heraldsun.wp.moneyresearchcollective.com Open in urlscan Pro
104.196.140.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://heraldsun.wp.moneyresearchcollective.com/
Submission: On September 01 via automatic, source certstream-suspicious (September 1st 2024, 5:29:06 pm UTC) — Scanned from IT

Summary HTTP 25 Redirects Links 64 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 104.196.140.105, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is heraldsun.wp.moneyresearchcollective.com.
TLS certificate: Issued by R11 on September 1st 2024. Valid for: 3 months.

This is the only time heraldsun.wp.moneyresearchcollective.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.196.140.105 104.196.140.105	15169 (GOOGLE) (GOOGLE)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
2	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
3	23.194.208.20 23.194.208.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
2	104.126.37.136 104.126.37.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	9

7 104.196.140.105 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 105.140.196.104.bc.googleusercontent.com

heraldsun.wp.moneyresearchcollective.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rs.moneyresearchcollective.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.194.208.20 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-194-208-20.deploy.static.akamaitechnologies.com

www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.37.136 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-136.deploy.static.akamaitechnologies.com

api.consumer.pt.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	moneyresearchcollective.com heraldsun.wp.moneyresearchcollective.com rs.moneyresearchcollective.com	111 KB
3	heraldsun.com www.heraldsun.com	56 KB
2	mcclatchy.com api.consumer.pt.mcclatchy.com
2	gstatic.com fonts.gstatic.com	90 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	166 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
25	7

	Domain	Requested by
7	heraldsun.wp.moneyresearchcollective.com	heraldsun.wp.moneyresearchcollective.com
3	www.heraldsun.com	www.googletagmanager.com heraldsun.wp.moneyresearchcollective.com
3	rs.moneyresearchcollective.com	heraldsun.wp.moneyresearchcollective.com
2	api.consumer.pt.mcclatchy.com	www.heraldsun.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	heraldsun.wp.moneyresearchcollective.com www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	heraldsun.wp.moneyresearchcollective.com
25	8

This site contains links to these domains. Also see Links.

Domain
www.heraldsun.com
www.mcclatchy.com
www.moneyresearchcollective.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
heraldsun.wp.moneyresearchcollective.com R11	`2024-09-01` - `2024-11-30`	3 months	crt.sh
moneyresearchcollective.com WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2024-08-22` - `2025-08-22`	a year	crt.sh
api.consumer.pt.mcclatchy.com E5	`2024-07-12` - `2024-10-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://heraldsun.wp.moneyresearchcollective.com/
Frame ID: 2B25DFF463295B59D3C919FAB55FAE6B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Durham Herald Sun

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

25
Requests

84 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

424 kB
Transfer

933 kB
Size

0
Cookies

64 Outgoing links

These are links going to different origins than the main page.

URL: https://www.heraldsun.com/

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money
Title: Home

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/mortgages/
Title: Mortgages

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/insurance/
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/credit-cards/
Title: Credit & Credit Cards

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/loans/
Title: Loans

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/investing/
Title: Investing

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/hottest-cities-buying-selling-homes-2022/
Title: Hottest U.S. Cities for Buying and Selling Homes

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/good-time-to-buy-home-poll/
Title: Is it a Bad Time to Buy a House?

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/how-to-choose-a-mortgage-lender/
Title: How to Choose a Mortgage Lender

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/mortgage-refinance-tips-2022/
Title: Refinancing a Mortgage in 2022

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/turbotax-irs-free-file-2022/
Title: Can You File Taxes for Free With TurboTax?

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/best-job-posting-sites-for-employers/
Title: Best Job Posting Sites for Employers

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/how-to-find-employees/
Title: How to Find Employees

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/credit-card-review-wells-fargo-reflect/
Title: Credit Card Review: Wells Fargo Reflect℠ Card

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/student-loan-borrowers-exit-default-pandemic/
Title: A Pandemic Relief Program Offered Struggling Student Loan Borrowers a Lifeline

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/save-down-payment-or-pay-student-loans/
Title: Down Payment vs. Student Loans: How to Decide Where to Put Your Money

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/neobank-chime-current-varo/
Title: Is It Time to Switch Banks? What to Know About ‘Neobanks’

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/how-to-buy-dogecoin/
Title: How to Buy Dogecoin

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/social-security-check-this-month/
Title: When Social Security Recipients Will Get Their Checks in September

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/average-401k-balance-by-generation-2024/
Title: Here’s the Average 401(k) Balance by Generation — How Do You Stack up?

