ce1d79.css
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-MI-In-Market: 0
Surrogate-Control: varnish=ESI/2.1
MI-Cache-Age: 10050
Connection: keep-alive
Content-Length: 23488
Last-Modified: Wed, 25 Jul 2018 15:09:00 GMT
Server: MI
ETag: W/"5bc0-164d1fc72e0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
X-Varnish: 655495612 552272112
Access-Control-Allow-Origin: *
Cache-Control: max-age=120
Access-Control-Allow-Credentials: false
MI-Cache: HIT
Content-Type: application/font-woff;charset=ISO-8859-1
Access-Control-Allow-Headers: *

GET
H/1.1 403
Forbidden article209736429.html.js
s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/json/client/11/www.heraldsun.com/news/state/north-carolina/ 0
0 391ms
105ms Script
application/xml 52.216.226.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/json/client/11/www.heraldsun.com/news/state/north-carolina/article209736429.html.js?t=0.5434792590906581
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.216.226.179 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: application/xml

GET
H/1.1 200
OK oPS.js Show response
s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/external_json/ 13 KB
13 KB 387ms
102ms Script
application/javascript 52.216.226.179
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/external_json/oPS.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.216.226.179 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2557c257c561b0d905dd0a836f4d05e0522243163e89cace150d6ade43b91dd1

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:03 GMT
Last-Modified: Wed, 01 Aug 2018 15:23:50 GMT
Server: AmazonS3
x-amz-request-id: 5BFEBF4EFC0F6C94
ETag: "a3c3b482e3f29ed121a1caeb5a6cc4eb"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 13082
x-amz-id-2: k14jh5BTnb4xbooP0WOLMIvmNR88R66NMlpEJ2uQVa0VIwAzsObLx7ezDjoHeywPlqjWYuenNbc=

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ 20 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/js/mi-header-23a3b7c7b0.js

Protocol

SPDY

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d2042f11d6be3b4a1c4d5cbb8c0edf0d8857a9de215c29d8e4d38ba354991966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "6 / 913 of 1000 / last-modified: 1533261456"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 7808
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 05:30:02 GMT

GET
H2 200 QX17B8fU-Vm.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 6FA5 0
0 6ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
expires: Sat, 03 Aug 2019 02:46:08 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: UKoNNOwe/TVgEfW2m+/Pb8ALuq6ZnjMZEgDfw1e7zy203w7eRDF0N0awsDUE1s+T6npRqsBAW6MBfOF1SCsHLA==
content-length: 13917
date: Fri, 03 Aug 2018 05:30:02 GMT

GET
H/1.1

302
Found

id Show response
mcclatchy.sc.omtrdc.net/
Redirect Chain

https://nandomedia.112.2o7.net/id?AQB=1&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=...
https://mcclatchy.sc.omtrdc.net/id?AQB=1&vmr=true&&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d...

0
-1 B

89ms
19ms

XHR
text/plain

172.82.228.20
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/id?AQB=1&vmr=true&&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

HTTP/1.1

Server

172.82.228.20 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.112.2O7.net

Software

Omniture DC/2.0.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Sat, 04 Aug 2018 05:30:02 GMT
Server: Omniture DC/2.0.0
xserver: www41
Location: https://mcclatchy.sc.omtrdc.net/id?AQB=1&vmr=true&&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1
Access-Control-Allow-Methods: GET, POST, DELETE
Content-Type: text/plain
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Expires: Thu, 02 Aug 2018 05:30:02 GMT

Redirect headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Sat, 04 Aug 2018 05:30:02 GMT
Server: Omniture DC/2.0.0
xserver: www41
Location: https://mcclatchy.sc.omtrdc.net/id?AQB=1&vmr=true&&vmh=mcclatchy.sc.omtrdc.net&vmf=nandomedia.112.2o7.net&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&mid=24500826006336119190236460761227389458&ts=1533274202037&AQE=1
Access-Control-Allow-Methods: GET, POST, DELETE
Content-Type: text/plain
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Expires: Thu, 02 Aug 2018 05:30:02 GMT

GET
S

200

sp.gz.js Show response
js.matheranalytics.com/static/2_2_18-c/
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930333/sp.js?cb=1479
https://js.matheranalytics.com/static/2_2_18-c/sp.gz.js

78 KB
28 KB

7ms
7ms

Script
application/x-javascript

107.178.250.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/2_2_18-c/sp.gz.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 107.178.250.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a58ba34bed301592d50d32ce51e71807daf498091882f26e383d0f735179c7a

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 Aug 2018 20:42:13 GMT
content-encoding: gzip
last-modified: Fri, 22 Sep 2017 13:59:57 GMT
server: nginx
age: 31669
etag: "3a30d87d732d389cf12c79eff041548e"
vary: Accept-Encoding
x-cache: HIT Thu, 01 Mar 2018 00:08:00 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 28228
via: 1.1 google

Redirect headers

date: Fri, 03 Aug 2018 05:30:02 GMT
via: 1.1 google
server: nginx
status: 301
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/2_2_18-c/sp.gz.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 6-gc-useast4-5lhw0909

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/finalizestats.js

Protocol

SPDY

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1874
date: Fri, 03 Aug 2018 04:58:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Fri, 03 Aug 2018 06:58:48 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 32ms
6ms Script
application/x-javascript 18.185.222.18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/finalizestats.js
Protocol: HTTP/1.1
Server: 18.185.222.18 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-222-18.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03-Aug-2018 05:30:02 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Fri, 10 Aug 2018 05:30:02 GMT

GET
H/1.1 200
OK mi_content_tracker.js Show response
media.heraldsun.com/mistats/ 4 KB
2 KB 135ms
135ms Script
text/javascript 104.111.219.11
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://media.heraldsun.com/mistats/mi_content_tracker.js
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/misites/dur/heraldsun.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.219.11 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-219-11.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: media.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Cookie: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg=1; AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg=690614123%7CMCIDTS%7C17747%7CMCMID%7C24500826006336119190236460761227389458%7CMCAAMLH-1533879002%7C6%7CMCAAMB-1533879002%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1533281402s%7CNONE%7CvVersion%7C3.1.0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jun 2014 15:41:43 GMT
Server: Apache
ETag: "11ff-4fb04771acb56"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1432

GET
S

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/news/state/north-carolina/article209736429.html&rp=&ts=compact&rnd=1533274202429
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/news/state/north-carolina/article209736429.html&rp=&ts=compact&rnd=1533274202429&ja=1

44 B
274 B

27ms
27ms

Image
image/gif

54.77.250.122
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/news/state/north-carolina/article209736429.html&rp=&ts=compact&rnd=1533274202429&ja=1
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 54.77.250.122 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-250-122.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
server: nginx
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
server: nginx
status: 302
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.heraldsun.com/news/state/north-carolina/article209736429.html&rp=&ts=compact&rnd=1533274202429&ja=1
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK Logger
ece-logger.nandomedia.com/analysis-logger/ 0
121 B 547ms
137ms Image
text/plain 166.108.32.238
MCCLATCHY MANAGEM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ece-logger.nandomedia.com/analysis-logger/Logger?rt=1&ctxId=75504&contextPath=71119-75504&pubId=119&cat=&meta=read-story&objId=209736429&type=article&title=Bank+of+America+CEO+on+gun+violence%3A+%27We+have+to+help.%27&url=%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&clientDT=1533274202429
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 166.108.32.238 Sacramento, United States, ASN6118 (MCCLATCHY-CORP - MCCLATCHY MANAGEMENT SERVICES, INC., US),
Reverse DNS: vnet659.ejoco.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Server: Apache-Coyote/1.1
Connection: close
Content-Length: 0

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
14ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldsun.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
14ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_236.js Show response
securepubads.g.doubleclick.net/gpt/ 179 KB
62 KB 41ms
38ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_236.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

9108f8dcd5230b0f3ca08d7304f639dad3401bf6b12ca6079b0263d244af75cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 18:18:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 62994
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 05:30:02 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1725936990&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&dh=heraldsun.com&ul=en-us&de=UTF-8&dt=Story%3A209736429%7CBank%20of%20America%20CEO%20on%20gun%20violence%3A%20%26%2339%3BWe%20have%20to%20help.%26%2339%3B&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YFDAAAABC~&jid=851830993&gjid=1261686527&cid=723309682.1533274203&tid=UA-89824220-1&_gid=895485892.1533274203&_r=1&cd1=DUR&cd2=Durham%20Herald%20Sun&cd3=Story&cd4=News%7CState%7C%7C%7C&cd5=Unregistered&cd6=North%20Carolina&cd8=Charlotte%7CRick%20Rothacker&cd9=2018%2F04%2F25&cd10=2018%2F04%2F26%20H14&cg1=Durham%20Herald%20Sun&cg2=North%20Carolina&z=630145758

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1725936990&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&dh=heraldsun.com&ul=en-us&de=UTF-8&dt=Story%3A209736429%7CBank%20of%20America%20CEO%20on%20gun%20violence%3A%20%26%2339%3BWe%20have%20to%20help.%26%2339%3B&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YFDAAAABC~&jid=1681218969&gjid=2023603395&cid=723309682.1533274203&tid=UA-48280268-1&_gid=895485892.1533274203&_r=1&cd1=DUR&cd2=Durham%20Herald%20Sun&cd3=Story&cd4=News%7CState%7C%7C%7C&cd5=Unregistered&cd6=North%20Carolina&cd8=Charlotte%7CRick%20Rothacker&cd9=2018%2F04%2F25&cd10=2018%2F04%2F26%20H14&cg1=Durham%20Herald%20Sun&cg2=North%20Carolina&z=880022983

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ 1 KB
991 B 9ms
8ms Script
application/x-javascript 2600:9000:2047:7e00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: SPDY
Server: 2600:9000:2047:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 17 Apr 2018 17:04:29 GMT
content-encoding: gzip
last-modified: Mon, 26 Mar 2018 17:43:26 GMT
server: AmazonS3
age: 954
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: I-Pj8Qg4zwluk4RudY7zbQPnRxcrlez1FrttU0w2XjF6gYfjTLGcqg==
via: 1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront)

GET
H/1.1 200
OK id Show response
mcclatchy.sc.omtrdc.net/ 43 B
674 B 300ms
241ms XHR
application/x-javascript 172.82.228.19
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

HTTP/1.1

Server

172.82.228.19 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

f2f5186859d13b84e9270f52ca0f14bb9168b1582d0d2acb423efae171220acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Origin: null
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC
xserver: www289
Vary: Origin
Access-Control-Allow-Methods: GET, POST, DELETE
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 43
X-XSS-Protection: 1; mode=block
X-C: ms-6.4.0

GET
H/1.1 200
OK pixel;r=1838573792;labels=DUR;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html;fpan=1;fpa=P0-1816604373-1533274202603;ns=0;ce=1;qjs...
pixel.quantserve.com/ 35 B
479 B 29ms
7ms Image
image/gif 18.185.222.18
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1838573792;labels=DUR;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html;fpan=1;fpa=P0-1816604373-1533274202603;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1533274202603;tzo=0;ogl=site_name.heraldsun%2Ctype.article%2Ctitle.Bank%20of%20America%20CEO%20on%20gun%20violence%3A%20'We%20have%20to%20help%252E'%2Curl.https%3A%2F%2Fwww%252Eheraldsun%252Ecom%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429%252Ehtml%2Cdescription.At%20Bank%20of%20America's%20annual%20shareholder%20meeting%20Wednesday%252C%20CEO%20Brian%20Moynihan%20st%2Cimage.https%3A%2F%2Fwww%252Echarlotteobserver%252Ecom%2Flatest-news%2Fn37qza%2Fpicture209793864%2Falternates
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 18.185.222.18 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-222-18.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:02 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
BLOB 200
OK 07838d3a-92a2-4184-aee4-698dd730c289
https://www.heraldsun.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/07838d3a-92a2-4184-aee4-698dd730c289
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK 5776308985001 Show response
edge.api.brightcove.com/playback/v1/accounts/5502557045001/videos/ 5 KB
6 KB 363ms
183ms XHR
application/json 54.192.38.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5502557045001/videos/5776308985001

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js

Protocol

HTTP/1.1

Server

54.192.38.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-38-110.jfk1.r.cloudfront.net

Software

Resource Hash

38a29cd879bb5dbc1ca47c675ce071ac0695b606f8552861fdaabe66efd09914

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM27yAkP-vFCpmDysF4PZC1_ujRzY2IM0De8Hcw0hT4o64xFGO4lPFqzLzFdhAZhUZdHiKEe5VSm05WFaU1xRi7F5K-MzraZWamrDfiRBLGlDWJ0Q9Jmn9JfoSHsw3D67J-6HycQ
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

BCOV-instance: i-07abdfecfcfbcd6c3, 7074770, 2018-08-03 05:30:02.980Z
Via: 1.1 a171e7841621158d2aaef33e456c3688.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 6b28feee-8878-437e-9eca-6bf4b88d8f9a
Date: Fri, 03 Aug 2018 05:30:02 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5502557045001/videos/5776308985001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=720
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: OTVbiLAWX1wIoaJ--wMU9xkr9mLN4YqMApPDXds1C5Aw-f4htuOKeg==

GET
H/1.1 200
OK 5813638203001 Show response
edge.api.brightcove.com/playback/v1/accounts/5502557045001/videos/ 5 KB
6 KB 311ms
129ms XHR
application/json 54.192.38.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5502557045001/videos/5813638203001

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js

Protocol

HTTP/1.1

Server

54.192.38.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-38-110.jfk1.r.cloudfront.net

Software

Resource Hash

2b566cbf08e6865b3d0cee2d99d4fa0c497afe8eb8ca3c7991f7075f5d794b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM27yAkP-vFCpmDysF4PZC1_ujRzY2IM0De8Hcw0hT4o64xFGO4lPFqzLzFdhAZhUZdHiKEe5VSm05WFaU1xRi7F5K-MzraZWamrDfiRBLGlDWJ0Q9Jmn9JfoSHsw3D67J-6HycQ
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

BCOV-instance: i-0009ba371440f09d6, 7074770, 2018-08-03 05:30:02.930Z
Via: 1.1 557f58686e107bfa2925cf3d6a17c717.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 5d742c54-bf56-44cb-a988-0dcb19721d6e
Date: Fri, 03 Aug 2018 05:30:02 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5502557045001/videos/5813638203001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=707
Connection: keep-alive
Content-Length: 5600
X-Amz-Cf-Id: J8Wm6W5ypevQG9kXir4zetD8xxxtamuTomXv65Pbr59v-rrG_a-ZUg==

GET
H/1.1 200
OK 5812919586001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/ 6 KB
6 KB 287ms
105ms XHR
application/json 54.192.38.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.api.brightcove.com/playback/v1/accounts/5615998031001/videos/5812919586001

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js

Protocol

HTTP/1.1

Server

54.192.38.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-54-192-38-110.jfk1.r.cloudfront.net

Software

Resource Hash

a16605b9b8aee2ea4145d1bb1b578421f1ad35be9712cd4c415698d0c4fff411

Security Headers

Name	Value
Strict-Transport-Security	max-age=77766000; includeSubDomains

Request headers

Accept: application/json;pk=BCpkADawqM2sQfBScQJrPBrSYT7isTiju1LDfR-br2okxwmNYrvojzieZB7zRlyn5qPvMBwNW_fTfsVhiSHnHKnTeY_QjtAWRExyI6rhF9GNOvK78hHIE3WUacocEkY6fWyCj0c7_QJoX00u
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

BCOV-instance: i-0b6672b3a7bb1f448, 7074770, 2018-08-03 05:30:02.907Z
Via: 1.1 90dce0aca66dff53901b6778420d2252.cloudfront.net (CloudFront)
BCOV-REQUEST-ID: 5fd4f0c6-53aa-47fe-ada9-ce49aa2b9dc4
Date: Fri, 03 Aug 2018 05:30:02 GMT
Strict-Transport-Security: max-age=77766000; includeSubDomains
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
X-Originating-URL: https://edge-elb.api.brightcove.com/playback/v1/accounts/5615998031001/videos/5812919586001
access-control-expose-headers: x-cache,via,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id
Cache-Control: max-age=294
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: BgublUFgdFD_vMiqLAxCp-nOm5o81KQFQal-4c21dsWKmFoBOslCJg==

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/968074018/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968074018/?random=1533274202669&cv=9&fst=1533274202669&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&tiba=Bank%20of%20America%20speaks%20on%20gun%20violence%20at%20shareholder%20meeting%20%7C%20The%20Herald%20Sun&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

SPDY

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c62e09fe0ea7c46fd9f184c0ba9f440bad2ec407245e41a3f9efc6f8f154d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 994
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 9433
Redirect Chain

https://www.facebook.com/plugins/comments.php?api_key=&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3c031305e3e79%26domain%3Dww...
https://www.facebook.com/plugins/feedback.php?href=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&limit=10&order_by=reverse_time&width=100%25&app_id=1054405...