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/can-trump-flag-lower-property-value/
Title: Can Your Neighbor’s Trump (or Harris) Flag Lower Your Property Value?

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/fed-interest-rate-cut-size-predictions/
Title: How Low Will Interest Rates Go? Experts Predict the Fed’s Upcoming Cut

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/retirement-fears-middle-class-workers/
Title: The 5 Biggest Retirement Fears for Middle-Class Workers

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/best-no-appraisal-home-equity-loans/
Title: Best No-Appraisal Home Equity Loans

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/lowest-property-taxes-by-county-2024/
Title: These 20 Places Have the Lowest Property Taxes in the Country

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/donald-trump-kamala-harris-social-security-medicare/
Title: Where Do Donald Trump and Kamala Harris Stand on Social Security and Medicare?

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/hourly-house-rentals-for-production/
Title: These People Make $250 an Hour Renting Out Their Homes for Commercial Shoots

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/save-money-netflix-disney-streaming/
Title: How to Save Money on Netflix, Disney+ and More (Without Just Canceling Your Subscription)

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/lower-agent-fees-increase-home-prices/
Title: New Rules to Lower Real Estate Agent Fees Could Actually Increase Home Prices

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/mortgages
Title: More in Mortgages

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/home-insurance-what-happens-no-coverage/
Title: More People Are Skipping Home Insurance to Save Money — and It Could Backfire

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/how-does-car-insurance-work/
Title: How Does Car Insurance Work?

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/best-rv-trips-in-the-us/
Title: Best RV Trips in the U.S.

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/how-to-rent-an-rv/
Title: How to Rent an RV

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/home-insurance-deductible-increase-save-money/
Title: Homeowners Are Increasing Insurance Deductibles to $5,000 or More to Save Money

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/insurance
Title: More in Insurance

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/credit-card-for-child-authorized-user/
Title: Why My 2-Year-Old Has a Travel Credit Card

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/average-credit-card-balance-increase-transunion/
Title: America’s Credit Card Crisis: Here’s How High the Average Balance Is Now

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/credit-card-delinquencies-high-federal-reserve/
Title: Credit Card Delinquencies Reach Highest Level in Over a Decade

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/cool-credit-card-design-trends/
Title: Your Next Credit Card Might Be Metal With Flashing LED Lights

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/how-to-choose-a-credit-card/
Title: How to Choose the Best Credit Card for You

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/credit-cards
Title: More in Credit & Credit Cards

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/two-year-college-worth-the-money/
Title: Here’s the Kind of College That Most Americans Think Is Actually Worth the Money

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/no-income-tax-states-expensive/
Title: Why States With No Income Tax Aren’t as Affordable as They Seem

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/gen-z-college-choices/
Title: Affordability or Culture Fit? Gen Z Students Want Both in a College

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/ways-parents-pay-for-college/
Title: 10 Strategies Parents Are Using to Pay for Their Kids’ College

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/is-college-worth-the-money-2024/
Title: Only 1 in 5 People Think College Is Worth the Money if You Need Student Loans

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/loans
Title: More in Loans

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/bitcoin-millionaires-increase-best-year-crypto/
Title: The Number of Bitcoin Millionaires Doubled in the Last Year

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/category/investing
Title: More in Investing

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/miami-herald/
Title: About McClatchy

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/archives/
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/betting/
Title: Sports Betting

Search URL Search Domain Scan URL

URL: https://www.moneyresearchcollective.com/eu-data-request?site=heraldsun.com
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/privacy/#privacy-notice-for-california-residents
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/insurance-licenses/
Title: Licenses & Disclosures

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/disclaimer/
Title: How We Make Money

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theheraldsun

Search URL Search Domain Scan URL

URL: http://twitter.com/TheHerald_Sun

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DurhamHeraldSun

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com/money/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
heraldsun.wp.moneyresearchcollective.com/ 49 KB
9 KB 1802ms
982ms Document
text/html 104.196.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldsun.wp.moneyresearchcollective.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.140.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 105.140.196.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: de7e7711bf8b378960f829e19fde5f86a9928d1259c82ae46f91d4b94ae8656f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 01 Sep 2024 17:28:58 GMT
link: <https://heraldsun.wp.moneyresearchcollective.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 3
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 style.css
heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/ 33 KB
7 KB 193ms
187ms Stylesheet
text/css 104.196.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/style.css?ver=0.1.71
Requested by: Host: heraldsun.wp.moneyresearchcollective.com
URL: https://heraldsun.wp.moneyresearchcollective.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.140.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 105.140.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: de7ee30ad5ad6c16a1206cedd426013cda27e1502206d010322c321d16d3d8b0