0
0

1757ms
1757ms

Document
text/html

2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?href=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&limit=10&order_by=reverse_time&width=100%25&app_id=105440539523&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3c031305e3e79%26domain%3Dwww.heraldsun.com%26origin%3Dhttps%253A%252F%252Fwww.heraldsun.com%252Ff19f73f44981884%26relation%3Dparent.parent&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?href=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&limit=10&order_by=reverse_time&width=100%25&app_id=105440539523&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3c031305e3e79%26domain%3Dwww.heraldsun.com%26origin%3Dhttps%253A%252F%252Fwww.heraldsun.com%252Ff19f73f44981884%26relation%3Dparent.parent&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: 0/QbPC3l0p038/BX4pI53x6VLH1nSiAdREsIGqzR4kSfl/TpW+qcSzGAEr/BS0/x/Rab5ZD1lkDa8kSh9KGosw==
date: Fri, 03 Aug 2018 05:30:04 GMT

Redirect headers

status: 301
location: https://www.facebook.com/plugins/feedback.php?href=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&limit=10&order_by=reverse_time&width=100%25&app_id=105440539523&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df3c031305e3e79%26domain%3Dwww.heraldsun.com%26origin%3Dhttps%253A%252F%252Fwww.heraldsun.com%252Ff19f73f44981884%26relation%3Dparent.parent&sdk=joey
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma: no-cache
vary: Origin
access-control-allow-methods: OPTIONS
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/html; charset="utf-8"
x-fb-debug: j6jpZgXiwQNmTZ14YoJl99NVihNZuv0K3HKlFii4pn5ivMUjQLXqxXPKq+ABwnNSZCedmbEUo21LTedb/+nLMA==
content-length: 0
date: Fri, 03 Aug 2018 05:30:02 GMT

GET
S 200 pubads_impl_rendering_236.js Show response
securepubads.g.doubleclick.net/gpt/ 42 KB
16 KB 40ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_236.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_236.js

Protocol

SPDY

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

c1dbf795782351e84364a2e391d94f23d409681e6328a14a3e2c01423d15c6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Jul 2018 18:18:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16473
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 05:30:02 GMT

GET
S 200 /
www.google.com/ads/user-lists/968074018/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/user-lists/968074018/?random=1533274202669&cv=9&fst=1533272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&tiba=Bank%20of%20America%20speaks%20on%20gun%20violence%20at%20shareholder%20meeting%20%7C%20The%20Herald%20Sun&fmt=3&cdct=2&is_vtc=1&random=2874572880&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/ads/user-lists/968074018/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/968074018/?random=1533274202669&cv=9&fst=1533272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&tiba=Bank%20of%20America%20speaks%20on%20gun%20violence%20at%20shareholder%20meeting%20%7C%20The%20Herald%20Sun&fmt=3&cdct=2&is_vtc=1&random=2874572880&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
698 B 289ms
99ms XHR
text/xml 54.239.18.44
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/elasticbeanstalk-us-east-1-397719490216/external_json/oPS.js
Protocol: HTTP/1.1
Server: 54.239.18.44 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: 0aa369e3653bef006e41d9bdcd5621ffc87877be53e7f2d238f12f9720981b9e

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 03 Aug 2018 05:30:03 GMT
Server: Server
x-amzn-RequestId: 36e7af58-a6a8-51b9-814d-fc854c33d344
Content-Type: text/xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Connection: keep-alive
Content-Length: 378

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 94ms
94ms Image
image/gif 52.6.138.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&page=Bank%20of%20America%20speaks%20on%20gun%20violence%20at%20shareholder%20meeting%20%7C%20The%20Herald%20Sun&sec=North%20Carolina&prem=1&ptype=Story&auth=Rick%20Rothacker&artpubt=1524769200&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=a1b26f8d-471d-45e5-8eac-b22e15c8793e&pid=0d6c0085-60a9-48ed-8140-ea23a685e7d1&dtm=1533274202780&qnm=_matherq&vp=1600x1200&ds=1585x3967&tofa=1533274203&vid=1&duid=a0b727c83201d8de&fp=3998842399&cid=ma12095&mrk=74930333&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJOZXdzfFN0YXRlfHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE1MzMyNzQxOTk3NTAiLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMTkuM21iIiwiaGVhcFQiOiIyMy4xbWIiLCJmZXRjaFMiOiIxNTU0IiwiZG9tYWluUyI6IjMzMSIsImRvbWFpbkUiOiIzMzIiLCJjb25uUyI6IjMzMiIsImNvbm5FIjoiMzYxIiwic3NsUyI6IjMzNyIsInJlcXVTIjoiMzYxIiwicmVzcFMiOiIxNTUwIiwicmVzcEUiOiIxNTYzIiwiZG9tTG9hZCI6IjE1NTUiLCJkb21JbnRlciI6IjI5MjciLCJkb21Mb2FkUyI6IjI5MjciLCJkb21Mb2FkRSI6IjI5NDYifSwia2V5d29yZHMiOlsiYmFuayBvZiBhbWVyaWNhIiwiYm9mYSIsInBhcmtsYW5kIiwiZ3VucyIsImJyaWFuIG1veW5paGFuIiwibWVldGluZyIsInNoYXJlaG9sZGVycyJdfQ
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.6.138.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-138-7.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 238 B
2 KB 95ms
60ms XHR
application/json 69.173.144.141
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=130778&zone_id=615692&size_id=2&p_pos=btf&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v0.34.9&tid=7a088e46-f2e0-4e9d-a7e7-53d37a2c6ee9&p_screen_res=1600x1200&rand=0.12839579724600125&rf=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 69.173.144.141 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 178ccf970e4d1b62e79df9078bae4508a0d39e1c8ed5dd2f977a1dfee7e238aa

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=46
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 206ms
169ms XHR
application/json 69.173.144.141
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=130778&zone_id=615692&size_id=15&alt_size_ids=10&p_pos=btf&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v0.34.9&tid=d03efb90-2ef3-4450-a8f9-4d6c9402243a&p_screen_res=1600x1200&rand=0.45571065167303737&rf=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 69.173.144.141 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: a3441877c2fc6dd47a18a3c4ed932d7a61efda3d221b97ba854ddc330c8d1e90

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=6
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 235 B
2 KB 96ms
59ms XHR
application/json 69.173.144.141
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=130778&zone_id=615692&size_id=15&p_pos=btf&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v0.34.9&tid=14d2a797-a797-4708-9257-34de6a14cacb&p_screen_res=1600x1200&rand=0.3059204783892442&rf=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 69.173.144.141 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 89477b89aa50e0f3c96fc21f41b6a3a52ca9bccfe5c134d0ced9d465079a280c

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=98
Content-Length: 235
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 206ms
166ms XHR
application/json 69.173.144.142
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=130778&zone_id=615692&size_id=15&alt_size_ids=10&p_pos=btf&rp_floor=0.01&rp_secure=1&tk_flint=pbjs_lite_v0.34.9&tid=c2ab9b1d-2c61-490f-a8bc-31ea88b0e488&p_screen_res=1600x1200&rand=0.5513134498412151&rf=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 69.173.144.142 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: a3343df537c5d3bbd48de93fe8474e17a71a1e45bb2f949febb51d21646eca94

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:02 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=64
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 1 KB
2 KB 123ms
104ms Script
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=7&fn=cygnus_index_parse_res&s=210849&r=%7B%22id%22%3A%22645849979%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%20%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2244_1%22%2C%22siteID%22%3A210849%7D%7D%2C%7B%22id%22%3A%222%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2245_1%22%2C%22siteID%22%3A210849%7D%7D%2C%7B%22id%22%3A%223%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2245_2%22%2C%22siteID%22%3A210849%7D%7D%2C%7B%22id%22%3A%224%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2246_1%22%2C%22siteID%22%3A210849%7D%7D%2C%7B%22id%22%3A%225%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2247_1%22%2C%22siteID%22%3A210849%7D%7D%2C%7B%22id%22%3A%226%22%2C%20%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%20%7B%22sid%22%3A%2247_2%22%2C%22siteID%22%3A210849%7D%7D%5D%7D&pid=pb0.34.9
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cb8e130d7e1150c19171a2ea0aff41977813af8b68b6521ff2502f4eccfc5b21

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 915
Expires: Fri, 03 Aug 2018 05:30:02 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 0
663 B 43ms
6ms Script
text/html 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=12c60cad788d486&psa=0&id=11101737&size=728x90&referrer=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.18:80
AN-X-Request-Uuid: a62d1b15-eeec-4ce0-aad6-e843e04a6f72
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 0
663 B 43ms
6ms Script
text/html 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=13862e66b86216d&psa=0&id=11101738&size=300x250&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.77:80
AN-X-Request-Uuid: b1df2a5a-35ee-438b-a251-40a93156109b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 0
663 B 43ms
7ms Script
text/html 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=14d9176dc848e72&psa=0&id=11101739&size=300x250&referrer=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.16:80
AN-X-Request-Uuid: a633f107-41d2-4ddc-b3de-f2ccc24957ef
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
ib.adnxs.com/ 0
663 B 43ms
7ms Script
text/html 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/jpt?callback=pbjs.handleAnCB&callback_uid=1522ef25daa4647&psa=0&id=11101740&size=300x250&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.45:80
AN-X-Request-Uuid: 414ad9a7-0adf-462e-a08b-ae16e8d77074
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
S 200 arj Show response
mcclatchy-d.openx.net/w/1.0/ 173 B
664 B 70ms
31ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&jr=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&ef=bt%252Cdb&be=1&bc=hb_pb_2.0.0&nocache=1533274202853&auid=538786595%2C538786595%2C538786595%2C538786595&dddid=7a088e46-f2e0-4e9d-a7e7-53d37a2c6ee9%2Cd03efb90-2ef3-4450-a8f9-4d6c9402243a%2C14d2a797-a797-4708-9257-34de6a14cacb%2Cc2ab9b1d-2c61-490f-a8bc-31ea88b0e488&aus=728x90%7C300x250%2C300x600%7C300x250%7C300x250%2C300x600&
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: SPDY
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.54.0 /
Resource Hash: 999c2d45d7a8ad2f577fa44a4543c2746789a9ffc3f3543034ad3b04ac9ee4b7

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
server: OXGW/16.54.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.heraldsun.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK 24 Show response
media.msg.dotomi.com/s2s/header/ 339 B
632 B 109ms
37ms XHR
application/json 2a02:fa8:8805:10::750
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://media.msg.dotomi.com/s2s/header/24
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 2a02:fa8:8805:10::750 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: Apache/2.2.31 (Unix) mod_apreq2-20090110/2.8.0 /
Resource Hash: f62f9fc6d7dc7b29ebe3d219c4c02aa21218b4af5029d3bfaa62427f63cd587d

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 03 Aug 2018 05:30:02 GMT
Content-Encoding: gzip
Server: Apache/2.2.31 (Unix) mod_apreq2-20090110/2.8.0
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI NID DEVo TAIo PSAo HISo OTPo OUR DELo BUS COM NAV INT DSP COR"
Access-Control-Allow-Origin: https://www.heraldsun.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=99858
Content-Length: 163

GET
S 200 lib.js Show response
prebid.districtm.ca/ 21 KB
7 KB 56ms
10ms Script
text/javascript 2400:cb00:2048:1::6814:ff3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.districtm.ca/lib.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: SPDY
Server: 2400:cb00:2048:1::6814:ff3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed6ad3c41fd07450891bcb21c80e5bf2a742c6e9415d7ae7caa125edae136650

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:02 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: C0B84EEFC45CE018
status: 200
x-amz-version-id: 3bS4VITibJMcxm4G6C3aLv4zyVPcsnkF
x-amz-id-2: pnOQwTAJXBHFfD9BR8iaSw5rW9sNqOEUVTFfiqpqHdcy2PMlgsaXHfMQ1XMGvL63GWo7gpTxZUE=
last-modified: Thu, 05 Apr 2018 16:30:36 GMT
server: cloudflare
etag: W/"f85ea173704c12c034ed19a7a9389068"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 444663d8290563a9-FRA
expires: Sat, 04 Aug 2018 05:30:02 GMT

GET
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
229 B 427ms
224ms XHR
application/json 88.214.194.64
NatCoWeb Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?banner_id=16584&size_ad=2&alt_size_ad=&host=www.heraldsun.com&page=%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&language=en-US&deviceWidth=1600&deviceHeight=1200&secure=1&bidId=32411d18fcc0f77&checkOn=rf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:43 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
229 B 432ms
225ms XHR
application/json 88.214.194.64
NatCoWeb Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?banner_id=16585&size_ad=15&alt_size_ad=10&host=www.heraldsun.com&page=%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&language=en-US&deviceWidth=1600&deviceHeight=1200&secure=1&bidId=3332564adcef75b&checkOn=rf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:43 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
229 B 437ms
230ms XHR
application/json 88.214.194.64
NatCoWeb Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?banner_id=16583&size_ad=15&alt_size_ad=&host=www.heraldsun.com&page=%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&language=en-US&deviceWidth=1600&deviceHeight=1200&secure=1&bidId=34a08bcae01528c&checkOn=rf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:43 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
229 B 442ms
233ms XHR
application/json 88.214.194.64
NatCoWeb Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?banner_id=16585&size_ad=15&alt_size_ad=10&host=www.heraldsun.com&page=%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&language=en-US&deviceWidth=1600&deviceHeight=1200&secure=1&bidId=35592d7028b1fcc&checkOn=rf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 88.214.194.64 , United Kingdom, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:43 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H/1.1 200
OK / Show response
thor.rtk.io/iLS0/lViU_e86K_eJwO_e86K/aardvark/ 572 B
686 B 606ms
516ms Script
text/html 213.219.37.124
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://thor.rtk.io/iLS0/lViU_e86K_eJwO_e86K/aardvark/?jsonp=pbjs.aardvarkResponse&rtkreferer=www.heraldsun.com&categories=News,State&lViU=37ce3ea89463d97&e86K=389362ad6945b41&eJwO=39933e1b9e3de48&e86K=40be3b4579ae801
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 213.219.37.124 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1096-124.members.linode.com
Software: RTK AdStorm/1.0 /
Resource Hash: 4803471fe78d3dd9a757b86b99c2ab0d0a4856593a557cd5a3a05c57cd0250a0

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:17 GMT
Content-Encoding: gzip
Server: RTK AdStorm/1.0
Etag: "2ba98d2c1dfb0bd75befd1cc0186983ea264d286"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
X-Rtk-Nid: li502-67.members.linode.com:114
Content-Length: 200
Expires: 0

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 368 B
1 KB 120ms
32ms XHR
application/json 34.251.231.74
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&d_nsid=0&d_mid=24500826006336119190236460761227389458&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%012DB1F42D05311607-6000012B200AA4AB&ts=1533274202880
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/micb.js
Protocol: HTTP/1.1
Server: 34.251.231.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-231-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33188f30ef748eaf507227a364c88060e696bd940d2cf505b02122312e36a790

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: irl1-prod-dcs-efb97a2f.edge-irl1.demdex.com 5.35.1.20180801150814 6ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: t28142QFQU8=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 305
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 1B32 0
0 146ms
104ms Document
text/html 2400:cb00:2048:1::681c:12e8
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::681c:12e8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
date: Fri, 03 Aug 2018 05:30:03 GMT
content-type: text/html
set-cookie: __cfduid=d08aa23296dc85ea5273fbf76eeeeed951533274203; expires=Sat, 03-Aug-19 05:30:03 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified: Mon, 23 Jul 2018 17:56:33 GMT
cache-control: s-maxage=1209600, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 444663da5931bed5-FRA
content-encoding: gzip

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 B
716 B 6ms
6ms XHR
application/json 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prebid.districtm.ca
URL: https://prebid.districtm.ca/lib.js

Protocol

HTTP/1.1

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:04 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.76:80
AN-X-Request-Uuid: bb309a88-3f9a-4f16-8b37-07dab9509ebb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 160b7aa56dbf29ae9d6fda2ddadd4d48f1894b8bb2d7c1b733bce0f40d059ee0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.heraldsun.com

Response headers

Access-Control-Allow-Origin: *
Content-Type: application/font-woff;charset=utf-8

GET
BLOB 200
OK 275a4312-f6ad-4c29-9df2-1c2cb49ae690
https://www.heraldsun.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/275a4312-f6ad-4c29-9df2-1c2cb49ae690
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8104c36250357ff213f58ddf9489aa7eac3ceee084b1386dd24e1e1796251a4b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 5645
Content-Type: application/javascript

GET
S 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/10s/ 4 KB
4 KB 21ms
7ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/10s/master.m3u8?fastly_token=NWI4OGQ0NjZfMTkzNjQ1ZDc5NGM1ZjI5MDUwNzU3OWNjM2NmZWQ1NDQ1MzEyYmRkZTA1NzcxODM1MjY1ZDM5ZTRiZjQ3MzQ3MQ%3D%3D&pubid=5615998031001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: c0a75c8b2e966e4285c12268ae517a034c3b9038fa9e70b68a37daff1ba7793a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 877331
x-powered-by: BC
x-cache: HIT
status: 200
x-bolt-device-group: unknown
content-length: 3897
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.032144,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1 200
OK launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js Show response
assets.adobedtm.com/ 125 KB
41 KB 27ms
12ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/micb.js
Protocol: HTTP/1.1
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7db6ac37085ce1a347ddf440a1df0a60ed7a74c1b8fb15304b9bbf8570a2537e

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Jul 2018 12:52:12 GMT
Server: Apache
ETag: "cde1db4cee503fbca5fea8dc4119f506:1533041532"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Expires: Fri, 03 Aug 2018 06:30:03 GMT

GET
BLOB 200
OK 9a474fb0-f2c4-4082-9e9a-199132294998
https://www.heraldsun.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/9a474fb0-f2c4-4082-9e9a-199132294998
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8104c36250357ff213f58ddf9489aa7eac3ceee084b1386dd24e1e1796251a4b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 5645
Content-Type: application/javascript

GET
S 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/10s/ 4 KB
4 KB 10ms
6ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/10s/master.m3u8?fastly_token=NWI4OGQ2MzBfNTk0ODQxYTIxMWRkMTZlMGUwZDNhOGYyYzQ4ODdiNTAyNTQ5MTlkYjU5OWYxMDhhZjk3M2E3YWZkNGNlZjBjNA%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: c1e1237338f7b7f71f213041661820f71a1c177fb2513fb4f4ff0d60fc362824

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 748074
x-powered-by: BC
x-cache: HIT
status: 200
x-bolt-device-group: unknown
content-length: 3717
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.032187,VS0,VE1
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
S 200 IrisUpNext.css
ovp.iris.tv/libs/adaptive/styles/ 16 KB
16 KB 93ms
93ms Stylesheet
text/css 2600:9000:201a:400:15:d134:4e40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/IrisUpNext.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: SPDY
Server: 2600:9000:201a:400:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b174642e60d1a7682f2e323e163d99d14305e50e77bfdc520a8cf7529146208a

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 23 Jul 2018 18:25:54 GMT
via: 1.1 6801928d54163af944bf854db8d5520e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Mar 2018 17:27:25 GMT
server: AmazonS3
age: 39839
etag: "d83920c5561da4f401d1c55fc74ca086"
x-cache: Hit from cloudfront
x-amz-version-id: zDVOqy3ytDgUM1eQWtYhuxx6YUL7O87x
status: 200
accept-ranges: bytes
content-type: text/css
content-length: 16155
x-amz-cf-id: -k3EXeWqTm7NZkBIFFg-MMtMKkZec4XV3RKN3KCjOTbVo4R5ekcA-w==

GET
S 200 IrisButtons.css
ovp.iris.tv/libs/adaptive/styles/ 6 KB
7 KB 94ms
94ms Stylesheet
text/css 2600:9000:201a:400:15:d134:4e40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ovp.iris.tv/libs/adaptive/styles/IrisButtons.css
Requested by: Host: ovp.iris.tv
URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js
Protocol: SPDY
Server: 2600:9000:201a:400:15:d134:4e40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5930e21ac651cb63a774543ec249b036906ec5b556626cfd38b11e9e1b91df07

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 23 Jul 2018 18:25:53 GMT
via: 1.1 6801928d54163af944bf854db8d5520e.cloudfront.net (CloudFront)
last-modified: Fri, 20 Oct 2017 18:47:17 GMT
server: AmazonS3
age: 39842
etag: "2ce1f35dd7f9aab244abcf807dae7406"
x-cache: Hit from cloudfront
x-amz-version-id: UP69GrNPUxOFGiCGhBlw5aryoy52dtAe
status: 200
accept-ranges: bytes
content-type: text/css
content-length: 6520
x-amz-cf-id: aAAuXoLJGggGFk-qcm6HOckdyd1tyUT9XDtIDYaf2SQZMVVuAwpoYg==

GET
H2 200 bridge3.225.0_en.html
imasdk.googleapis.com/js/core/ Frame 8695 0
0 34ms
12ms Document
text/html 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.225.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.225.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 163537
date: Fri, 27 Jul 2018 18:29:33 GMT
expires: Sat, 27 Jul 2019 18:29:33 GMT
last-modified: Fri, 27 Jul 2018 18:21:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 558030
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

SPDY

Server

2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10523
x-xss-protection: 1; mode=block
expires: Fri, 03 Aug 2018 05:30:03 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/f801c73b-4601-4edb-8090-28dfff3939ac/1280x720/match/ 225 KB
225 KB 311ms
132ms Image
image/jpeg 52.85.100.248
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/f801c73b-4601-4edb-8090-28dfff3939ac/1280x720/match/image.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.85.100.248 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-100-248.jfk1.r.cloudfront.net
Software: / BC
Resource Hash: a28cd485655f6f522141ecac6516ae7a947e4a4d73219614bf2f92fd29a91f49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 02:36:13 GMT
Via: 1.1 760c3e73b48f2af4c32619fb9e2b3dc2.cloudfront.net (CloudFront)
Age: 10430
X-Powered-From: us-east-1a
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: nRCoFeQrXRvH4e9L01J-EONUdfLocvc2QZvv0WcyIRSIR2YZfB8cUA==

GET
H2 200 bridge3.225.0_en.html
imasdk.googleapis.com/js/core/ Frame C50D 0
0 26ms
5ms Document
text/html 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.225.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.225.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 163537
date: Fri, 27 Jul 2018 18:29:33 GMT
expires: Sat, 27 Jul 2019 18:29:33 GMT
last-modified: Fri, 27 Jul 2018 18:21:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 558030
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/318dc92e-b3c1-4241-971c-6e478a532780/1280x720/match/ 114 KB
115 KB 281ms
106ms Image
image/jpeg 52.85.100.248
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/318dc92e-b3c1-4241-971c-6e478a532780/1280x720/match/image.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.85.100.248 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-100-248.jfk1.r.cloudfront.net
Software: / BC
Resource Hash: 35fd4a7c75cfc89ac116385c2f233f0c2144d08ccf9902510edee9f4f1d71572

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

Date: Thu, 02 Aug 2018 15:00:11 GMT
Via: 1.1 b2566c33186e0b7da4759cb2082b0f5d.cloudfront.net (CloudFront)
Age: 52192
X-Powered-From: us-east-1c
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: 0bZXXJA-fM72nQy-TzFGfp8Yqbr2_ejQ7lRrZJQHYwSPmTYLM_E_JQ==

GET
S 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/8f9f3b25-484d-42ce-80d2-1e636a927065/10s/ 4 KB
4 KB 7ms
6ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/8f9f3b25-484d-42ce-80d2-1e636a927065/10s/rendition.m3u8?fastly_token=NWI3ZDZjMTRfYTYxYzIxYWE5NTRkNDU0NTIwZGE1ZGIzNjI0YWFlNjYxM2IxYjgyNTZlMTMyMWNkNWNhYzE5Y2JmN2M4YTAyYw%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 805d15b581a5d96b5d5fb2269c08f460ca0dbec8e25a7277ccf0d0451c10ac7d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 748059
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 3659
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.092731,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
S 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/d4ebdbf3-265e-47cc-83e4-5da8cdebe57f/10s/ 2 KB
2 KB 6ms
6ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/d4ebdbf3-265e-47cc-83e4-5da8cdebe57f/10s/rendition.m3u8?fastly_token=NWI3YjcyZmVfMzdkYjg0ZWFiODRiYTI1MzQxMzA2NGM5MjhlN2Q5M2Q4YzNjMTcxN2MzZWEyZTJjYWM5ZjRmYWFjNGUxNGQwMg%3D%3D&pubid=5615998031001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 23d9f4d0649916adaf5164fa06937c316415323279db61b9ad05028b49602860

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 877143
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 2183
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.093815,VS0,VE0
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 11

GET
BLOB 200
OK 4c6a0318-50d0-486a-b397-2ac4bbe14263
https://www.heraldsun.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldsun.com/4c6a0318-50d0-486a-b397-2ac4bbe14263
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8104c36250357ff213f58ddf9489aa7eac3ceee084b1386dd24e1e1796251a4b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 5645
Content-Type: application/javascript

GET
S 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/10s/ 4 KB
4 KB 60ms
60ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/10s/master.m3u8?fastly_token=NWI4OGQ2MmZfZTdhMDZkNmQyNWQ0ZDg4NTFmYjkxMjEwYjljZWJmNTZkOWY3ZmMyOGEzZWI3ZGZiNTNlNjBmOWY1ZjcwMDMxNA%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 79b7f767a98d0f6cc984b9dd1e9b630324cc8f3af9d1dfad5c699f579399af00

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
status: 200
x-bolt-device-group: unknown
content-length: 3717
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.102447,VS0,VE53
x-powered-from: eu-west-1b
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
S 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/b341bccb-9129-4f57-96e4-e5ba962b22db/10s/ 4 KB
4 KB 6ms
6ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/e0c0c306-6a9d-47e1-9e66-fa074c6e360b/b341bccb-9129-4f57-96e4-e5ba962b22db/10s/rendition.m3u8?fastly_token=NWI3ZDZjMTRfOWNlNTI4YTBmZWJkZTZiOGNkY2I3YmVlZjA1NDVjMzllYTI0NzNiYWQ5OTk1YTkwZGQ3OTZmMTY5ODhmNTYyNA%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: c73c032eb503a7afdaa7de7b34a08088be64cf09391c71da6c894ad7fbe804a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 747988
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 3651
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.108165,VS0,VE0
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 78

GET
S 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/7c219822-2dad-43f3-bc70-5feeada580fb/10s/ 2 KB
2 KB 6ms
6ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5615998024001/4a7c0481-1abe-4153-880a-45a2d1f77c3b/7c219822-2dad-43f3-bc70-5feeada580fb/10s/rendition.m3u8?fastly_token=NWI3YjcyZmVfNTE1MzUxY2U5MWQ0MTNlM2M1NzNmYjgyMzk3MWZhZjNjYjczYjY3YThjYzE0YTQ1MTNjYWNmZGY5ZmI1M2I4Ng%3D%3D&pubid=5615998031001
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: b8d31c0d4c652a208e40e591e94db8baa4d3d2089521a03340be5cb699a2ac2f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 877143
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 2179
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.111249,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H2 200 bridge3.225.0_en.html
imasdk.googleapis.com/js/core/ Frame E977 0
0 27ms
7ms Document
text/html 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.225.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.225.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 163537
date: Fri, 27 Jul 2018 18:29:33 GMT
expires: Sat, 27 Jul 2019 18:29:33 GMT
last-modified: Fri, 27 Jul 2018 18:21:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 558030
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/main/1280x720/34s623ms/match/ 178 KB
178 KB 2050ms
1874ms Image
image/jpeg 52.85.100.248
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/main/1280x720/34s623ms/match/image.jpg
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.85.100.248 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-100-248.jfk1.r.cloudfront.net
Software: / BC
Resource Hash: c4af90a956222345c3845a2d52da953f21a841a9909dd73516776aa693403999

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

Date: Fri, 03 Aug 2018 05:30:05 GMT
Via: 1.1 fc8718fc654846d5ff65e1100874c1fc.cloudfront.net (CloudFront)
X-Powered-From: us-east-1a
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Amz-Cf-Id: 2YyeJbB3DwiX83xWwy7Pycjwe7Mr7USqUsBYDa7Brmhxo3c2t374Uw==