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:28:59 GMT
content-encoding: br
last-modified: Fri, 19 Jul 2024 02:37:18 GMT
server: nginx
etag: W/"6699d15e-832f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 heraldsun-logo.svg
heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/ 7 KB
3 KB 313ms
307ms Image
image/svg+xml 104.196.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/heraldsun-logo.svg
Requested by: Host: heraldsun.wp.moneyresearchcollective.com
URL: https://heraldsun.wp.moneyresearchcollective.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.140.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 105.140.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:28:59 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 05:24:23 GMT
server: nginx
etag: W/"62453b07-1c45"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 media-temp-2T9BAUFjnJfXhTkGU46VgA20240830-619-1pk0ws6-1024x683.webp
rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/27/2024/08/30110839/ 59 KB
59 KB 1206ms
701ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/27/2024/08/30110839/media-temp-2T9BAUFjnJfXhTkGU46VgA20240830-619-1pk0ws6-1024x683.webp
Requested by: Host: heraldsun.wp.moneyresearchcollective.com
URL: https://heraldsun.wp.moneyresearchcollective.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5451a1ccbb7fe19d46217e825fe945084a842f4b798709c301c3a8fdb7ebe6

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:00 GMT
via: 1.1 9c0ce977a13f3d9bbc6eed6540faf728.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 60272
last-modified: Fri, 30 Aug 2024 18:08:41 GMT
server: cloudflare
etag: "05fef5c1fc26f01a6174eefa25dd4d8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1aFbTxSRPxGQrjt7k9WBGsvDrRwBi8oHaSQEcm7ugp%2Ft6zgVYuXzeIyhTj0gonBBWEZRoQOrezh7DYPGDbb8RmKEXaOuG8NR0W1FM6GUJJTMY8Itr4l9DlTZxRhHvslXaEtv%2BI0AogcV%2BqA%2BZo9BkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8bc6fadffc12bc5a-ZRH
x-amz-cf-id: VkgdX_hPQqBlp6DuK6Wh33ZLEFy-OyZ-Hv6oc32fgo7tIL5xJfFD8Q==

GET
H2 200 media-temp-BtEcMbSV57Q8LUsp9ZDJDg20240829-619-1mpmxuh-300x200.webp
rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/27/2024/08/29110826/ 14 KB
14 KB 736ms
547ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/27/2024/08/29110826/media-temp-BtEcMbSV57Q8LUsp9ZDJDg20240829-619-1mpmxuh-300x200.webp
Requested by: Host: heraldsun.wp.moneyresearchcollective.com
URL: https://heraldsun.wp.moneyresearchcollective.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54ace3d20b21daf9827340b9d86ec1daef68806c8a22f3f4bc6baa13b6349c7b

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:00 GMT
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13952
last-modified: Thu, 29 Aug 2024 18:08:28 GMT
server: cloudflare
etag: "a47b26c6ee6f80d6b6682cb15f839059"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQTCQKdrT1BGhIVy8gdPSnmeUHAQoH6%2FkEcqxA2cl4uVjHFrqS1vL6kqQEPsDkGO90rRf2T4tExNh%2BA9ksffEAJmBmvqcNRNkDZU2Z6r50wl2OhHpjVHWkY0EgEcwORMz9a0LMOnH8b1qa9jwe0Z9II%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8bc6fadffc16bc5a-ZRH
x-amz-cf-id: ccshaxghkcFYUZSN6frjS8e38Tx8sDhce8ILD7TgxtqAuht4QvTZiw==

GET
H2 200 media-temp-OUxIMVf_b-vL9rN4wXXeJg20240629-619-ue18kp-300x200.jpg
rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/27/2024/06/28182912/ 12 KB
12 KB 563ms
561ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/27/2024/06/28182912/media-temp-OUxIMVf_b-vL9rN4wXXeJg20240629-619-ue18kp-300x200.jpg
Requested by: Host: heraldsun.wp.moneyresearchcollective.com
URL: https://heraldsun.wp.moneyresearchcollective.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2058d7d8e23dfa8dd39ed5a9d91c83ebec4cee292a6cae9a03c7388590bc7dd1