GET
H/1.1 200
OK RCff69f5d15cd24750a3d41481a7136831-source.min.js Show response
assets.adobedtm.com/BL0e7689f8c08444c2ad183eb34c9acba7/ 385 B
697 B 6ms
5ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/BL0e7689f8c08444c2ad183eb34c9acba7/RCff69f5d15cd24750a3d41481a7136831-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: HTTP/1.1
Server: 2.18.232.23 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b212e78de49a01a4735ccc801d7a5586be7680eca57d20cd957deb54fc920fe

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Jul 2018 12:52:12 GMT
Server: Apache
ETag: "97c455b5bf38b91aabe4cfcda6757cf1:1533041532"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Content-Length: 255
Expires: Fri, 03 Aug 2018 06:30:03 GMT

GET
H/1.1 200
OK privacy.cf890c6ed7cab098a016.js Show response
static.mcclatchyinteractive.com/js/ 6 KB
3 KB 495ms
421ms Script
text/javascript 2a02:26f0:6c00:182::31c6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mcclatchyinteractive.com/js/privacy.cf890c6ed7cab098a016.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe8f70e36bc2f473e93435c31a9a5ba80.min.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:182::31c6 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 2a0211f41f89991336d28dd39ebb403d9ff5b087f56ece99322fff6287c97297

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 May 2018 12:37:36 GMT
Server: Apache
ETag: "16de-56d6b9d98584c"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2492

GET
S 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/53183ad5-941d-40ba-ad27-0ba2fcaea53f/10s/ 3 KB
3 KB 6ms
6ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/53183ad5-941d-40ba-ad27-0ba2fcaea53f/10s/rendition.m3u8?fastly_token=NWI4OGQ2MzBfODdlNWZmMjM2ODI3NDBmYzk3M2I4MWI1N2QzOTIzZWM3NjA0Mzk0ZDM2YmEyMmI0OTRiZWVkZjlmNmRiMWY4OQ%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: 4fdc0dcbf1207df9a74e11259ab607aceb2f23d169b87d29b4ec9c05e366a449

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 214539
x-powered-by: BC
x-cache: HIT
status: 200
content-length: 2871
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.179805,VS0,VE1
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
S 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/c628dfa5-8faa-45b3-abc9-74a77ba6b777/10s/ 3 KB
3 KB 142ms
142ms XHR
application/x-mpegurl 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5502557045001/676d1443-944b-443f-bb72-f7a580477a24/c628dfa5-8faa-45b3-abc9-74a77ba6b777/10s/rendition.m3u8?fastly_token=NWI4OGQ2MzBfNTZiMDA5MWYzNTRlYzU4OTUyNDM2MTUyZTUwODRlMzdhYTRiMGJhYmNhYmI3MWY5ZDExNGNhYjg4NzczOTZkNQ%3D%3D
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/build/webpack/brightcoveVideo.bundle-297cf876af2ad54d4105.js
Protocol: SPDY
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: / BC
Resource Hash: c25a7337693fb3031b81db38ae9d344b198a13b69bda13b261a56cd7581e4790

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:03 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
status: 200
content-length: 2865
x-served-by: cache-fra19146-FRA
x-timer: S1533274203.187951,VS0,VE136
x-powered-from: eu-west-1a
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=1209600, max-age=1209600
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

POST
H/1.1 204
No Content pack Show response
rb.adnxs.com/ 0
412 B 94ms
16ms XHR
text/plain 37.252.167.207
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 37.252.167.207 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 24.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.10.1
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Access-Control-Allow-Methods: POST, OPTIONS

POST
H/1.1 204
No Content pack Show response
rb.adnxs.com/ 0
412 B 60ms
14ms XHR
text/plain 37.252.167.201
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 37.252.167.201 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 14.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.10.1
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Access-Control-Allow-Methods: POST, OPTIONS

POST
S 204 csi
csi.gstatic.com/ 0
56 B 14ms
14ms Other
image/gif 2a00:1450:400c:c0b::5e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~jkdjvet1&c=6968783167198&alt=0&sdkv=h.3.225.0&pid=7675&ppt=videojs-ima&ppv=1.5.1&mrd=4&aab=1&itv=1&met.4=ar.2jz~ar.2ka~ar.2li~vl.2xi&rcid=goog_725944071
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: SPDY
Server: 2a00:1450:400c:c0b::5e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: max-age=0
Origin: https://www.heraldsun.com
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 204 csi
csi.gstatic.com/ 0
56 B 14ms
14ms Other
image/gif 2a00:1450:400c:c0b::5e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~jkdjvf6k&c=6968783167198&alt=0&sdkv=h.3.225.0&pid=7675&ppt=videojs-ima&ppv=1.5.1&mrd=4&aab=1&itv=1&rcid=goog_725944069&met.4=vl.2y0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: SPDY
Server: 2a00:1450:400c:c0b::5e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: max-age=0
Origin: https://www.heraldsun.com
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
S 204 csi
csi.gstatic.com/ 0
56 B 14ms
14ms Other
image/gif 2a00:1450:400c:c0b::5e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~jkdjvf72&c=6968783167198&alt=0&sdkv=h.3.225.0&pid=7675&ppt=videojs-ima&ppv=1.5.1&mrd=4&aab=1&itv=1&rcid=goog_725944073&met.4=vl.2y2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: SPDY
Server: 2a00:1450:400c:c0b::5e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: max-age=0
Origin: https://www.heraldsun.com
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content pack Show response
rb.adnxs.com/ 0
412 B 12ms
11ms XHR
text/plain 37.252.167.201
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 37.252.167.201 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 14.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.10.1
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Access-Control-Allow-Methods: POST, OPTIONS

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 224 KB
65 KB 413ms
412ms XHR
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2041494129753317&correlator=3374833885942612&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061301&vrg=236&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=7675%2CDUR.site_heraldsun%2CNews%2CState&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C234x60%2C728x90%2C336x280%2C300x250%7C300x600%2C300x250%2C300x250%7C300x600%2C300x250%2C300x250%2C728x90%2C1600x600%2C285x70&ists=2048&prev_scp=id%3D209736429%7Catf%3Dy%26optimera%3DNULL%26id%3D209736429%7Catf%3Dy%26optimera%3DNULL%26id%3D209736429%26pkg%3Dd%26hb_size_indexExchang%3D728x90%26hb_pb_indexExchange%3D0.03%26hb_adid_indexExchang%3D50efd9fb8db0c8e%26hb_bidder_indexExcha%3DindexExchange%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_adid%3D50efd9fb8db0c8e%26hb_bidder%3DindexExchange%7Catf%3Dn%26optimera%3DNULL%26id%3D209736429%26hb_size_indexExchang%3D%26hb_pb_indexExchange%3D%26hb_adid_indexExchang%3D%26hb_bidder_indexExcha%3D%26hb_size%3D%26hb_pb%3D%26hb_adid%3D%26hb_bidder%3D%7Catf%3Dy%26optimera%3DNULL%26id%3D209736429%26pkg%3Db%26hb_size_indexExchang%3D%26hb_pb_indexExchange%3D%26hb_adid_indexExchang%3D%26hb_bidder_indexExcha%3D%26hb_size%3D%26hb_pb%3D%26hb_adid%3D%26hb_bidder%3D%7Catf%3Dn%26optimera%3DNULL%26id%3D209736429%26pkg%3Dc%26hb_size_indexExchang%3D%26hb_pb_indexExchange%3D%26hb_adid_indexExchang%3D%26hb_bidder_indexExcha%3D%26hb_size%3D%26hb_pb%3D%26hb_adid%3D%26hb_bidder%3D%7Catf%3Dn%26optimera%3DNULL%26id%3D209736429%26pkg%3De%26hb_size_indexExchang%3D%26hb_pb_indexExchange%3D%26hb_adid_indexExchang%3D%26hb_bidder_indexExcha%3D%26hb_size%3D%26hb_pb%3D%26hb_adid%3D%26hb_bidder%3D%7Catf%3Dn%26optimera%3DNULL%26id%3D209736429%7Catf%3Dn%26optimera%3DNULL%26id%3D209736429%7Catf%3Dn%26optimera%3DNULL%26id%3D209736429%7Catf%3Dy%26optimera%3DNULL%26id%3D209736429%7Catf%3Dn%26optimera%3DNULL%26id%3D209736429%26pkg%3Da&eri=1&cust_params=lpid%3D%26pl%3Dstory-OOM%26swgt%3Dna%26sect%3Dnorthcarolina%26ref%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1533274203&dt=1533274203752&frm=20&biw=1585&bih=1185&oid=3&adxs=0%2C1129%2C429%2C0%2C1053%2C1053%2C1053%2C1053%2C1053%2C429%2C0%2C0&adys=0%2C45%2C160%2C0%2C270%2C1157%2C1865%2C2155%2C2445%2C3595%2C3744%2C0&adks=3232465554%2C954862943%2C1042366284%2C2912350387%2C2606872447%2C930707383%2C3362709925%2C930707369%2C930707368%2C3985704559%2C715338637%2C2167153082&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&dssz=84&icsg=3395303315129136&mso=160&std=11&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C234x60%7C1140x90%7C0x0%7C320x250%7C320x250%7C320x250%7C320x250%7C320x250%7C1140x90%7C1585x600%7C300x-1&msz=0x0%7C234x60%7C1140x90%7C0x0%7C320x250%7C320x250%7C320x250%7C320x250%7C320x250%7C1140x90%7C1585x600%7C0x-1&ga_vid=590743382.1533274204&ga_sid=1533274204&ga_hid=1725936990

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_236.js

Protocol

SPDY

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d0d3d61ade339d9bb8614e82808c1fca0b1f6c415bd9592be2d070f6feeb05fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Fri, 03 Aug 2018 05:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 66083
x-xss-protection: 1; mode=block
google-lineitem-id: -2,4682455608,-1,4723347587,-1,391558014,-1,4527010206,-2,4682455608,-2,4682455608
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138234353106,-1,138214748486,-1,100297882734,-1,138220714808,-2,138234401606,-2,138234353964
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.heraldsun.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_236.js
Protocol: SPDY
Server: 2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Wed, 31 Jul 2019 00:10:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
content-type: text/html

POST
H/1.1 204
No Content pack Show response
rb.adnxs.com/ 0
412 B 12ms
11ms XHR
text/plain 37.252.167.201
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 37.252.167.201 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 14.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.10.1
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Access-Control-Allow-Methods: POST, OPTIONS

GET
H/1.1 200
OK s98690134522663 Show response
mcclatchy.sc.omtrdc.net/b/ss/nmolathe,mccltAllMcClatchy/10/JS-2.8.1/ 222 B
888 B 101ms
46ms Script
application/x-javascript 172.82.228.19
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.sc.omtrdc.net/b/ss/nmolathe,mccltAllMcClatchy/10/JS-2.8.1/s98690134522663?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F7%2F2018%205%3A30%3A4%205%200&d.&nsid=0&jsonv=1&.d&mid=24500826006336119190236460761227389458&aid=2DB1F42D05311607-6000012B200AA4AB&aamlh=6&ce=UTF-8&pageName=D%3Dv4&g=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&cc=USD&ch=D%3Dv23&server=D%3Dv24&events=event10%2Cevent44%3D1%2Cevent7&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv54&v1=Unregistered&h1=DUR%7CDurham%20Herald%20Sun%7CNews%7CState%7C%7C%7C%7CNorth%20Carolina&c2=dev%3Aother&c3=D%3Dv7&c4=Charlotte%7CRick%20Rothacker&v4=Story%3A209736429%7CBank%20of%20America%20CEO%20on%20gun%20violence%3A%20%27We%20have%20to%20help.%27&c6=D%3Dh1&v7=Story&c10=%2Fnews%2Fstate%2Fnorth-carolina&v10=Nativo%2CVideo%20Widget%2CVideo%20Inline%2CRead%20More%2CSubscription%20CTA&c11=ecidfailed%3Ano%7Cecidtimeout%3Ano%7Cmicb%3Ayes%7Crefresh%3Ano%7ChasFocus%3Ayes&v12=no%20referrer&c13=Unregistered&v13=%23navlink%3DSecList&c14=D%3Dv16&c15=dev%3Aother&v15=New&c17=D%3Dv8&c18=D%3Dv15&c19=StoryWords%3A500&c20=D%3Dv51&c21=News&c22=State&v23=North%20Carolina&v24=heraldsun.com&c26=D%3Dv26&v26=DUR&c27=D%3Dv27&v27=Durham%20Herald%20Sun&c29=bank%20of%20america%2Cbofa%2Cparkland%2Cguns%2Cbrian%20moynihan%2Cmeeting%2Cshareholders&v29=D%3Dc53&c31=2018%2F04%2F25&c32=2018%2F04%2F26%20H14&c33=1%3A00AM&v33=adblock%3Ano&c34=Friday&c35=D%3Dv13&c36=D%3Dv10&c39=D%3Dv14&c41=D%3Dv74&c43=D%3Dv55&c44=Entry%20Page&v45=loggedin%3Ano&c47=escenic%3Adesktop&c49=D%3Dv12&c52=Rick%20Rothacker&c53=209736429&v54=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&v55=Entry%20Page&c56=D%3Dv45&v59=Bank%20of%20America%20CEO%20on%20gun%20violence%3A%20%27We%20have%20to%20help.%27&v63=%2B1&v64=Story%20Page%20View&v65=%2B1&v71=1&v74=Product%3A%20Escenic&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=3B6E35F15A82BBB00A495D91%40AdobeOrg&AQE=1

Requested by

Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/products/escenic_s_code.js

Protocol

HTTP/1.1

Server

172.82.228.19 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

81c6d740e6770b0b12d351bb03c43c65e68e517ccedf2dd06af9acfd6310b316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-AAM-TID: ncqb1tVyQNc=
Date: Fri, 03 Aug 2018 05:30:04 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.4.0
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 222
X-XSS-Protection: 1; mode=block
DCS: irl1-prod-dcs-9cef080a.edge-irl1.demdex.com 5.35.1.20180801150814 5ms
Pragma: no-cache
Last-Modified: Sat, 04 Aug 2018 05:30:04 GMT
Server: Omniture DC/2.0.0
xserver: www243
ETag: "3292681281077313536-5022711113205177899"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Expires: Thu, 02 Aug 2018 05:30:04 GMT

GET
S 200 abg.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/ Frame F22F 73 KB
23 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/abg.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4ad354b1656643976aa16bdcb4505bc5d624567f218e897a1654dad1f20817a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23533
x-xss-protection: 1; mode=block
server: cafe
etag: 15837010286788694136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:39 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/client/ext/ Frame F22F 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7d3b068f04726edc36c3eeb66b5d97c5aa692e418945d20f4f4505706183b3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1349
x-xss-protection: 1; mode=block
server: cafe
etag: 8956746284566214480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/ Frame F22F 71 KB
26 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/osd_listener.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

40e8db13f44571762fa6e5704ca8bb1a73c2cce35e83603e9ac131ab8127db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26366
x-xss-protection: 1; mode=block
server: cafe
etag: 17113453447230713914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:34 GMT