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:00 GMT
via: 1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12238
last-modified: Sat, 29 Jun 2024 01:29:13 GMT
server: cloudflare
etag: "03430dfeca6bbf96d62689b0059adb17"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hn9jK06rkRO6DzobKiBtimU9KrKv5bNr2vn0Tk5ScE%2BhOJvE%2BiK6wQowVTBlKjVhCDwDPB93VVnlADm0%2BzuZ81TqmZfNN8j%2BoZYPArN%2B4TjsZji8x0q%2B%2FI%2FMP39S33pyeSzJxKRA0MPmn7obgYoB4J8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8bc6fae1dec8bc5a-ZRH
x-amz-cf-id: VyTL5Y7hyswaX6kQsSpnswvXkKwz7qnhMBWUv8nVklg1eJKGsFUZ3Q==

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 612ms
77ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Noto+Serif:wght@400;700&display=swap

Requested by

Host: heraldsun.wp.moneyresearchcollective.com
URL: https://heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/style.css?ver=0.1.71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

9ba2b276a9450c310c12ea62dc78e084fb6a0f8b9281c4031ff5d2ca3dd819cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 01 Sep 2024 17:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 01 Sep 2024 17:29:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 01 Sep 2024 17:29:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
70 KB 580ms
83ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSGDSHF

Requested by

Host: heraldsun.wp.moneyresearchcollective.com
URL: https://heraldsun.wp.moneyresearchcollective.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

061141048864a62b22165df6be5402d821acaf5f745fa667cc787b0e3e1b902b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71604
x-xss-protection: 0
last-modified: Sun, 01 Sep 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 01 Sep 2024 17:29:00 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 574ms
119ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Noto+Serif:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heraldsun.wp.moneyresearchcollective.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 15:25:28 GMT
x-content-type-options: nosniff
age: 93812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 15:25:28 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
48 KB 502ms
48ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Noto+Serif:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heraldsun.wp.moneyresearchcollective.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 19:12:26 GMT
x-content-type-options: nosniff
age: 80194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 19:12:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 80ms
79ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z8VKR4PMEJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSGDSHF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

55a8aad34f103083079df5e1b305d8d32fe160580b4e3b430c4822ffc7dee59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 01 Sep 2024 17:29:01 GMT

GET
H2 200 heraldsuncore.js Show response
www.heraldsun.com/static/yozons-lib/ 90 KB
29 KB 826ms
567ms Script
application/javascript 23.194.208.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/heraldsuncore.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSGDSHF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.208.20 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-208-20.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b7e171322bb0ce7e727eca154d02aeac889add8438a9583d787d2ff65e807b50

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:01 GMT
content-encoding: gzip
new-varnish2: true
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1725211741270_3090373288_133810303_48757_7890_39_139_146";dur=1
content-length: 29458
new-varnish: true
last-modified: Wed, 28 Aug 2024 04:40:57 GMT
server: MI
etag: W/"16809-620b6f6cc8840"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 933855734, 57082668
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=292
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 516ms
54ms Fetch
text/plain 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z8VKR4PMEJ&gtm=45je48s0v876436133z8861688966za200zb861688966&_p=1725211740430&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1267676926.1725211741&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725211741&sct=1&seg=0&dl=https%3A%2F%2Fheraldsun.wp.moneyresearchcollective.com%2F&dt=Durham%20Herald%20Sun&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3486
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z8VKR4PMEJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Sep 2024 17:29:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heraldsun.wp.moneyresearchcollective.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 graphql
api.consumer.pt.mcclatchy.com/ 0
0 759ms
215ms Preflight 104.126.37.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consumer.pt.mcclatchy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-136.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heraldsun.wp.moneyresearchcollective.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-mcc-identity, x-mcc-device
access-control-allow-methods: GET, PATCH, POST, PUT
alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
date: Sun, 01 Sep 2024 17:29:02 GMT
expires: Sun, 01 Sep 2024 17:29:02 GMT
pragma: no-cache
server-timing: ak_p; desc="1725211742486_1753097604_1380750591_11320_15674_17_113_219";dur=1
strict-transport-security: max-age=63072000
vary: Origin

POST graphql
api.consumer.pt.mcclatchy.com/ 0
0

GET
BLOB 200
OK b2c9a3c8-bf94-480e-a739-82cbd848501d Show response
https://heraldsun.wp.moneyresearchcollective.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldsun.wp.moneyresearchcollective.com/b2c9a3c8-bf94-480e-a739-82cbd848501d
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/heraldsuncore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60b06c24f85c213e9d29beed9b55e640e4c1aa1721f2c4e7e3b065472e593ef1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 danelei.7b5e980be187027497c2.js Show response
www.heraldsun.com/static/yozons-lib/ 82 KB
23 KB 80ms
80ms Script
application/javascript 23.194.208.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/danelei.7b5e980be187027497c2.js
Requested by: Host: heraldsun.wp.moneyresearchcollective.com
URL: blob:https://heraldsun.wp.moneyresearchcollective.com/b2c9a3c8-bf94-480e-a739-82cbd848501d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.208.20 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-208-20.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6183ad99d6b0066b4c712fd5e351b121daf19060112035c74e75e8dcb59aacd1

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:02 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 26407
x-cachebust
server-timing: ak_p; desc="1725211742083_3090373288_133810609_405_8310_35_0_146";dur=1
content-length: 22871
new-varnish3: true
last-modified: Wed, 28 Aug 2024 04:40:51 GMT
server: MI
etag: W/"14793-620b6f670fac0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 758940062, 194647342 86824765
new-varnish4: true
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
cache-control: max-age=240124
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST graphql
api.consumer.pt.mcclatchy.com/ 0
0

OPTIONS
H2 204 graphql
api.consumer.pt.mcclatchy.com/ 0
0 632ms
226ms Preflight 104.126.37.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.consumer.pt.mcclatchy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-136.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heraldsun.wp.moneyresearchcollective.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-mcc-identity, x-mcc-device
access-control-allow-methods: GET, PATCH, POST, PUT
alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
date: Sun, 01 Sep 2024 17:29:02 GMT
expires: Sun, 01 Sep 2024 17:29:02 GMT
pragma: no-cache
server-timing: ak_p; desc="1725211742615_1753097604_1380750592_13039_15639_17_113_219";dur=1
strict-transport-security: max-age=63072000
vary: Origin

GET
H2 200 favicon-196.png
heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/ 2 KB
2 KB 271ms
270ms Other
image/png 104.196.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/favicon-196.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.140.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 105.140.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c578a60d9b4c3fff62bcf047e038df8c6effce895a0741638682fdef1a8291a0

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:02 GMT
last-modified: Thu, 14 Apr 2022 07:47:04 GMT
server: nginx
etag: "6257d178-76e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1902

GET
H2 200 favicon-96.png
heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/ 1 KB
1 KB 177ms
177ms Other
image/png 104.196.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/favicon-96.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.140.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 105.140.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3284b161bf9c28e49cbba9913c6e6a538f2d497001a3e640e7db7890c62c141c

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:02 GMT
last-modified: Thu, 14 Apr 2022 07:47:04 GMT
server: nginx
etag: "6257d178-400"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1024

GET
H2 200 favicon-32.png
heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/ 353 B
554 B 202ms
201ms Other
image/png 104.196.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.140.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 105.140.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4354d9090641621c2d0f03bdec6d90a94f3d165eee517e7427b4306f4b690425

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:02 GMT
last-modified: Thu, 14 Apr 2022 07:47:04 GMT
server: nginx
etag: "6257d178-161"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 353

GET
BLOB 200
OK 028ec128-c3fd-4ce9-8e08-cd6acdbc4044 Show response
https://heraldsun.wp.moneyresearchcollective.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldsun.wp.moneyresearchcollective.com/028ec128-c3fd-4ce9-8e08-cd6acdbc4044
Requested by: Host: www.heraldsun.com
URL: https://www.heraldsun.com/static/yozons-lib/heraldsuncore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d3bf9ab3dbfaa8c4a3e0f43ed45a8e468bdfa9402f32fb6b44098ea17b1f8f2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 naeliya.7b5e980be187027497c2.js Show response
www.heraldsun.com/static/yozons-lib/ 9 KB
4 KB 82ms
82ms Script
application/javascript 23.194.208.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldsun.com/static/yozons-lib/naeliya.7b5e980be187027497c2.js
Requested by: Host: heraldsun.wp.moneyresearchcollective.com
URL: blob:https://heraldsun.wp.moneyresearchcollective.com/028ec128-c3fd-4ce9-8e08-cd6acdbc4044
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.208.20 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-194-208-20.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8620c9a4fac285416970cd1a81ac3bd2581934e98d6deff1848f125e885f9df0