GET
S 200 8878490041325847100
tpc.googlesyndication.com/simgad/ Frame F22F 16 KB
16 KB 8ms
7ms Image
image/png 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8878490041325847100

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5acc7d345ac66aa2c508b22ef63e0c83c8db4065e93d9c9fc47b22d4afd58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 06:22:51 GMT
x-content-type-options: nosniff
age: 1811233
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16121
x-xss-protection: 1; mode=block
last-modified: Fri, 25 May 2018 16:47:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2019 06:22:51 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 70 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_236.js

Protocol

SPDY

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6546ea7bd057a25d0198ff233e30008c8c8f99bcef163ff487a255db68577007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26269
x-xss-protection: 1; mode=block
server: cafe
etag: 15748226983099521862
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Aug 2018 06:15:59 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame EC10 0
0 10ms
7ms Document
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_236.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-29/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Tue, 31 Jul 2018 00:10:56 GMT
expires: Wed, 31 Jul 2019 00:10:56 GMT
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 278348
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK tag Show response
a.teads.tv/page/75660/ Frame 2510 1 KB
1 KB 123ms
27ms Script
application/javascript 34.252.3.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/75660/tag
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 34.252.3.209 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-252-3-209.eu-west-1.compute.amazonaws.com
Software: teads-ssp /
Resource Hash: f561536dc5d2bd18e0ef48e1a8f11a277d725b66de5cc8dffe0d26b82c15f645

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:04 GMT
Content-Encoding: gzip
Server: teads-ssp
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 612
Expires: 0

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/ Frame 2510 71 KB
26 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/osd_listener.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

40e8db13f44571762fa6e5704ca8bb1a73c2cce35e83603e9ac131ab8127db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26366
x-xss-protection: 1; mode=block
server: cafe
etag: 17113453447230713914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:34 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame 151A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_236.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-29/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Tue, 31 Jul 2018 00:10:56 GMT
expires: Wed, 31 Jul 2019 00:10:56 GMT
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 278348
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK full_job_card_loader_prod.min.js Show response
www.gomnlt.com/partner_resources/ Frame 69FC 5 KB
5 KB 391ms
93ms Script
text/javascript 52.200.33.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gomnlt.com/partner_resources/full_job_card_loader_prod.min.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.200.33.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-200-33-142.compute-1.amazonaws.com
Software: Apache/2.2.34 (Amazon) /
Resource Hash: a6b0a7f18ae36142f4846a0a0d68212b37adb0307719d413d19987df50bb998a

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Last-Modified: Wed, 13 Jun 2018 15:56:54 GMT
Server: Apache/2.2.34 (Amazon)
ETag: "408c8-140f-56e8808216c92"
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5135

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/ Frame 69FC 71 KB
26 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/osd_listener.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

40e8db13f44571762fa6e5704ca8bb1a73c2cce35e83603e9ac131ab8127db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26366
x-xss-protection: 1; mode=block
server: cafe
etag: 17113453447230713914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:34 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame A51F 0
0 12ms
8ms Document
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_236.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-29/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Tue, 31 Jul 2018 00:10:56 GMT
expires: Wed, 31 Jul 2019 00:10:56 GMT
last-modified: Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 278348
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 express_html_inpage_rendering_lib_200_241.js Show response
s0.2mdn.net/879366/ Frame A14B 112 KB
39 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:81d::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_241.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3aa1eb0977892df69b31298358aa837fad1f41ac53d4c01dded283de64b231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com

Response headers

date: Thu, 02 Aug 2018 19:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35759
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 39313
x-xss-protection: 1; mode=block
last-modified: Mon, 21 May 2018 20:23:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Aug 2018 19:34:05 GMT

GET
S 200 V6zvOIoD.js Show response
tpc.googlesyndication.com/sodar/ Frame A14B 40 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/V6zvOIoD.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

57acef388a037b38756fdd178f355217378fa2a6a9a92d0bd9655e48a9b811cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 31 Jul 2018 00:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Jan 2018 21:45:00 GMT
server: sffe
age: 278339
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 15146
x-xss-protection: 1; mode=block
expires: Wed, 31 Jul 2019 00:11:05 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/ Frame A14B 71 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/osd_listener.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

40e8db13f44571762fa6e5704ca8bb1a73c2cce35e83603e9ac131ab8127db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26366
x-xss-protection: 1; mode=block
server: cafe
etag: 17113453447230713914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:34 GMT

GET
S 200 abg.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/ Frame 12D4 73 KB
23 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/abg.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4ad354b1656643976aa16bdcb4505bc5d624567f218e897a1654dad1f20817a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23533
x-xss-protection: 1; mode=block
server: cafe
etag: 15837010286788694136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:39 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/client/ext/ Frame 12D4 3 KB
1 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7d3b068f04726edc36c3eeb66b5d97c5aa692e418945d20f4f4505706183b3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1349
x-xss-protection: 1; mode=block
server: cafe
etag: 8956746284566214480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/ Frame 12D4 71 KB
26 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/osd_listener.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

40e8db13f44571762fa6e5704ca8bb1a73c2cce35e83603e9ac131ab8127db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26366
x-xss-protection: 1; mode=block
server: cafe
etag: 17113453447230713914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:34 GMT

GET
S 200 2485281893765922670
tpc.googlesyndication.com/simgad/ Frame 12D4 48 KB
48 KB 11ms
7ms Image
image/png 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2485281893765922670

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fd147c0d51c74b137c33d2658705bb4abba4aebc451f6c5144c0f6d8f3da7d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 12:44:24 GMT
x-content-type-options: nosniff
age: 1874740
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 49103
x-xss-protection: 1; mode=block
last-modified: Fri, 25 May 2018 16:47:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2019 12:44:24 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/ Frame 9319 71 KB
26 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180801/r20110914/activeview/osd_listener.js

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

40e8db13f44571762fa6e5704ca8bb1a73c2cce35e83603e9ac131ab8127db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 01 Aug 2018 14:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26366
x-xss-protection: 1; mode=block
server: cafe
etag: 17113453447230713914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Aug 2018 14:08:34 GMT

GET
S 200 imgad
tpc.googlesyndication.com/pagead/ Frame 9319 73 KB
73 KB 18ms
0ms Image
image/png 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCb6rrOmwEQARgBMggI02UDxCNYhQ

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

5a322b10eec6a50a665880462cec2e21b19602d039e835ab63fb7120988649bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 28 Jul 2018 08:01:47 GMT
x-content-type-options: nosniff
server: cafe
age: 509297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74333
x-xss-protection: 1; mode=block
expires: Sat, 04 Aug 2018 08:01:47 GMT

GET
S 200 imgad
tpc.googlesyndication.com/pagead/ Frame 9319 32 KB
32 KB 19ms
3ms Image
image/png 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCbiq2stwEQARgBMggDmTIv6reAMQ

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b253d0931230d578d307fb2af395be591b0e9ec0ec198bd2ce16bbbbf5e178b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 03:31:08 GMT
x-content-type-options: nosniff
server: cafe
age: 7136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 32266
x-xss-protection: 1; mode=block
expires: Fri, 10 Aug 2018 03:31:08 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame F22F 0
56 B 45ms
42ms Image
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGTAjXjkpVd0j0k-kXJHIsvXOhFI0FmspT4qEEIkZ2RqFwdbo1A6zbfFq69mffp5VItZn0kGMwZtRTfP9hPW3Un1c4UacrcnM_KP-ghWfiWVMj0BtCjoK_YU-rAvaRyMdOgtlccdbSPclg37nfLcKClnHMtS0a-6uGGnJZli77xcgBic67hSGjM9-hsSloArIV-WNAfwc2zDpHdbS9nmt8gFpRM7NsmjxJ7EFUQHRhbE6wU_fiLS8bOZtwC3NIFCWFAZmKLojKUII&sai=AMfl-YQ-Trea0FWMPMcRAHhLLB8pYeD8PGojirWVRgnUXsaJfFOApzkHRZgH6bc3_-el0YgnDnSYYLMM_wcJVwHU7Abz-YGJCMg7O-ZCQYS_RjkfHhA0QghOl2FOF1Ij&sig=Cg0ArKJSzHgivD_xYN8hEAE&adurl=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2510 0
56 B 46ms
43ms Image
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMisAwjoRSgq45KpA7EzRpi-p_i3ESK37R8_ZeUPXmpAj3rPFpipD5KXlK4XL_R982jdtJUV0ZGLmaXNne0J9EWgryQVILJR5tjUyPgsyrumsBn-gRrtd_sJ5gLUlIGM7G9GTmLyILS9rHCSdNECB84iECCxQySG5GGCSUswUgwCKH7r5UBvuyJPJPDVHTKKsAjB9R6gK_1ksPeysuXVe3-1PfsR0x6amAy1H9gOAG58kcoILCDoXYD9FWimeDFeA0ZW5iV1zA-QDHsiY&sai=AMfl-YTuRsvjvJX78rCm7jALKE-9ewKb9GMEsB2oYFoR-Sp7CavkZEMTUiySaWI4I6v6o0Dyck3AZ7CFVgLy9dBlqlZCkb0dGujFxDKp8zlEhng5NreeBrz4pTHTLHXs&sig=Cg0ArKJSzLyitGPBaLr3EAE&urlfix=1&adurl=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69FC 0
65 B 44ms
42ms Image
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkdcrVYKOJg8cYg2NShJQMGESH_CsqESc5pUv-4y333VemZCKe3osqX_u_X5n9VhR7DqVX3HKVgujhrXKICCvq0JrtDo5tSZfXhAfSftIevERh0w6FGtzLONiDI9Xf9kgemEjukzF21D4e-Tq1ty7sCTTTa5-ylHp9cFGgmwKmH4qJ_H7Kn1Cv4BR5pnNucfXI0BqzK7tSnOpsf-hnAOUcsQBdR44uzlqZ4yaU8krsCg1jkVajGJpEOetLRGCAb16lOv7G8d-pRDY&sai=AMfl-YT3qmR5A-WyiKSu7TqjZnTSKSjaeArJFh3loCah1dYcn_XKUc9CYhehJWewsdeq3Lu5slzUbVFBJqK9UeFB0_KHtMgx0L0JFprJlsXfrJwHFDl8ACNXU2pW58yr&sig=Cg0ArKJSzN_n8b1fqssFEAE&urlfix=1&adurl=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 view
googleads4.g.doubleclick.net/pcs/ Frame A14B 0
378 B 72ms
38ms Image
text/html 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpeJTT46I9yKuN8wJlzGKacFK9rNaNVQ4MorEh_rDA_WSkrFOD2qqnh5gRVpJsLgaN1wdCzPbJesTE5v-ODBwHiiI49pUzSfA1R1I4gyF3aEOYdOhYwOxY5d2esuabxYZIcAxQL1DzdBFvcr1pZmkNx5UjQmLPzBgvy5ZbDpts-GS73adHWn9TAXzhxvQcWt2ufqa-p5VpSG35jQrj6AoUexawh7YTBJXVyZEJuHmzBYCUQ16_Ahi9opVmFaY9MalxAU6WFmuBF2phLJnISZLB55mqimu14eihsIUzD3xM4w_MHLRpwLFH0npCN1TYleh-Abg8bOfDBXf6unP7NmQ&sai=AMfl-YSL8yqvWQCz2JbgnVVydxG0-mc68haIAnIhivW57-vUIMxRxtsvCDcD2zRyAPlLU1iE9zwruiJ9YJ1v6wb3dGuO7RUxvlZl8v5oJ_0LmQk1X4avabXGWmP1Nhcm&sig=Cg0ArKJSzJq3ywJ_P5KqEAE&urlfix=1&adurl=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s24-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 12D4 0
65 B 43ms
42ms Image
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv32YCurLOkfPZwbC1wx1DizNOIiEgfgkf92kHTRmqGr9bcNHiPMU7MqxMPQyTGBSR3uiYX2-LGQ7o8W_0QVYArfTdzG3jSgmwPtOnkmTT1qxcfjmmd1N9lstI0MGovSizME5fJlCzuhkV8uroK2Z8QQIlXfh0NKpXYsUDNluwG2uzsQdUX_ajSmK1LUibiGdvRLycK2AfMhjF7u7LkP3ZZ2cE984B_gUyXX1lGvuQEYOT8QOjD1xLuBW665VTmti7vKF3SoE0NZrs&sai=AMfl-YSfY-7YwCM-prSRAA0Nc0S5adosUOPVTQsNZpAIL2o-YN20gx97REmpaKzqpoojsPSs6PzfmM1l_CweOhqxfd_RgPTraKQ5VZOkH7PdrHrqMVwijSqtYkr3vX6g&sig=Cg0ArKJSzJQKOn5pMoQUEAE&adurl=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9319 0
65 B 43ms
42ms Image
text/html 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOyuIdb41XKJiO9AKGclmPEkGCVB47stUQ-JSuEAA5zxovY-qo9jGUzxUML7c1KNWd7WG860HhdJRIpGDH7g3o3il87hMWzSrzP7xOs84t3g4tUt6yahaVMZPiQZx6SCAM_V7TH-UySiPPpK4HoxeNBt6cBnzGcEaKvNZYrjtvIgZiWtDKCQTzeLyWAVMRNiguaktA3eupOcx4myYxUS4f_SlpzQ-mudSOOfIxTIQRvk2DYAW6bkDpcCZym7zc8oGWpBJIBq8hBSnaQ-4&sai=AMfl-YTEjKHlx4NxFsyNz28iGpRuuz5xpu6yIg4UrlAULCYlKhHO8yoOlvIc-Wv2BcT0E363v3SKvv1OxdTgD3RDxjb4d868KW7evKUnyAlGW2EiouBXNO4DrcOEtOjY&sig=Cg0ArKJSzCWZktAcJHyZEAE&urlfix=1&adurl=
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: SPDY
Server: 172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 94ms
93ms Image
image/gif 52.6.138.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDcyMzM0NzU4NyIsImVidXkiOiIyMzQwOTI1ODI5IiwiZWFkdiI6IjE5NDg0OTY5NCIsImVjaWQiOiIxMzgyMTQ3NDg0ODYiLCJlZW52IjoiaiIsImVwaWQiOiIxNTcwMTMwMjE0IiwiZXNpZCI6IjE1NDE4NjUyOTQifQ&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=68dcb0b9-bc70-4857-af5d-7356519379a7&pid=0d6c0085-60a9-48ed-8140-ea23a685e7d1&dtm=1533274204410&qnm=_matherq&vp=1600x1200&ds=1585x4147&tofa=1533274204&vid=1&duid=3baf24c1b68fdb3c&fp=3998842399&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.6.138.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-138-7.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame A14B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb4f70dc6297998c84fb0625ecd14a59d3a4c0b01a1b336cb0fdcabebbaf6ff

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H2 200 6uQTKQJz.html
tpc.googlesyndication.com/sodar/ Frame 200E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/6uQTKQJz.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/V6zvOIoD.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/6uQTKQJz.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 7233
date: Thu, 19 Jul 2018 18:17:55 GMT
expires: Fri, 19 Jul 2019 18:17:55 GMT
last-modified: Tue, 02 Jan 2018 21:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
age: 1249929
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
DATA 200
OK truncated
/ Frame 12D4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1522b2889bc9764922fb5731fa55b5fedbd12e224e55cff104a1148f0bf4834

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9319 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63fe4f46719695786e48aa0ad0e5a2f9783e0f79c2166cd65b1f4c1316dc8da5

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F22F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33dc66f5e09cf83334bcd91a5e903da00f2eb7da03bec78d157a3283a0947ca1

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A14B 13 KB
5 KB 22ms
6ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=20434994&sid=4175535&plc=208106560&num=&adid=&advid=2276943&adsrv=1&btreg=422315199&btadsrv=doubleclick&crt=100120942&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_241.js
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: 9466b6801f91d6bf4f0670f04eec09a812de5d6e625d30a32188866121208265

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 22 Jul 2018 07:08:24 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
ETag: "52b01dc88a21d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5293

GET
S 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A14B 73 KB
26 KB 7ms
4ms Script
text/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_241.js

Protocol

SPDY

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a41a1673307da837a80b74efb992b8459a303e28f71315b1a3e80c9af2c7d33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 03 Aug 2018 05:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26604
x-xss-protection: 1; mode=block
server: cafe
etag: 877622000101512426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Aug 2018 06:08:29 GMT

GET
H2 200 index.html
s0.2mdn.net/2276943/1523392961914/ Frame 59EF 0
0 9ms
5ms Document
text/html 2a00:1450:4001:81d::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1523392961914/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_241.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /2276943/1523392961914/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
content-length: 868
date: Thu, 02 Aug 2018 14:38:01 GMT
expires: Fri, 03 Aug 2018 14:38:01 GMT
last-modified: Tue, 10 Apr 2018 20:42:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
age: 53523
cache-control: public, max-age=86400
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK teads-format.min.js Show response
cdn.teads.tv/media/format/v3/ 674 KB
177 KB 25ms
8ms Script
text/javascript 2.18.234.227
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/75660/tag
Protocol: HTTP/1.1
Server: 2.18.234.227 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-227.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1529264bb75f897f6910416ae17c1e878a731888dae2b6c3c4db4fe32adcf245

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Aug 2018 15:25:06 GMT
Server: AmazonS3
x-amz-request-id: 1723AD8D40187241
ETag: "879bcf1a1dd7c670f9b85e4d4ff50c74"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: max-age=56
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180960
x-amz-id-2: wCXteCkZ3rgWbhtT670qG/xaoUCqzZLblnds2/LkztD0DVfyI+y36C3I3k/6aPPnDri2IuaJVsQ=

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 96ms
95ms Image
image/gif 52.6.138.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDUyNzAxMDIwNiIsImVidXkiOiIyMTU5NTM0MTQ4IiwiZWFkdiI6IjE3NTk1Nzc0IiwiZWNpZCI6IjEzODIyMDcxNDgwOCIsImVlbnYiOiJqIiwiZXBpZCI6IjE1NzAxMzAyMTQiLCJlc2lkIjoiMTU0MTg2NTI5NCJ9&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=b144558d-120d-4627-95f0-25881637247a&pid=0d6c0085-60a9-48ed-8140-ea23a685e7d1&dtm=1533274204426&qnm=_matherq&vp=1600x1200&ds=1585x4147&tofa=1533274204&vid=1&duid=3baf24c1b68fdb3c&fp=3998842399&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.6.138.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-138-7.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK dv-measurements234.js Show response
cdn.doubleverify.com/ Frame 7F17 222 KB
67 KB 19ms
6ms Script
application/x-javascript 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements234.js
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash: def832556381c2984a2ece78370b73e01482041bad46b255879e2db4cb0ff683

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Content-Encoding: gzip
ETag: "b27778f82318d41:0"
Last-Modified: Tue, 10 Jul 2018 07:59:47 GMT
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68397

GET
H/1.1 200
OK t2tv7.html
cdn3.doubleverify.com/ Frame F70F 0
0 38ms
6ms Document
text/html 2.18.232.75
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements234.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.75 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-75.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/7.0 / ASP.NET
Resource Hash

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:15 GMT
Accept-Ranges: bytes
ETag: "6f4d6b7f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 4750
Date: Fri, 03 Aug 2018 05:30:04 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 7F17 3 KB
1 KB 36ms
8ms Script
text/javascript 213.254.244.25
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3ETau%3F6HDTauDE2E6Tau%3F%40CE9%5C42C%40%3D%3A%3F2Tau2CE%3A4%3D6a_hfbecah%5D9E%3E%3DU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3EU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=https:&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=818&ddur=36&uid=1533274204786333&jsCallback=dvCallback_1533274204786899&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=234&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&fwc=0&fcl=701&flt=1&fec=1013&fcifrms=20&brh=2&dvp_epl=249&ctx=13311291&cmp=20434994&sid=4175535&plc=208106560&crt=100120942&btreg=422315199&btadsrv=doubleclick&adsrv=1&advid=2276943
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements234.js
Protocol: HTTP/1.1
Server: 213.254.244.25 , Germany, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 8eaa9179c31129d8e6174e3125f2e25e8201f6bd83cfa59394af8b91ecf86afe

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: close
Expires: 8/2/2018 5:30:04 AM

OPTIONS
H/1.1 204
No Content next Show response
www.moonlightingapi-ads.com/joblist/ Frame 69FC 0
684 B 461ms
145ms XHR
text/plain 34.235.178.90
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moonlightingapi-ads.com/joblist/next?affId=MNI&subAffId=DUR

Requested by

Host: www.gomnlt.com
URL: https://www.gomnlt.com/partner_resources/full_job_card_loader_prod.min.js

Protocol

HTTP/1.1

Server

34.235.178.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-235-178-90.compute-1.amazonaws.com

Software

Apache-Coyote/1.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: GET
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: ml-ticket

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Frame-Options: DENY
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ml-session
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, ml-ticket, app-platform, app-version, ml-session
Expires: 0

GET
DATA 200
OK truncated
/ Frame 69FC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cdad38077261b973145430c74c8e216d355eb253cabf1f15795cbf34d176e1e

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK ad Show response
a.teads.tv/page/75660/ 118 B
483 B 127ms
35ms XHR
application/json 54.154.28.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/75660/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=&page=%7B%22id%22%3A75660%2C%22placements%22%3A%5B%7B%22id%22%3A81968%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A700%2C%22height%22%3A394%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A22%2C%22consent%22%3A%22%22%7D%7D&userId=d3c051f1-ced1-41bb-8c88-97bb842ab041&formatVersion=2.19.61&env=js-web&netBw=9.7
Requested by: Host: cdn.teads.tv
URL: https://cdn.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 54.154.28.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-28-106.eu-west-1.compute.amazonaws.com
Software: teads-ssp /
Resource Hash: f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:05 GMT
Content-Encoding: gzip
Server: teads-ssp
Content-Type: application/json
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: no-cache, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 129
Expires: 0

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1533274204960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1533274204960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

43 B
309 B

15ms
15ms

Image
image/gif

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1533274204960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=62939783&cs_ucfr=1
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:05 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1533274204960&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=62939783&cs_ucfr=1
Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
193 B 121ms
26ms Image
image/gif 34.251.196.37
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&pageId=75660&pid=81968&gid=[insertionId]&slot=native&env=js-web&ts=1533274204948
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 34.251.196.37 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-196-37.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 23
content-type: image/gif

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
193 B 121ms
26ms Image
image/gif 34.251.196.37
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&pageId=75660&pid=81968&gid=[insertionId]&slot=native&env=js-web&ts=1533274204958
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 34.251.196.37 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-251-196-37.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 23
content-type: image/gif

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2510 42 B
114 B 16ms
15ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuW9CWYro-jnMRKlKl6agxXJCSMQIwgxaU_49At8m-RFPtm0SOPwl1iQRL-15ISONcwM4M_lYTSBOw9mCsAuaoPsdYnV3qvIK4&sig=Cg0ArKJSzJXCuwx-vpllEAE&r=z&adk=2912350387&tt=391&bs=1585,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=0,0,0,0&opac=1&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&rst=1533274204268&rpt=229&bos=1600,1200&ps=1585,4147&ss=1600,1200&pt=-1&deb=1-0-9-11-9--1-11-0&tvt=353&op=1&id=osdim&ti=1&uc=1&tgt=DIV&cl=1&cec=10&clc=0&cac=0&cd=0x0&v=r20180801

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 94ms
94ms Image
image/gif 52.6.138.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDY4MjQ1NTYwOCIsImVidXkiOiIyMzE0OTkzMzIzIiwiZWFkdiI6IjE3NTk1Nzc0IiwiZWNpZCI6IjEzODIzNDQwMTYwNiIsImVlbnYiOiJqIiwiZXBpZCI6IjE1NzAxMzAyMTQiLCJlc2lkIjoiMTU0MTg2NTI5NCJ9&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=1bec634e-1ad0-487d-8a1a-5216a0faad59&pid=0d6c0085-60a9-48ed-8140-ea23a685e7d1&dtm=1533274204481&qnm=_matherq&vp=1600x1200&ds=1585x4147&tofa=1533274204&vid=1&duid=3baf24c1b68fdb3c&fp=3998842399&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.6.138.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-138-7.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:05 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 93ms
93ms Image
image/gif 52.6.138.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDY4MjQ1NTYwOCIsImVidXkiOiIyMzE0OTkzMzIzIiwiZWFkdiI6IjE3NTk1Nzc0IiwiZWNpZCI6IjEzODIzNDM1Mzk2NCIsImVlbnYiOiJqIiwiZXBpZCI6IjE1NzAxMzAyMTQiLCJlc2lkIjoiMTU0MTg2NTI5NCJ9&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=cf14bd06-a6b6-4043-8593-69c5f0d5d4c1&pid=0d6c0085-60a9-48ed-8140-ea23a685e7d1&dtm=1533274204486&qnm=_matherq&vp=1600x1200&ds=1585x4147&tofa=1533274204&vid=1&duid=3baf24c1b68fdb3c&fp=3998842399&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.6.138.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-138-7.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:05 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

Cookie set redirect
sync.teads.tv/iframe/ Frame 4A99
Redirect Chain

https://sync.teads.tv/iframe?pid=81968&userId=d3c051f1-ced1-41bb-8c88-97bb842ab041&gdprIab={%22status%22:22,%22consent%22:%22%22}&1533274205099
https://sync.teads.tv/iframe/redirect

0
0

27ms
27ms

Document
text/html

52.209.50.117
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe/redirect
Requested by: Host: cdn.teads.tv
URL: https://cdn.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.50.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-209-50-117.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.0-RC2 /
Resource Hash

Request headers

Host: sync.teads.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Accept-Encoding: gzip, deflate
Cookie: tt_viewer=44d5e326-c169-4143-9d30-adbb771312c8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Aug 2018 05:30:05 GMT
Server: akka-http/10.1.0-RC2
Set-Cookie: tt_exelate=; Expires=Sat, 04 Aug 2018 05:30:05 GMT; Domain=.teads.tv tt_bluekai=; Expires=Sat, 04 Aug 2018 05:30:05 GMT; Domain=.teads.tv tt_emetriq=; Expires=Sat, 04 Aug 2018 05:30:05 GMT; Domain=.teads.tv tt_liveramp=; Expires=Sat, 04 Aug 2018 05:30:05 GMT; Domain=.teads.tv
Content-Length: 1368
Connection: keep-alive

Redirect headers

Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Aug 2018 05:30:05 GMT
Location: /iframe/redirect
Server: akka-http/10.1.0-RC2
Set-Cookie: tt_viewer=44d5e326-c169-4143-9d30-adbb771312c8; Expires=Fri, 02 Aug 2019 05:30:05 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/
Content-Length: 89
Connection: keep-alive

GET
DATA 200
OK truncated
/ 669 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 93ms
93ms Image
image/gif 52.6.138.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDY4MjQ1NTYwOCIsImVidXkiOiIyMzE0OTkzMzIzIiwiZWFkdiI6IjE3NTk1Nzc0IiwiZWNpZCI6IjEzODIzNDM1MzEwNiIsImVlbnYiOiJqIiwiZXBpZCI6IjE1NzAxMzAyMTQiLCJlc2lkIjoiMTU0MTg2NTI5NCJ9&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=e30afd30-ac5d-46f7-bf1c-3e3d880ae1c6&pid=0d6c0085-60a9-48ed-8140-ea23a685e7d1&dtm=1533274204492&qnm=_matherq&vp=1600x1200&ds=1585x4147&tofa=1533274204&vid=1&duid=3baf24c1b68fdb3c&fp=3998842399&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.6.138.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-138-7.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:05 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 94ms
93ms Image
image/gif 52.6.138.7
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiMzkxNTU4MDE0IiwiZWJ1eSI6IjM1OTg5MjI5NCIsImVhZHYiOiIxNzU5NTc3NCIsImVjaWQiOiIxMDAyOTc4ODI3MzQiLCJlZW52IjoiaiIsImVwaWQiOiIxNTcwMTMwMjE0IiwiZXNpZCI6IjE1NDE4NjUyOTQifQ&tv=js-2.2.18-c&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tid=ba904379-c35e-46fa-8814-cafab7968186&pid=0d6c0085-60a9-48ed-8140-ea23a685e7d1&dtm=1533274204843&qnm=_matherq&vp=1600x1200&ds=1585x4147&tofa=1533274204&vid=1&duid=3baf24c1b68fdb3c&fp=3998842399&cid=ma12095&mrk=74930332&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.6.138.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-6-138-7.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:05 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 404
Not Found next Show response
www.moonlightingapi-ads.com/joblist/ Frame 69FC 0
702 B 184ms
183ms XHR
text/plain 34.235.178.90
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.moonlightingapi-ads.com/joblist/next?affId=MNI&subAffId=DUR

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

HTTP/1.1

Server

34.235.178.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-235-178-90.compute-1.amazonaws.com

Software

Apache-Coyote/1.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

ml-ticket: ff2f15def4dda1ff93533de3dc5d1d91
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:04 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache-Coyote/1.1
X-Frame-Options: DENY
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ml-session
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, ml-ticket, app-platform, app-version, ml-session
Expires: 0

GET
H/1.1 200
OK default_moonlighting_ad.png
www.gomnlt.com/partner_resources/ Frame 69FC 121 KB
121 KB 185ms
185ms Image
image/png 52.200.33.142
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gomnlt.com/partner_resources/default_moonlighting_ad.png
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Protocol: HTTP/1.1
Server: 52.200.33.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-200-33-142.compute-1.amazonaws.com
Software: Apache/2.2.34 (Amazon) /
Resource Hash: 14b2e195e5a4a218d231728afb4dae574454f528725b259caf3f9d44fa47f298

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:05 GMT
Last-Modified: Tue, 21 Feb 2017 19:55:48 GMT
Server: Apache/2.2.34 (Amazon)
ETag: "408d2-1e22d-5490fc4395edb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 123437

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F22F 42 B
114 B 15ms
15ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1JWASPcg70FP2WMnDhoI7WOFp2lszob1rQc-nSzOUukA-2v2ioUE1RDqHweD6E9nNPNHtkKkjjRt6BeEDVS-Upo9qjzRgkQk&sig=Cg0ArKJSzBnqu_hoq8v2EAE&adk=954862943&tt=1173&bs=1585,1200&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&p=45,1129,105,1363&opac=1&mcvt=1050&rs=3&ht=0&tfs=122&tls=1172&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1533274204251&rpt=326&bos=1600,1200&ps=1585,4242&ss=1600,1200&pt=-1&deb=1-0-9-13-12--1-186-3&tvt=1135&op=1&r=v&id=osdim&ti=1&uc=19&tgt=DIV&cl=1&cec=11&clc=1&cac=0&cd=234x64&v=r20180801

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9319 42 B
114 B 14ms
14ms Image
image/gif 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBXEYa-6UFTLuARRaWwqY2wGdZFAguCMmU6QOBz7ol5-F90t2hQI41UiW4zQO3DBj7K3Ze9s4S58jh6qKWSinjHVtOI6MmNgo&sig=Cg0ArKJSzLHy69pzMU6aEAE&adk=2167153082&tt=1173&bs=1585,1200&mtos=0,1091,1091,1091,1091&tos=0,1091,0,0,0&p=1091,313,1201,1273&opac=1&mcvt=1091&rs=3&ht=0&tfs=81&tls=1172&mc=0.99&lte=0.99&bas=0&bac=0&avms=geo&rst=1533274204342&rpt=195&bos=1600,1200&ps=1585,4242&ss=1600,1200&pt=-1&deb=1-0-9-13-12--1-186-3&tvt=1135&op=1&r=v&id=osdim&ti=1&uc=19&tgt=DIV&cl=1&cec=12&clc=0&cac=0&cd=960x0&v=r20180801

Requested by

Host: www.heraldsun.com
URL: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Protocol

SPDY

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Aug 2018 05:30:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 67 B
251 B 378ms
96ms Script
application/javascript 54.243.179.137
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery110203227073341217279_1533274201387&_=1533274201388
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/wps/source/scripts/libs/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Server: 54.243.179.137 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-243-179-137.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ba7134ebd640d6906e9480a6d9a218fbb0d5f7b77e8990527dc57e781ba04079

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:06 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 67
Vary: Origin
Content-Type: application/javascript

GET
S 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 65 KB
22 KB 7ms
7ms Script
application/x-javascript 2600:9000:2047:9000:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/products/escenic.js
Protocol: SPDY
Server: 2600:9000:2047:9000:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 0843ebe439c1f803e889b84f1cdedb3e86844ac8e2dea18023e22c454e25e819

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 02 Aug 2018 18:29:18 GMT
content-encoding: gzip
last-modified: Thu, 07 Jun 2018 02:16:17 GMT
server: nginx
age: 39647
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: SyDBqDyb71px9-6y0MXIbfqYNTpQP2fVs_rCdkJ9QS-e_f7VsVeaTA==
via: 1.1 1d0fc03b30809d10a25a905ba30d8170.cloudfront.net (CloudFront)
expires: Fri, 03 Aug 2018 18:29:18 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 6 KB
3 KB 266ms
88ms Script
application/x-javascript 54.192.37.14
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: media.heraldsun.com
URL: https://media.heraldsun.com/mistats/products/escenic.js
Protocol: HTTP/1.1
Server: 54.192.37.14 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-37-14.jfk1.r.cloudfront.net
Software: nginx /
Resource Hash: 725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Thu, 17 Aug 2017 02:01:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Mar 2014 00:45:07 GMT
Server: nginx
Age: 71884
ETag: W/"53191693-19c1"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 9fab2a39c6d2bda91a3a58e2e1e6133d.cloudfront.net (CloudFront)
Cache-Control: max-age=86400, public
Connection: keep-alive
X-Amz-Cf-Id: Y55Mcpt54-vEhPZg0yKeccP0z0U-Ws3CAEmWzccCIeKxPSpW1DNCqw==
Expires: Fri, 18 Aug 2017 02:01:46 GMT

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/int=%23O... Frame 4001
Redirect Chain

https://bcp.crwdcntrl.net/5/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/int=%...
https://bcp.crwdcntrl.net/5/ct=y/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/...

0
0

40ms
40ms

Document
text/html

54.171.229.6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2366619%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state/int=%23OpR%2367084%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina/int=%23OpR%2367085%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina%20%3A%20article/med=%23OpR%2368729%23Meta%20keyword%20%3A%20bank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders%2Cbank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/7447/cc.js?ns=_cc7447
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.229.6 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-229-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Accept-Encoding: gzip, deflate
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FDFDF487810F40629E9453AE713F2FDC
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 03 Aug 2018 05:30:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 30-Apr-2019 05:30:05 GMT _cc_id=8e1062ff21b62b32cdbb82fbb519fa9;Path=/;Domain=crwdcntrl.net;Expires=Tue, 30-Apr-2019 05:30:05 GMT _cc_cc="ACZ4nGOQt0g1NDAzSkszMkwyM0oyNkpOSUqyMEpLSjI1tExLtGQAgujkF7EMcCD8%2FXCzBON0K4b%2FjIwM1z%2FcEIKx957eyQtjb5lzXgTG7um9CVfzZVMDH4y966AujLkTwXzTcF8Axm5%2FOFscxp5%2BQh3GvLB4DguM%2FfjFcrhjHkztYYSxP362hDEPIym%2FdOoRG4z9Acmmd0hsANazVs4%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 30-Apr-2019 05:30:05 GMT;Max-Age=23328000 _cc_aud="ABR4nGNgYGCITn4RywADTAyMd1VADMa7Z4AkAEjEBLI%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 30-Apr-2019 05:30:05 GMT;Max-Age=23328000
Vary: Accept-Encoding
X-Server: 10.26.21.154
Content-Length: 717
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Fri, 03 Aug 2018 05:30:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://bcp.crwdcntrl.net/5/ct=y/c=7447/rand=664814015/pv=y/int=%23OpR%2366617%23www.heraldsun%20%3A%20Total%20Site%20Traffic/int=%23OpR%2366618%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2366619%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state/int=%23OpR%2367084%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina/int=%23OpR%2367085%23heraldsun.com%20%3A%20Site%20Section%20%3A%20news%20%3A%20state%20%3A%20north-carolina%20%3A%20article/med=%23OpR%2368729%23Meta%20keyword%20%3A%20bank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders%2Cbank%20of%20america%2C%20bofa%2C%20parkland%2C%20guns%2C%20brian%20moynihan%2C%20meeting%2C%20shareholders/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net
X-Server: 10.26.21.117
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
213 B 298ms
100ms Image
image/gif 23.23.255.82
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=heraldsun.com&p=%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&u=DDBV4UBCZ5V0CbTjMO&d=heraldsun.com&g=62447&g0=_Story%2C%7Cheraldsun.com%2Cheraldsun_North%20Carolina&g1=Rick%20Rothacker&n=1&f=00001&c=0&x=0&m=0&y=4242&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=6029&t=DaMATKBvJQHXCw6aDPDOkBbj-po_G&V=106&i=Bank%20of%20America%20CEO%20on%20gun%20violence%3A%20%27We%20have%20to%20help.%27&tz=0&sn=1&sv=DX2NDVkt0KECmLGFAD1EYfbDN9vaf&sd=1&im=06530c53&_
Protocol: HTTP/1.1
Server: 23.23.255.82 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-23-255-82.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content pack Show response
rb.adnxs.com/ 0
412 B 75ms
14ms XHR
text/plain 37.252.167.207
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL: https://rb.adnxs.com/pack?log=log_prebid_events&format=protobuf
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/prebid/c/7543_nc-ky-pa/pb.js
Protocol: HTTP/1.1
Server: 37.252.167.207 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS: 24.ratbait.prod.ams1.adnexus.net
Software: nginx/1.10.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
Origin: https://www.heraldsun.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=utf8

Response headers

Access-Control-Allow-Origin: https://www.heraldsun.com
Date: Fri, 03 Aug 2018 05:30:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.10.1
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Access-Control-Allow-Methods: POST, OPTIONS

GET
H/1.1 200
OK heraldsun.com Show response
srv-2018-08-03-05.config.parsely.com/config/ 397 B
815 B 295ms
99ms Script
text/javascript 52.0.100.49
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://srv-2018-08-03-05.config.parsely.com/config/heraldsun.com
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Server: 52.0.100.49 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-0-100-49.compute-1.amazonaws.com
Software: / Express
Resource Hash: fa2130abbe715e89e9153ffd0d8dac2c3d7b42205a0fd9ec274eeba3159d95f6

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:06 GMT
Cache-Control: private, no-cache
ETag: W/"18d-y9C0e7RN5ko5bd7RIM5xvg"
Connection: keep-alive
X-Powered-By: Express
Content-Length: 397
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK ptrack-v1.1.2-dev.2-engagedtime-slots-video.js Show response
d1z2jf7jlzjs58.cloudfront.net/code/ 51 KB
18 KB 86ms
86ms Script
application/x-javascript 54.192.37.14
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.1.2-dev.2-engagedtime-slots-video.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: HTTP/1.1
Server: 54.192.37.14 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-37-14.jfk1.r.cloudfront.net
Software: nginx /
Resource Hash: 9c95cefc31b3eac79f7f6995e6e2546b4d1ebc45d2de71582fa1b352d130276d

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 01 Aug 2018 16:11:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Aug 2018 15:42:15 GMT
Server: nginx
Age: 134318
ETag: W/"5b61d4d7-cb31"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 9fab2a39c6d2bda91a3a58e2e1e6133d.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000, public
Connection: keep-alive
X-Amz-Cf-Id: 87wWuh4jDL6FZlrI0LEjW-lmUW8Y-wK1o3V_tmeXPHUEhCBcaeyulQ==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK /
srv-2018-08-03-05.pixel.parsely.com/plogger/ 43 B
229 B 373ms
92ms Image
image/gif 52.1.134.178
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2018-08-03-05.pixel.parsely.com/plogger/?rand=1533274206498&plid=4751456&idsite=heraldsun.com&url=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22f3937572-9a69-4ed6-a0c0-34a8023d413a%22%2C%22parsely_site_uuid%22%3A%2200491b47-9063-4985-9de8-c16cf0c1191d%22%7D&sid=1&surl=https%3A%2F%2Fwww.heraldsun.com%2Fnews%2Fstate%2Fnorth-carolina%2Farticle209736429.html&sref=&sts=1533274206489&slts=0&title=Bank+of+America+speaks+on+gun+violence+at+shareholder+meeting+%7C+The+Herald+Sun&date=Fri+Aug+03+2018+05%3A30%3A06+GMT%2B0000+(UTC)&action=pageview&u=00491b47-9063-4985-9de8-c16cf0c1191d
Protocol: HTTP/1.1
Server: 52.1.134.178 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-134-178.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 03 Aug 2018 05:30:06 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 200
OK event.png
tps20226.doubleverify.com/ Frame 7F17 67 B
465 B 28ms
8ms Other
image/png 213.254.244.14
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20226.doubleverify.com/event.png?impid=4623b6abf25245c29c0eb1fbb045b337&dvp_anatd=144&vdur=166&msrjs=234&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1533274207001439
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements234.js
Protocol: HTTP/1.1
Server: 213.254.244.14 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Cache-Control: max-age=0
Origin: https://www.heraldsun.com
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:06 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 8/2/2018 5:30:06 AM

POST
H/1.1 200
OK event.png
tps20226.doubleverify.com/ Frame 7F17 67 B
465 B 19ms
7ms Other
image/png 213.254.244.14
DoubleVerify

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20226.doubleverify.com/event.png?impid=4623b6abf25245c29c0eb1fbb045b337&msrcanlm=906&msrcannum=4&ismms=141&isumms=141&isvelg=1&nvr=2&isbxdms=2341&b0=2428&adhgt=250&adwdth=300&engisel=1&lftb=2428&sftb=2428&msrdp=1&naral=2&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=140&dvp_hdnAd=2000&cbust=1533274208000873
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements234.js
Protocol: HTTP/1.1
Server: 213.254.244.14 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Cache-Control: max-age=0
Origin: https://www.heraldsun.com
Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:07 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://www.heraldsun.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 8/2/2018 5:30:07 AM

GET
H/1.1 200
OK user.sync
media.msg.dotomi.com/w/ 43 B
416 B 82ms
23ms Image
image/gif 2a02:fa8:8805:10::750
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.msg.dotomi.com/w/user.sync
Protocol: HTTP/1.1
Server: 2a02:fa8:8805:10::750 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: Apache/2.2.31 (Unix) mod_apreq2-20090110/2.8.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.heraldsun.com/news/state/north-carolina/article209736429.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Aug 2018 05:30:08 GMT
Server: Apache/2.2.31 (Unix) mod_apreq2-20090110/2.8.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID DEVo TAIo PSAo HISo OTPo OUR DELo BUS COM NAV INT DSP COR"
Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=99819
Content-Length: 43
Expires: 0

Verdicts & Comments Add Verdict or Comment

329 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.teads.tv/	1970-01-19 02:38:43	Name: tt_viewer Value: 44d5e326-c169-4143-9d30-adbb771312c8
.doubleclick.net/	1970-01-19 11:25:46	Name: IDE Value: AHWqTUnj7Lk6rLP7gwhH9--9u19bb5DaiG4jmPy19HNCbjNElywztJVsJQ
.teads.tv/iframe	1970-01-18 17:56:00	Name: tt_liveramp Value:
.teads.tv/iframe	1970-01-18 17:56:00	Name: tt_emetriq Value:
www.heraldsun.com/	1969-12-31 23:59:59	Name: GED_PLAYLIST_ACTIVITY Value: W3sidSI6IndNU00iLCJ0c2wiOjE1MzMyNzQyMDUsIm52IjoxLCJ1cHQiOjE1MzMyNzQyMDEsImx0IjoxNTMzMjc0MjAxfV0.
.teads.tv/iframe	1970-01-18 17:56:00	Name: tt_bluekai Value:
.teads.tv/iframe	1970-01-18 17:56:00	Name: tt_exelate Value:

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://media.heraldsun.com/mistats/finalizestats.js(Line 1450) Message: mistats request queued
console-api	log	URL: https://www.heraldsun.com/wps/build/js/mi-header-23a3b7c7b0.js(Line 3) Message: buildSlots: actual OOM header= true OOM article =true ADINFO override =false pagelevel= story-OOM
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 26) Message: Library Version: [IRIS Adaptive: v1.12.5]
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 26) Message: Library Version: [IRIS Adaptive: v1.12.5]
console-api	log	URL: https://ovp.iris.tv/libs/adaptive/v2/iris.adaptive.js(Line 26) Message: Library Version: [IRIS Adaptive: v1.12.5]
console-api	log	URL: https://media.heraldsun.com/mistats/micb.js(Line 526) Message: done
console-api	log	URL: https://media.heraldsun.com/mistats/products/escenic_s_code.js(Line 146) Message: mistats request sent
console-api	log	URL: https://media.heraldsun.com/mistats/products/escenic_s_code.js(Line 164) Message: mistats request succeeded
console-api	log	URL: https://www.heraldsun.com/wps/source/scripts/libs/identityModulev3.min.js?misv=b7936d5(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
ad.crwdcntrl.net
adservice.google.com
adservice.google.de
api.ipify.org
as-sec.casalemedia.com
assets.adobedtm.com
bcp.crwdcntrl.net
cdn.districtm.io
cdn.doubleverify.com
cdn.relaymedia.com
cdn.teads.tv
cdn3.doubleverify.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
colossusssp.com
connect.facebook.net
csi.gstatic.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
ece-logger.nandomedia.com
edge.api.brightcove.com
edge.quantserve.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
js.matheranalytics.com
mailview.bulletinintelligence.com
manifest.prod.boltdns.net
mcclatchy-d.openx.net
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
media.heraldsun.com
media.msg.dotomi.com
nandomedia.112.2o7.net
ovp.iris.tv
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
prebid.districtm.ca
rb.adnxs.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
srv-2018-08-03-05.config.parsely.com
srv-2018-08-03-05.pixel.parsely.com
static.chartbeat.com
static.mcclatchyinteractive.com
staticxx.facebook.com
sync.teads.tv
t.teads.tv
tags.crwdcntrl.net
thor.rtk.io
tpc.googlesyndication.com
tps.doubleverify.com
tps20226.doubleverify.com
www.charlotteobserver.com
www.facebook.com
www.gomnlt.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com
www.i.matheranalytics.com
www.moonlightingapi-ads.com
104.111.214.103
104.111.219.11
107.178.250.234
151.101.113.108
151.101.130.176
151.101.14.2
166.108.32.238
172.217.16.162
172.217.18.2
172.82.228.19
172.82.228.20
173.241.240.220
18.185.222.18
2.18.232.23
2.18.232.75
2.18.234.163
2.18.234.21
2.18.234.227
213.219.37.124
213.254.244.14
213.254.244.25
216.58.207.34
23.23.255.82
2400:cb00:2048:1::6814:ff3
2400:cb00:2048:1::681c:12e8
2600:9000:201a:400:15:d134:4e40:93a1
2600:9000:2047:7e00:6:44e3:f8c0:93a1
2600:9000:2047:9000:18:1fcd:348:2461
2a00:1450:4001:816::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::2006
2a00:1450:4001:81d::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c0b::5e
2a02:26f0:6c00:182::31c6
2a02:fa8:8805:10::750
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
34.235.178.90
34.248.66.236
34.251.105.46
34.251.196.37
34.251.231.74
34.252.3.209
37.252.167.201
37.252.167.207
37.252.172.40
52.0.100.49
52.1.134.178
52.200.33.142
52.209.50.117
52.216.226.179
52.27.226.96
52.6.138.7
52.85.100.248
54.154.28.106
54.171.229.6
54.192.37.14
54.192.38.110
54.239.18.44
54.243.179.137
54.77.250.122
65.220.57.119
66.117.28.86
69.173.144.141
69.173.144.142
88.214.194.64
93.184.220.113
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0843ebe439c1f803e889b84f1cdedb3e86844ac8e2dea18023e22c454e25e819
0aa369e3653bef006e41d9bdcd5621ffc87877be53e7f2d238f12f9720981b9e
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0ecd21857aa2b3b7a89acbb5addfae9c6bcb3eddf40811e7058ecc6a6bfcd3d5
14b2e195e5a4a218d231728afb4dae574454f528725b259caf3f9d44fa47f298
1529264bb75f897f6910416ae17c1e878a731888dae2b6c3c4db4fe32adcf245
15fb78f5fcd5a3308922cd286a2c38d139e783503536622830d099604c4297df
160b7aa56dbf29ae9d6fda2ddadd4d48f1894b8bb2d7c1b733bce0f40d059ee0
178ccf970e4d1b62e79df9078bae4508a0d39e1c8ed5dd2f977a1dfee7e238aa
1a2e3d45b06026285fdc23fb7cc73bf9639e5a95f7e019dcf3309753b947c921
1ead67088c8b4ba80d4e5765f2060b5713b97f05a2bd865be071df192b4b67dd
214ea8fb2010180998f98d056622e9b254a60f122a53fbc3405cc5bf31dba622
23d9f4d0649916adaf5164fa06937c316415323279db61b9ad05028b49602860
244d3458f0bd1a1bbe200794131df6cf67c1976384a92b6d5e1b009ee5ba8807
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2557c257c561b0d905dd0a836f4d05e0522243163e89cace150d6ade43b91dd1
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2a0211f41f89991336d28dd39ebb403d9ff5b087f56ece99322fff6287c97297
2b566cbf08e6865b3d0cee2d99d4fa0c497afe8eb8ca3c7991f7075f5d794b44
2decb75353bde6e125575da2a76881b886fc06bcee2cb8b43cdd5b269bfdd880
2e3aedf80f888b0105884dad000fc35e2c6606d8b3bea8026efd0d7ec6c19456
324fcd78238de4fa8e2b800b451e568a61143478c04e42b07fbc20186a5d3062
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33188f30ef748eaf507227a364c88060e696bd940d2cf505b02122312e36a790
33dc66f5e09cf83334bcd91a5e903da00f2eb7da03bec78d157a3283a0947ca1
35463ce93e7c820faa404db98d939ff640ae78ca0e29be043861853c9e07c586
35fd4a7c75cfc89ac116385c2f233f0c2144d08ccf9902510edee9f4f1d71572
38a29cd879bb5dbc1ca47c675ce071ac0695b606f8552861fdaabe66efd09914
3bd8625a80d225f81e82f1c7e72be59e50f7811a94d6cb2620db86816c89e3d9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
40e8db13f44571762fa6e5704ca8bb1a73c2cce35e83603e9ac131ab8127db7e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4760de1767829165bdb535d6f70a21d09e1df9182f850bbd045d2de2f0ee318a
4803471fe78d3dd9a757b86b99c2ab0d0a4856593a557cd5a3a05c57cd0250a0
4a0511cec76e6b8ffd80f6bdae32eaee60ffcc43f4a8b41d4b976da1123f1342
4ad354b1656643976aa16bdcb4505bc5d624567f218e897a1654dad1f20817a2
4f7fa13f97d5e0722da4ac5c841c5ce9db18d9a5b8e564582f89f7a2fffa8385
4fdc0dcbf1207df9a74e11259ab607aceb2f23d169b87d29b4ec9c05e366a449
57acef388a037b38756fdd178f355217378fa2a6a9a92d0bd9655e48a9b811cd
58d691bab385679733ace3e3897224239ec3f2550c6e747003cc6fbb8b612ca8
5930e21ac651cb63a774543ec249b036906ec5b556626cfd38b11e9e1b91df07
5a322b10eec6a50a665880462cec2e21b19602d039e835ab63fb7120988649bf
5a58ba34bed301592d50d32ce51e71807daf498091882f26e383d0f735179c7a
5b6da6699e22347ded40584215d759d21842a07be029c95c4886efa3c1385454
5e51390ca0075fb0b7f5640b5148a27e884606ed5f5e1950c70ba39541c684ee
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63fe4f46719695786e48aa0ad0e5a2f9783e0f79c2166cd65b1f4c1316dc8da5
6546ea7bd057a25d0198ff233e30008c8c8f99bcef163ff487a255db68577007
6a06de98354dc692b991b65dcf6fe650d85628702d06aa7ff493a03a3aa4e4da
6b212e78de49a01a4735ccc801d7a5586be7680eca57d20cd957deb54fc920fe
6c4370889ac065737643cb60a4424cb7381c775b8ea95d57e2ce67fc6905b106
6d636eb365fb3f421e0dc0779a92ceb7815a88c9a95b1db0217f97cf0d918650
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79b7f767a98d0f6cc984b9dd1e9b630324cc8f3af9d1dfad5c699f579399af00
7d3b068f04726edc36c3eeb66b5d97c5aa692e418945d20f4f4505706183b3fd
7db6ac37085ce1a347ddf440a1df0a60ed7a74c1b8fb15304b9bbf8570a2537e
805d15b581a5d96b5d5fb2269c08f460ca0dbec8e25a7277ccf0d0451c10ac7d
8104c36250357ff213f58ddf9489aa7eac3ceee084b1386dd24e1e1796251a4b
81c6d740e6770b0b12d351bb03c43c65e68e517ccedf2dd06af9acfd6310b316
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89477b89aa50e0f3c96fc21f41b6a3a52ca9bccfe5c134d0ced9d465079a280c
8b715e41d99bcd803625c7877173411bfce531891697c45af90eea2725350f3d
8cdad38077261b973145430c74c8e216d355eb253cabf1f15795cbf34d176e1e
8eaa9179c31129d8e6174e3125f2e25e8201f6bd83cfa59394af8b91ecf86afe
9108f8dcd5230b0f3ca08d7304f639dad3401bf6b12ca6079b0263d244af75cf
9466b6801f91d6bf4f0670f04eec09a812de5d6e625d30a32188866121208265
95b85bb8d1df27842dbf1623189c97eab76164ddbebd88644d04e5839272916e
999c2d45d7a8ad2f577fa44a4543c2746789a9ffc3f3543034ad3b04ac9ee4b7
99f3ecd6dcebdb421c1c3c38a962ca1129d97205ade80800161e79e020974385
9c3aa1eb0977892df69b31298358aa837fad1f41ac53d4c01dded283de64b231
9c95cefc31b3eac79f7f6995e6e2546b4d1ebc45d2de71582fa1b352d130276d
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f7d29ee331c956ac52ae9168b78fec9964798feef65befadb68dd319ea1e170
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16605b9b8aee2ea4145d1bb1b578421f1ad35be9712cd4c415698d0c4fff411
a28cd485655f6f522141ecac6516ae7a947e4a4d73219614bf2f92fd29a91f49
a30c6140c16226ca8d8a72dbbb8d2997c986bf0d571e81c8822d0bcc0fe2066d
a3343df537c5d3bbd48de93fe8474e17a71a1e45bb2f949febb51d21646eca94
a3441877c2fc6dd47a18a3c4ed932d7a61efda3d221b97ba854ddc330c8d1e90
a41a1673307da837a80b74efb992b8459a303e28f71315b1a3e80c9af2c7d33b
a6b0a7f18ae36142f4846a0a0d68212b37adb0307719d413d19987df50bb998a
a94f3eca2c48d8bdd5516d4e17adad37b978fefc21867a7f817a389fb0305594
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b174642e60d1a7682f2e323e163d99d14305e50e77bfdc520a8cf7529146208a
b253d0931230d578d307fb2af395be591b0e9ec0ec198bd2ce16bbbbf5e178b6
b525214335ddd50139b8cead123523306144018a47e3d4a35f6e5b35f295a8fd
b8d31c0d4c652a208e40e591e94db8baa4d3d2089521a03340be5cb699a2ac2f
ba7134ebd640d6906e9480a6d9a218fbb0d5f7b77e8990527dc57e781ba04079
bb479d2f6b83f17b43d7832514afe52d308b24966cea98c0f39bd35c0c18b1c9
bb528dc0208374ecd613718db87b4fe9bc5f82e029c143ca6e081dd0fb40e92c
be559bd89b616ca664caad092f3f6ceaf0e70fb4fd03ec28db26ff19c990547a
beec98d383e6249c59c306dca3810f332bb8804ef60db6c89f245a3c6fc396ca
c0a75c8b2e966e4285c12268ae517a034c3b9038fa9e70b68a37daff1ba7793a
c1dbf795782351e84364a2e391d94f23d409681e6328a14a3e2c01423d15c6e5
c1e1237338f7b7f71f213041661820f71a1c177fb2513fb4f4ff0d60fc362824
c25a7337693fb3031b81db38ae9d344b198a13b69bda13b261a56cd7581e4790
c4af90a956222345c3845a2d52da953f21a841a9909dd73516776aa693403999
c73c032eb503a7afdaa7de7b34a08088be64cf09391c71da6c894ad7fbe804a1
cb8e130d7e1150c19171a2ea0aff41977813af8b68b6521ff2502f4eccfc5b21
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d3d61ade339d9bb8614e82808c1fca0b1f6c415bd9592be2d070f6feeb05fc
d1c62e09fe0ea7c46fd9f184c0ba9f440bad2ec407245e41a3f9efc6f8f154d4
d2042f11d6be3b4a1c4d5cbb8c0edf0d8857a9de215c29d8e4d38ba354991966
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dae4d33d995616958774b76553c6e7ed2ad69f4aaefb156cf51167fd812d125d
dbb4f70dc6297998c84fb0625ecd14a59d3a4c0b01a1b336cb0fdcabebbaf6ff
dd96583d1c1525e48d9f7ccce5e741a352252297d6395962871d316e71454cc9
def832556381c2984a2ece78370b73e01482041bad46b255879e2db4cb0ff683
e1522b2889bc9764922fb5731fa55b5fedbd12e224e55cff104a1148f0bf4834
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97e28a4547b2b8ea5521c9c95e75389e2757a037ff77e4037995520f79e791b
eb6d031b5abaa41e271dc5f48d831a50e6e36dc3633e24a647d371ffdbe9799b
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ed6ad3c41fd07450891bcb21c80e5bf2a742c6e9415d7ae7caa125edae136650
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb250b2c48812199e6fb52343b2c8eb861f41dc1dce0c95160d0cc6fbf54d53
f2f5186859d13b84e9270f52ca0f14bb9168b1582d0d2acb423efae171220acd
f3298d5c78cb7e927dd5d76d2907c68453cbc5cf3911deab701ba5277b3ceb47
f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a
f561536dc5d2bd18e0ef48e1a8f11a277d725b66de5cc8dffe0d26b82c15f645
f62f9fc6d7dc7b29ebe3d219c4c02aa21218b4af5029d3bfaa62427f63cd587d
fa2130abbe715e89e9153ffd0d8dac2c3d7b42205a0fd9ec274eeba3159d95f6
fbf44b00f5debb1c2319c7cfc0fd6487f6fbb770bca2ea65974f8cbb48603a7b
fc5acc7d345ac66aa2c508b22ef63e0c83c8db4065e93d9c9fc47b22d4afd58b
fcb66426977dd6ccf45b33eaefb97699739694ef2590d2b919e0014d87aff0e1
fd147c0d51c74b137c33d2658705bb4abba4aebc451f6c5144c0f6d8f3da7d2f

www.heraldsun.com Open in urlscan Pro 104.111.219.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

22 %HTTPS

27 %IPv6

52 Domains

76 Subdomains

72 IPs

7 Countries

3309 kBTransfer

7517 kBSize

7 Cookies

41 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldsun.com Open in urlscan Pro
104.111.219.11 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

22 %
HTTPS

27 %
IPv6

52
Domains

76
Subdomains

72
IPs

7
Countries

3309 kB
Transfer

7517 kB
Size

7
Cookies

193 HTTP transactions
8 data transactions