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:02 GMT
content-encoding: gzip
new-varnish2: true
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 52470
x-cachebust
server-timing: ak_p; desc="1725211742829_3090373288_133810994_1202_7173_30_0_146";dur=1
content-length: 3332
last-modified: Wed, 28 Aug 2024 04:40:51 GMT
server: MI
etag: W/"251f-620b6f670fac0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1037533912 829981197
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=266012
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 favicon-16.png
heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/ 1 KB
2 KB 224ms
224ms Other
image/png 104.196.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldsun.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/heraldsun/favicon-16.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.196.140.105 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 105.140.196.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b05daf4c3d1555d36a802c7905e68e82c8ee96580759ab4afebb2dfa547d498

Request headers

Referer: https://heraldsun.wp.moneyresearchcollective.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 17:29:03 GMT
last-modified: Thu, 14 Apr 2022 07:47:04 GMT
server: nginx
etag: "6257d178-58d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1421

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.consumer.pt.mcclatchy.com
URL: https://api.consumer.pt.mcclatchy.com/graphql

Domain: api.consumer.pt.mcclatchy.com
URL: https://api.consumer.pt.mcclatchy.com/graphql

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://heraldsun.wp.moneyresearchcollective.com/ Message: Access to fetch at 'https://api.consumer.pt.mcclatchy.com/graphql' from origin 'https://heraldsun.wp.moneyresearchcollective.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.consumer.pt.mcclatchy.com/graphql Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://heraldsun.wp.moneyresearchcollective.com/ Message: Access to fetch at 'https://api.consumer.pt.mcclatchy.com/graphql' from origin 'https://heraldsun.wp.moneyresearchcollective.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.consumer.pt.mcclatchy.com/graphql Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.consumer.pt.mcclatchy.com
fonts.googleapis.com
fonts.gstatic.com
heraldsun.wp.moneyresearchcollective.com
rs.moneyresearchcollective.com
www.google-analytics.com
www.googletagmanager.com
www.heraldsun.com
api.consumer.pt.mcclatchy.com
104.126.37.136
104.196.140.105
142.250.184.202
142.250.185.168
142.250.185.227
188.114.97.3
216.58.212.142
23.194.208.20
061141048864a62b22165df6be5402d821acaf5f745fa667cc787b0e3e1b902b
2058d7d8e23dfa8dd39ed5a9d91c83ebec4cee292a6cae9a03c7388590bc7dd1
2d3bf9ab3dbfaa8c4a3e0f43ed45a8e468bdfa9402f32fb6b44098ea17b1f8f2
3284b161bf9c28e49cbba9913c6e6a538f2d497001a3e640e7db7890c62c141c
4354d9090641621c2d0f03bdec6d90a94f3d165eee517e7427b4306f4b690425
54ace3d20b21daf9827340b9d86ec1daef68806c8a22f3f4bc6baa13b6349c7b
55a8aad34f103083079df5e1b305d8d32fe160580b4e3b430c4822ffc7dee59a
5b05daf4c3d1555d36a802c7905e68e82c8ee96580759ab4afebb2dfa547d498
60b06c24f85c213e9d29beed9b55e640e4c1aa1721f2c4e7e3b065472e593ef1
6183ad99d6b0066b4c712fd5e351b121daf19060112035c74e75e8dcb59aacd1
6d5451a1ccbb7fe19d46217e825fe945084a842f4b798709c301c3a8fdb7ebe6
8620c9a4fac285416970cd1a81ac3bd2581934e98d6deff1848f125e885f9df0
8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200
9ba2b276a9450c310c12ea62dc78e084fb6a0f8b9281c4031ff5d2ca3dd819cd
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
b7e171322bb0ce7e727eca154d02aeac889add8438a9583d787d2ff65e807b50
c578a60d9b4c3fff62bcf047e038df8c6effce895a0741638682fdef1a8291a0
de7e7711bf8b378960f829e19fde5f86a9928d1259c82ae46f91d4b94ae8656f
de7ee30ad5ad6c16a1206cedd426013cda27e1502206d010322c321d16d3d8b0
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

heraldsun.wp.moneyresearchcollective.com Open in urlscan Pro 104.196.140.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

84 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

424 kBTransfer

933 kBSize

0 Cookies

64 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

heraldsun.wp.moneyresearchcollective.com Open in urlscan Pro
104.196.140.105 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

84 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

424 kB
Transfer

933 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions