heraldposts.com Open in urlscan Pro
172.67.221.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heraldposts.com/
Effective URL:
https://heraldposts.com/
Submission: On May 16 via manual (May 16th 2024, 11:54:12 am UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 13 domains to perform 67 HTTP transactions. The main IP is 172.67.221.55, located in United States and belongs to CLOUDFLARENET, US. The main domain is heraldposts.com.
TLS certificate: Issued by E1 on April 14th 2024. Valid for: 3 months.

This is the only time heraldposts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	172.67.221.55 172.67.221.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	104.16.202.119 104.16.202.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:26d... 2600:9000:26da:b800:3:7df3:55c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	34.149.139.129 34.149.139.129	15169 (GOOGLE) (GOOGLE)
1	172.66.40.43 172.66.40.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	54.77.42.245 54.77.42.245	16509 (AMAZON-02) (AMAZON-02)
1	172.67.75.135 172.67.75.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.16.203.119 104.16.203.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.149.245 172.64.149.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	18

33 172.67.221.55 (United States)

ASN13335 (CLOUDFLARENET, US)

heraldposts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

widget.adcovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.202.119 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:b800:3:7df3:55c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.139.129 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 129.139.149.34.bc.googleusercontent.com

decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.43 (United States)

ASN13335 (CLOUDFLARENET, US)

dotsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.42.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-42-245.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.135 (United States)

ASN13335 (CLOUDFLARENET, US)

asmedia.adsupplyssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.203.119 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

engine.4dsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.245 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

digiadsply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	heraldposts.com heraldposts.com	1 MB
10	4dsply.com 1 redirects cdn.engine.4dsply.com — Cisco Umbrella Rank: 37736 engine.4dsply.com — Cisco Umbrella Rank: 32479	447 KB
5	gstatic.com fonts.gstatic.com	172 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 www.googleapis.com — Cisco Umbrella Rank: 24 ajax.googleapis.com — Cisco Umbrella Rank: 380	10 KB
3	decide.dev cdn2.decide.dev — Cisco Umbrella Rank: 34664 decide.dev — Cisco Umbrella Rank: 25299	5 KB
2	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 983	531 B
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 236614	1001 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2906 pixel.wp.com — Cisco Umbrella Rank: 2883	3 KB
2	adcovery.com 1 redirects widget.adcovery.com — Cisco Umbrella Rank: 63468	39 KB
1	digiadsply.com digiadsply.com — Cisco Umbrella Rank: 106068	136 KB
1	adsupplyssl.com asmedia.adsupplyssl.com — Cisco Umbrella Rank: 262201	3 KB
1	dotsply.com dotsply.com — Cisco Umbrella Rank: 43843
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	51 KB
67	13

	Domain	Requested by
33	heraldposts.com	heraldposts.com
7	cdn.engine.4dsply.com	heraldposts.com cdn.engine.4dsply.com
5	fonts.gstatic.com	fonts.googleapis.com
3	engine.4dsply.com	1 redirects cdn.engine.4dsply.com
3	fonts.googleapis.com	heraldposts.com ajax.googleapis.com
2	bcp.crwdcntrl.net	heraldposts.com
2	rddywd.com	heraldposts.com
2	cdn2.decide.dev	heraldposts.com
2	widget.adcovery.com	1 redirects heraldposts.com
1	digiadsply.com
1	asmedia.adsupplyssl.com	heraldposts.com
1	ajax.googleapis.com	cdn.engine.4dsply.com
1	dotsply.com	cdn.engine.4dsply.com
1	decide.dev	cdn2.decide.dev
1	pixel.wp.com	heraldposts.com
1	www.googleapis.com	heraldposts.com
1	pagead2.googlesyndication.com	heraldposts.com
1	stats.wp.com	heraldposts.com
67	18

This site contains links to these domains. Also see Links.

Domain
engine.4dsply.com
cdn.engine.4dsply.com

Subject Issuer	Validity	Valid
heraldposts.com E1	`2024-04-14` - `2024-07-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
4dsply.com E1	`2024-04-28` - `2024-07-27`	3 months	crt.sh
*.decide.dev Amazon RSA 2048 M02	`2023-11-26` - `2024-12-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
rddywd.com E1	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
decide.dev GTS CA 1D4	`2024-03-31` - `2024-06-30`	3 months	crt.sh
dotsply.com GTS CA 1P5	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
adsupplyssl.com E1	`2024-04-29` - `2024-07-28`	3 months	crt.sh
digiadsply.com Cloudflare Inc ECC CA-3	`2024-01-14` - `2024-12-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://heraldposts.com/
Frame ID: 263457B7E0C913836DDB6FEEBB481C6B
Requests: 68 HTTP requests in this frame

Frame: https://decide.dev/lad/16381466614649958?pubid=ld-16381466614649958&pubo=https%3A%2F%2Fheraldposts.com&rid=&width=1560&path=%2F&x=-100779&y=101199&embed_type=2&embed_frame_container_type=3
Frame ID: EE0D06A9A74734B46015BB7853EFFC18
Requests: 1 HTTP requests in this frame

Frame: https://dotsply.com/pixel/fetch
Frame ID: 961CDF4F4D74C00C72BEDF982A1D5AD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Herald Posts – Viral Stories That Matter Most

Page URL History Show full URLs

http://heraldposts.com/ HTTP 307
https://heraldposts.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

67
Requests

96 %
HTTPS

29 %
IPv6

13
Domains

18
Subdomains

18
IPs

5
Countries

2189 kB
Transfer

4088 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://engine.4dsply.com/clicktag.engine?MediaId=129125&PId=113408&SiteId=22610&rand=0.429912824383896&ZoneId=81356&v=vGRy2lBFVoL7u6hdXpKPshE1rUpKr_MG5NVo4gtvgS5j1CiLujjDwgRQvqLD5lLRM3KWUGYTAYNooC-xNBl8G1W89ms4QQhdtch0eDr-t9mzbhTA07VwBUzKziVY29BbaCcWDwYp61NiMeSoQzQncEZDtvhvzYl4q69pE-_pRO6bx_hINXshy79m7sUcknqqs3XBZL_5joxHv942xFkp7s1UsFphc-X0gJvFBLHPiquyNoy4UpEs2ZVOiM4iUd9P4fvHO5aIGxf0ntuOnieXmKUPRcsk8ZDdlV161ODMHAN3wD9Ld8Dnhd5kWPVMkrOCjs83-sFq8LD0G5-sgoyl1Nv77HOO-KRFDaTpPBuk-DxuYTI8aYGH2EHgwDhU98eIIcjgbPW9qNKZC2hLBmXQWGhjA_H6Hgq7xUepcXYP4wR3I1Jh--gMYDNUgTTMD7CNTYYzI9xsGaAvC-vYJlp0YqvTozWuRLeP94eTyUmO5JEcnahUOKTI3PjZAFDYGf7qaKdRgDkQO7yignEr-HkHhLsvpkhuqpktn_krudA9LpI9tpJFVrPq7NEm-PQAX-DHWbSuVhi1Mkt-p4HQcp3PVNSv4GomEEIsESyn13EWos7sZc-HH5Z5gNYODeu_BZQELa02LH_oYOtfO5tb8zrfre-kzk4Jg953CV2kPO7A2oNUfBHnbAugfPw8yphylEcmQsP6WXANB2EM8tMaiM5XbCHUlM0rvmCt9G1S9tl7i4XDGD-kMxfc2Y7tl1WGAItraI94lAOI8oVboqxgB44priFPj_DEMdoUTNRFuQWfT8ZrrKYdqqdJCYNO-3r8x7rHHQMJ_sTQcuy9nW0wqOfyvlq7JaXpxJvqlUho203vDMIGNeBiNpckZ-QEwylf7LESTHUZGK59rR3x-GUvyOWtf1e4RQULWxWOmSAGiW2BVV0jt7xSoMTbKvC6M6sNR7VpW29V04RBUKbVKddYDS1g-xSFWSulSYsLRYP4jQXJbUqSWa_ywkBXMiFOPSULCNCUfsO8P6KkPLvyxh5qRAEANQ2&res=1600x1200&dcid=1_ctx_b0104e40-7135-4e52-884d-e5d18a31412b&tzo=&dst=&abr=&kw=
Title: Elon Musk Under Fire After Shocking Announcement Elon Musk Under Fire After Shocking Announcement heraldposts.com Find Out More

Search URL Search Domain Scan URL

URL: https://cdn.engine.4dsply.com/report?at=eyJhbiI6IlNsaWJlIEdyb3VwIC8gQ3VycmVueGllIExpbWl0IiwiYWMiOiJIb25nIEtvbmciLCJ0ciI6WzEsMiwzXSwiZyI6dHJ1ZX0=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heraldposts.com/ HTTP 307
https://heraldposts.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://widget.adcovery.com/script/13457 HTTP 302
https://widget.adcovery.com/script/DE/1/13457

Request Chain 62

https://engine.4dsply.com/Redirect.eng?MediaSegmentId=78996&dcid=1_ctx_b0104e40-7135-4e52-884d-e5d18a31412b&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=60&dst=True&v=vGRy2lBFVoL7u6hdXpKPshE1rUpKr_MG5NVo4gtvgS5j1CiLujjDwgRQvqLD5lLRM3KWUGYTAYNooC-xNBl8G1W89ms4QQhdtch0eDr-t9mzbhTA07VwBUzKziVY29BbaCcWDwYp61NiMeSoQzQncEZDtvhvzYl4q69pE-_pRO6bx_hINXshy79m7sUcknqqs3XBZL_5joxHv942xFkp7s1UsFphc-X0gJvFBLHPiquyNoy4UpEs2ZVOiM4iUd9P4fvHO5aIGxf0ntuOnieXmKUPRcsk8ZDdlV161ODMHAN3wD9Ld8Dnhd5kWPVMkrOCjs83-sFq8LD0G5-sgoyl1Nv77HOO-KRFDaTpPBuk-DxuYTI8aYGH2EHgwDhU98eIIcjgbPW9qNKZC2hLBmXQWGhjA_H6Hgq7xUepcXYP4wR3I1Jh--gMYDNUgTTMD7CNTYYzI9xsGaAvC-vYJlp0YqvTozWuRLeP94eTyUmO5JEcnahUOKTI3PjZAFDYGf7qaKdRgDkQO7yignEr-HkHhLsvpkhuqpktn_krudA9LpI9tpJFVrPq7NEm-PQAX-DHWbSuVhi1Mkt-p4HQcp3PVNSv4GomEEIsESyn13EWos7sZc-HH5Z5gNYODeu_BZQELa02LH_oYOtfO5tb8zrfre-kzk4Jg953CV2kPO7A2oNUfBHnbAugfPw8yphylEcmQsP6WXANB2EM8tMaiM5XbCHUlM0rvmCt9G1S9tl7i4XDGD-kMxfc2Y7tl1WGAItraI94lAOI8oVboqxgB44priFPj_DEMdoUTNRFuQWfT8ZrrKYdqqdJCYNO-3r8x7rHHQMJ_sTQcuy9nW0wqOfyvlq7JaXpxJvqlUho203vDMIGNeBiNpckZ-QEwylf7LESTHUZGK59rR3x-GUvyOWtf1e4RQULWxWOmSAGiW2BVV0jt7xSoMTbKvC6M6sNR7VpW29V04RBUKbVKddYDS1g-xSFWSulSYsLRYP4jQXJbUqSWa_ywkBXMiFOPSULCNCUfsO8P6KkPLvyxh5qRAEANQ2&kw=&mw=800&mh=600&at=eyJhbiI6IlNsaWJlIEdyb3VwIC8gQ3VycmVueGllIExpbWl0IiwiYWMiOiJIb25nIEtvbmciLCJ0ciI6WzEsMiwzXSwiZyI6dHJ1ZX0=&abr=false&res=1600x1200 HTTP 302
https://engine.4dsply.com/mediahosting.engine?MediaId=129125&AId=12674&CId=56235&PId=113408&SiteId=22610&ZoneId=81356&vm=vGRy2lBFVoL7u6hdXpKPshE1rUpKr_MG5NVo4gtvgS5j1CiLujjDwgRQvqLD5lLRM3KWUGYTAYNooC-xNBl8G1W89ms4QQhdtch0eDr-t9mzbhTA07VwBUzKziVY29BbaCcWDwYp61NiMeSoQzQncEZDtvhvzYl4q69pE-_pRO6bx_hINXshy79m7sUcknqqs3XBZL_5joxHv942xFkp7s1UsFphc-X0gJvFBLHPiquyNoy4UpEs2ZVOiM4iUd9P4fvHO5aIGxf0ntuOnieXmKUPRcsk8ZDdlV161ODMHAN3wD9Ld8Dnhd5kWPVMkrOCjs83-sFq8LD0G5-sgoyl1Nv77HOO-KRFDaTpPBuk-DxuYTI8aYGH2EHgwDhU98eIIcjgbPW9qNKZC2hLBmXQWGhjA_H6Hgq7xUepcXYP4wR3I1Jh--gMYDNUgTTMD7CNTYYzI9xsGaAvC-vYJlp0YqvTozWuRLeP94eTyUmO5JEcnahUOKTI3PjZAFDYGf7qaKdRgDkQO7yignEr-HkHhLsvpkhuqpktn_krudA9LpI9tpJFVrPq7NEm-PQAX-DHWbSuVhi1Mkt-p4HQcp3PVNSv4GomEEIsESyn13EWos7sZc-HH5Z5gNYODeu_BZQELa02LH_oYOtfO5tb8zrfre-kzk4Jg953CV2kPO7A2oNUfBHnbAugfPw8yphylEcmQsP6WXANB2EM8tMaiM5XbCHUlM0rvmCt9G1S9tl7i4XDGD-kMxfc2Y7tl1WGAItraI94lAOI8oVboqxgB44priFPj_DEMdoUTNRFuQWfT8ZrrKYdqqdJCYNO-3r8x7rHHQMJ_sTQcuy9nW0wqOfyvlq7JaXpxJvqlUho203vDMIGNeBiNpckZ-QEwylf7LESTHUZGK59rR3x-GUvyOWtf1e4RQULWxWOmSAGiW2BVV0jt7xSoMTbKvC6M6sNR7VpW29V04RBUKbVKddYDS1g-xSFWSulSYsLRYP4jQXJbUqSWa_ywkBXMiFOPSULCNCUfsO8P6KkPLvyxh5qRAEANQ2&PassBackUrl=&res=1600x1200&dcid=1_ctx_b0104e40-7135-4e52-884d-e5d18a31412b&cu=&kw=&mw=800&mh=600

67 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
heraldposts.com/
Redirect Chain

http://heraldposts.com/
https://heraldposts.com/

175 KB
47 KB

305ms
241ms

Document
text/html

172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.28
Resource Hash: 9b7d4d2f319cbb07f0c7b26a14c7230faad53fa9a7222c64ff235b940a1514ea

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 884b2bcceea09bbf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 May 2024 11:54:06 GMT
link: <https://heraldposts.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6lnPvsyBhJf%2BPcmdZeQjV26Kdq4WbRkocJscwJ%2BHaj5nYI%2BByDaNrVDZOb5e9ENAGHYdmBQCZm5dyrXhsZreC4odSD%2BYo7Yd%2FcKJYz%2FrOn6dEmeyybjsZGgGcUc4J%2ByBfM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-powered-by: PHP/8.1.28
x-turbo-charged-by: LiteSpeed

Redirect headers

Location: https://heraldposts.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.min.css
heraldposts.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 98ms
96ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:36:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 236330
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUamZMyyM1M0%2FVF0AT%2FnuwOJuuhAy1J4n%2FhUJhe6i%2FYYCUycW5M0Oi2KriVA%2FVi2TThnTbCPVNOS7OIjaxciXqtN0iGGObe6Q3mxkU70Tr3ewHFOW%2FuH6Kvs76B0qZsEUys%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78a19bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 May 2024 18:15:16 GMT

GET
H3 200 mediaelementplayer-legacy.min.css
heraldposts.com/wp-includes/js/mediaelement/ 11 KB
3 KB 257ms
255ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 05:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4ZxDqPlPQw%2BWlLurm2AXGicjpaHZ0vqIEZlDnL4jcF%2FdZke4Wb0LjMzQo4r5wvMPNFUVj%2F4OBRv9afb9Wc57ZtnmidcfxzlHo61dT2k%2Bpw4T3w0uCeDPMf%2FZspjZ36sGrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78a39bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 wp-mediaelement.min.css
heraldposts.com/wp-includes/js/mediaelement/ 4 KB
2 KB 55ms
52ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.3
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsnG7z%2BerZSKI4TS0dmx5Ikclq3JKl%2F%2BHC2kOOkiR6MUssgGYUpMlPbwNWJZC%2FfvSk34RANXT7Dh6UtcIH0HViVdsrJ3kKKCanmU5vHe1eHoHYomzvS1rOedBpFJEE33AWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78a59bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 styles.css
heraldposts.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 57ms
54ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:37:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 468984
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVU6GYifNAZmNlWl5MEjxPq0b7hOu61%2BknpiWLOajqqr8dMyVJ5N963OtHU%2Ba1eg9viyyo2dz6%2B7CSm3NMgJDq%2BisleRucYDkwEQr%2BfrT35HMxgoJfBwIK5E5HXBTgO%2F42A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78a69bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 18 May 2024 01:37:42 GMT

GET
H3 200 fontello.css
heraldposts.com/wp-content/plugins/tfm-theme-boost/tfm-social-plugin/css/fontello/css/ 4 KB
2 KB 56ms
53ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/plugins/tfm-theme-boost/tfm-social-plugin/css/fontello/css/fontello.css
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9953c308ec479e813830b10ce8c7cd1ea3584081a922daef831cfc8329fd09b4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2N6zvVfs79iN6%2FlA6c2k3yokMe9sf1VP%2FymCtbwtFYLXARr8tOpzDaMpuJoq8eEESUdb85TBiaNPpiZJMbkP5MAFq2KBCVsB9I6Q9BsTJwascdGq0FkC9qrVngH2YZGvtGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78a99bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 style.css
heraldposts.com/wp-content/plugins/tfm-theme-boost/tfm-social-plugin/css/ 19 KB
3 KB 58ms
55ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/plugins/tfm-theme-boost/tfm-social-plugin/css/style.css?ver=1.0.0
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83925af05f950a4a51a385add3aa842f09d360b3cf9366ad032824ad29f07e1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 236330
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIqAxS5PGdhS8YyA6mQMQs5ryK1oU2dy1QB3z0ngpD0Dekk0AN4UQzkJZkYC0xzBduYwx8vGdQE6lX3J2rYlNuPOl26dQwc4BAvEiN7CaOboDEsobwne675BNKFFK9%2BwBQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78ac9bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 20 May 2024 18:15:16 GMT

GET
H3 200 wpp.css
heraldposts.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
1 KB 58ms
56ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.2
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:37:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bTqUFmYGvZTxghwy4SJlGy39MrLM%2FtShNjLtMNsQX7hUNjHDMFFJm12r8vkUSkqy8D9OAyqAtvQHzslpTnY4vP97cmchVClKjRA100AlEB7KheRmN2RqBUe6bIkcBesqB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78af9bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 normalize.css
heraldposts.com/wp-content/themes/mura/css/ 6 KB
2 KB 60ms
58ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/themes/mura/css/normalize.css?ver=1.0.0
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da57fbd9832933c8aae0b6c6354ecc0c71fb5ada3a9c266396e1844cce9d3534

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQabaGIf3bAzSD9OT9wVi46Th4iZ6ernYYCJyDOF%2B%2F22bz6MQvKF0x88OMGxJZZyu5%2BfKL2uM3nUTgfX7E3sReNV3lX0FDx0Y1bIWFHTcj2FJfb%2FGpBJMVVR1WDP6%2FMf6L8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78b29bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 fontello.css
heraldposts.com/wp-content/themes/mura/css/fontello/css/ 6 KB
2 KB 59ms
57ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/themes/mura/css/fontello/css/fontello.css
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2471acb25e2b95a7363e287721e37ce11a34b6c3d458a37ba2273ee4e550629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6QGmUQPbKG2wS1nobWDY%2F31NfSG5sBDbADC34N2EYA%2BkyjVZLgVMqFtFjBGFtUBng8Z6hHOLJu1YustiCK7GkLrlBfuv8I1bJpjImoE%2B6myCQbLhM86wTrg%2B1NfmbOG2KUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78b39bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
2 KB 142ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kumbh+Sans%3Awght%40300%3B400%3B600%3B700&display=swap&ver=1.0.0

Requested by

Host: heraldposts.com
URL: https://heraldposts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dc5458298259b71f232a194e14797c88ff0c07fbf5fe5c6e6d6fcbb6c18e579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 11:54:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 11:54:06 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 153ms
61ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.0

Requested by

Host: heraldposts.com
URL: https://heraldposts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e315bcd312f01a113e8a78e03505ebe54716194464869cafc956f4ad87e1e863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 11:28:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 11:54:06 GMT

GET
H3 200 style.css
heraldposts.com/wp-content/themes/mura/ 96 KB
16 KB 134ms
132ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/themes/mura/style.css?ver=1.6.2
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2775524b60233028a4b417f94a3c7712169c88d6dd61d7c957e2f64898ce1e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAxqYL0AIfRhwJMe51AYduo%2FMgk%2BsokEUjScR%2B7DSfqV8pglEknwDtsyB4dI5qvNcWq1sV%2BhFdbCUTo1%2BvIXlUCU3bvQRu43rrztBdaYYwQJNaTZuPa7eami1Vq3khLPc38%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78b59bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 mura.css
heraldposts.com/wp-content/themes/mura/css/ 205 KB
27 KB 135ms
134ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/themes/mura/css/mura.css?ver=1.2.0
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9fb107bb9b0941b5052d23671b3e1eea7f7db9a96ffd79a83d9f695c236c25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYzHTBXOJtbOD8jdNtV%2FBhy85OdfMh4vcUV1OxLxrenyjxPTSltpJVt8fhekLKkAMPMsVaH90ziPGh%2FgQjwwbNkSOYzjeYS33%2BVL6nzG%2BR1lRQaybyyokBebxEvbQohW30k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78b69bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 gutenberg.css
heraldposts.com/wp-content/themes/mura/css/ 45 KB
7 KB 61ms
59ms Stylesheet
text/css 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/themes/mura/css/gutenberg.css?ver=1.0.0
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7dd2ead43cc928b383c4bf87256795c1d2980337f9eea8c2b9dfa9b6608b32f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkUBcJoihuPQJ1Vp38xTxxjTk8GautvcV2yMkL1PVlIIvmvy%2BPGM8TWBeJRM2nDL4AfMa364f66QT7wDldgjbv1%2F55479Fv%2FDSWpfCzlF7Hv7FveCAYRLUv%2Fa3sfgt1wct4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78b89bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 wpp.min.js Show response
heraldposts.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 137ms
135ms Script
application/javascript 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:37:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0L4l10gusdXKkdn8hhNLvaYKzcfEZs%2BxzpPjO1B57sLnqYVPCZjFmZDAsi5Hnx3uRTEQO9ll8LIhWVsde%2BWNxaCxOBsq5mYmFOVqYPPUrkiHU0wK5QQQ99qWCis6xcco0hA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78bc9bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 jquery.min.js Show response
heraldposts.com/wp-includes/js/jquery/ 86 KB
31 KB 161ms
160ms Script
application/javascript 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efmo4TxU%2BBobBn6uJS5N%2B1r2%2B1cRTxqXRFYQ37M5%2B0oR5Pt8foJWi8HP%2FRA%2FuSkSovGaLQtqPnAm37uyJGrzhO7oCAyQFQ8h5W40zaHVr7yx7CQ130Ykx0lHaozGko0WMl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78bf9bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 jquery-migrate.min.js Show response
heraldposts.com/wp-includes/js/jquery/ 13 KB
5 KB 172ms
171ms Script
application/javascript 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14jsLEr4WDPeonfhTkrv6eVxw4NA1RWoLjHPfgzgdHtble2I3lkk1V0nVJOar1vga2iG94K%2Fo%2BVxkl5CKcLvc3lxdgn5WY7GUf6XLWi7rX0iumLqjbzUw0NwCJGncXSZD9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78c19bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3 200 main.js Show response
heraldposts.com/wp-content/themes/mura/js/ 6 KB
2 KB 173ms
172ms Script
application/javascript 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/themes/mura/js/main.js?ver=1.0.0
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3b1dc3aa084cfec7cc7efe76a5a468f5c7f2548c69d0e19e7e609ec1bdfeb60

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 17:11:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKlEk%2BEk3oMTciqvJ8ZmkpQGQ1vUVWBBF24aDaztH%2Bx%2BFt7Wz9%2FarbGDZKh52sMTp3WkL7%2FP3Oh8SJSuFvdyo9nrNPm4Lk925o%2FTI%2Frt%2BXT%2FsVBhJXj4GikfZNK5gwhLTN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bce78c59bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:40 GMT

GET
H3

200

13457 Show response
widget.adcovery.com/script/DE/1/
Redirect Chain

https://widget.adcovery.com/script/13457
https://widget.adcovery.com/script/DE/1/13457

117 KB
38 KB

272ms
272ms

Script
text/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.adcovery.com/script/DE/1/13457
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0088b39cba3f0249966d0c1496dba8ca26a158dbfa1b24b0e652e5adea2b55ec

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://heraldposts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"226608cf3ad2fc2c485bb24c064514044930415f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCnYGJYy%2FEPdJMzEx8%2B%2BtbqjyA3xHPqChbtrsrq1mkZ3MvP4WmTkCiMXJx8wvwCEEvD6Ub%2FEkfV6sgYHRF7LgaZj59%2FThSvcrrDzA5IOjYajUMKypYinrRI1xWGe%2FLTUIuClQcNg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
x-tornado: yes
cf-ray: 884b2bd11cd19158-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 11:55:07 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 May 2024 11:54:06 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJafTFjWpbAqweEEtz7ALHclxC2qhFcKqVjsvPrxNVJAIx6kMOfKi82Wcjfl1FnNrf0sBaZm4C4GUHIzsey5zvhmiw21BkeFMHjvlPzL3u1g1dm60Zf2UlGo9kTvLHcG6IYbsru2"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://widget.adcovery.com/script/DE/1/13457
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-tornado: yes
cf-ray: 884b2bd07bd79158-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 herald-posts-2023.png
heraldposts.com/wp-content/uploads/2023/06/ 27 KB
28 KB 174ms
173ms Image
image/png 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2023/06/herald-posts-2023.png
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 887ba5f1679562f0564e5893e7ef763e4a47a9f8648475fbbb614155b5fb4d38

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148619
alt-svc: h3=":443"; ma=86400
content-length: 27802
last-modified: Thu, 22 Jun 2023 03:54:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sz77QjA4bTwhV%2Fp4Czed9z4slnoi5wzKPmM6u5x3MsrIdG0JP0wwYEsIkenp70%2Bg%2FwXV5g1G%2F7d11KW75Zk4HVicaHiC2XmjNZ7U%2BYIdpIud42Tuyo3goHqrK6ezW3sgVSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bce78ca9bbf-FRA
expires: Tue, 21 May 2024 18:37:07 GMT

GET
H3 200 Screen-Shot-2024-05-14-at-2.32.35-PM-1024x538.png
heraldposts.com/wp-content/uploads/2024/05/ 714 KB
715 KB 425ms
424ms Image
image/png 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/Screen-Shot-2024-05-14-at-2.32.35-PM-1024x538.png
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6d859f6646d4c5218bdbd7f173889943456be57bb0378368d8bf250e82ac96

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 20:14:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SASojEc31sPUxi1pLzET3YJ2VhpuumbgBJo9CgvDUpFymoYYQfIetOlDEjJmurrhg4cm2I9NcSaO8Ja%2F4SQmvz1DC4J4y2QXe0K7jLcdlI3M7rmL%2F86E%2FXf11SeWdHbay8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bce78cb9bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 731014
expires: Thu, 23 May 2024 11:54:06 GMT

GET
BLOB 200
OK 933260ee-35d6-42d8-933c-96d2458e48ae
https://heraldposts.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heraldposts.com/933260ee-35d6-42d8-933c-96d2458e48ae
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H3 200 index.js Show response
heraldposts.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 55ms
55ms Script
application/javascript 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:37:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61585
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2FZRH634NK%2BVcAN%2FJYRru%2BCETt6lWj1OLlsqj0y3kuy22DKGrtDg7WIiaHqqy%2BvAglGynkhS9oeC0%2BGsC6odvLFIUz8O9Ns0IyqM4%2FXbO2DXacnC19CWqL0xMidNGWr%2F%2FyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bcf9a0f9bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:41 GMT

GET
H3 200 index.js Show response
heraldposts.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 55ms
54ms Script
application/javascript 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:37:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 468983
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jBynpYdDRskogMEpwA%2B12httjBurU7Moq0%2FnPgGVbQzE4wwWQ%2FJwWi%2Bjm65gjma%2BYqGO2zHrq5PjnKLS0Eaqih0d9AldWMvBOUWdcZpgkeFNUid7JiqdxpoWL8V%2F2eDK%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bcffa9b9bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 18 May 2024 01:37:43 GMT

GET
H2 200 e-202420.js Show response
stats.wp.com/ 7 KB
3 KB 124ms
38ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202420.js
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356563.6672
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Thu, 08 May 2025 07:55:14 GMT

GET
H3 200 infinity.js.aspx Show response
cdn.engine.4dsply.com/Scripts/ 167 KB
46 KB 323ms
269ms Script
application/x-javascript 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8e7ad6dcff77b9b6d46cd834394eef23361dca8e4ecb1d564b94eab4ad1805

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 11:53:29 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=900
cf-ray: 884b2bd07b5dbf42-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 12:09:07 GMT

GET
H2 200 ajs.js Show response
cdn2.decide.dev/_js/ 6 KB
3 KB 169ms
41ms Script
application/javascript 2600:9000:26da:b800:3:7df3:55c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.decide.dev/_js/ajs.js
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:b800:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a673d4f16dc53823fa9507e85ac4f6b2bd6e585e8ea7496c064015fa7959532e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 03:43:18 GMT
content-encoding: gzip
via: 1.1 google, 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
last-modified: Thu, 09 May 2024 19:00:31 GMT
x-amz-cf-pop: MUC50-P4
age: 29448
etag: W/"16ae-18f5eba7d7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: CKOF0VjlKZ9WQOtck_qeLpemJMI00qBJDiiNDcQPLx4WIIEstt_N6w==

GET
H2 200 sjs.js Show response
cdn2.decide.dev/_js/ 10 KB
2 KB 167ms
40ms Script
application/javascript 2600:9000:26da:b800:3:7df3:55c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.decide.dev/_js/sjs.js
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:b800:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61773d9a3aa1ba14b2f4ea9a8118c619c460c5acbc8770405530cc5ce31ed7e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 22:12:41 GMT
content-encoding: gzip
via: 1.1 google, 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
last-modified: Thu, 09 May 2024 19:00:31 GMT
x-amz-cf-pop: MUC50-P4
age: 49285
etag: W/"26be-18f5eba7df4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: FF_kr66WGFnfd_cQul_y6nDSRWjTGF4EjBaXqAGUugHtf7udFIb3Lw==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 163ms
83ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: heraldposts.com
URL: https://heraldposts.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b4b9cdc6d16f97060375c033467396b3714421fdfad7cdbd2d8c9bfcb4c41bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52116
x-xss-protection: 0
server: cafe
etag: 12259811640147043042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 16 May 2024 11:54:06 GMT

GET
H3 200 advertising.js Show response
rddywd.com/ 9 B
486 B 106ms
57ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
cf-cache-status: HIT
last-modified: Wed, 15 May 2024 22:55:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 46743
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkqhSJBp5OD6AC%2FXH%2B%2FzcHP8mtJFB514UGdOz7vl2UuR2p8tmg%2BXPJWzJOK32kic%2BZTzbwaFjNBdidiyYPEJsu4z3kzCvuWysVJ9%2FBysA8W79omMKZsKVzWGoKFr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 884b2bd07e239b58-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9

GET
H3 200 adcode.png
rddywd.com/ 43 B
515 B 105ms
55ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Origin: https://heraldposts.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 67586
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C5dbsSze7qUa6VckF5YL96hnizZnKG27DClgvLSYovdbM%2BKrxC1MKgwCP4F7XU%2FnCiSUabhIYj2YkPu0uGggb%2BDfTqXZ8HpF7lDqx4BJZ6Tiksi2Z4JEOMQ3dZ2w"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 884b2bd07aa665ca-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
117 B 140ms
39ms Image
text/plain 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2
fonts.gstatic.com/s/kumbhsans/v22/ 29 KB
29 KB 185ms
98ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kumbhsans/v22/c4mw1n92AsfhuCq6tVsaoIx1LQICk0boNoq0ShNPVo0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kumbh+Sans%3Awght%40300%3B400%3B600%3B700&display=swap&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a754efdbc7fe7aae0e3fd79f2afb1f5a66dd0de46cfce359aa6a6bc5939db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://heraldposts.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 04:40:13 GMT
x-content-type-options: nosniff
age: 458033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29776
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 21:29:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 May 2025 04:40:13 GMT

GET
H3 200 fontello.woff2
heraldposts.com/wp-content/themes/mura/css/fontello/font/ 14 KB
15 KB 56ms
55ms Font
font/woff2 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-content/themes/mura/css/fontello/font/fontello.woff2?35981752
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/wp-content/themes/mura/css/fontello/css/fontello.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0477266b74aaf28ad06af9034aa4d46642b8afcafe460c9af61e6abf615ab1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/wp-content/themes/mura/css/fontello/css/fontello.css
Origin: https://heraldposts.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61584
alt-svc: h3=":443"; ma=86400
content-length: 14844
last-modified: Thu, 23 Mar 2023 17:11:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzH5m9dq5lBQzXsDA6%2Fdmleblc7h%2FJnu6CDAQ6cwN3JchQKFsc5oq9UNNaiOf1z%2FzuMPsexYhLgg3FXscCETE1t7KV43QXT4jVmaVNSKGDv0WeNhNdU7H7ue3hdVWNWAnY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b2e9bbf-FRA
expires: Wed, 22 May 2024 18:47:41 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://heraldposts.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 479290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 May 2025 22:45:56 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 212ms
125ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600%3B0%2C700%3B1%2C400%3B1%2C700&display=swap&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://heraldposts.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:02:53 GMT
x-content-type-options: nosniff
age: 186673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:02:53 GMT

GET
H3 200 0-81-768x418.jpg
heraldposts.com/wp-content/uploads/2024/05/ 42 KB
42 KB 548ms
547ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/0-81-768x418.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef24bf05d1aef12565ada57d1dfb85812afd62ee7ab4db4f8e21627b2b9b6c0c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 19:47:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ub7lCXeCe4SCihv3sKomHaRJbUXJNGBtO3VVNz7mrRhpTdO1CqnzCP8JAaFVUDdjkOGQ3Lku5qb9P2yjfiLLX5FU4JVw%2BeXMMWGbZPaRCFrKa2NTatic0Az%2B38nz0QQZGms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b179bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42977
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 maxresdefault-1-1-768x403.jpg
heraldposts.com/wp-content/uploads/2024/05/ 61 KB
62 KB 556ms
555ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/maxresdefault-1-1-768x403.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f6fb005beb60d6d9731eb9ae8deb4f626b4f3e5ffa4231502cb132dd3eee15

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 20:25:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mtIZ1t4beuLgiWfAeeOEVuWoiZPuOhvzxvhoZyiCsahHjvRq40lwK43IIpTryKdJFCzbpILi0xzUepKFirr61qw5JK89rer0to%2FSpVJ6V5M%2F%2F3i6XtXSmrjjBNH8pgIaMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b1b9bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62895
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 maxresdefault-1-768x403.jpg
heraldposts.com/wp-content/uploads/2024/05/ 53 KB
53 KB 568ms
567ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/maxresdefault-1-768x403.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f1db9dd46e890199fc5e1bd7b13ead06e316381b7a69d25f7109aec0942f4d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 19:57:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESjI6vNrvMa4Spkb7huGqDuPWP5zgVQOVl56cPj7yPxYfllE6fBRwkM8WBhTMyCkRgWOYSsWekqioJdth6PbVBUPAE1drNDnl9ITYu7ubBK4FW7zA%2BtymJSELugEUEwcG24%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b209bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 53894
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 img_6915-768x401.jpg
heraldposts.com/wp-content/uploads/2024/05/ 38 KB
38 KB 399ms
398ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/img_6915-768x401.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c2873b764dc536271bf99b7ec84c1188be91984f371f7bcab71edfb38b6aa1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 02:40:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrGe3t2X47Pa9cX22BW5jpCXnKVRLBedv3IUpD%2Fl%2FgzTx6jK6SA0Oeqh%2F1Lh0kQsLeT0hAfwGJmmR759otwQWQd6if0WFsx9%2FkY7XcDQ%2FkY3nRGfNVLPQnoKXrMHIzOPM4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b249bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38459
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 joe-biden-3-768x403.jpg
heraldposts.com/wp-content/uploads/2024/05/ 25 KB
25 KB 399ms
398ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/joe-biden-3-768x403.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6316d8e4e0a5b5f2e10fc551a9e60d944b33688424040e22527a4dd8ff68b080

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Tue, 14 May 2024 02:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJ86evKEkkEhMTe0lt9mVkGwZAynVU8onZyXIvJFRxzXv9GzfroYv0QKHuGO2w%2FkM3%2BIglpK1MyIl6yKOK0nDAXXu7VZCDaRCVfX0o%2FRFwUWoCvRGoStd%2BxNY7ocmnr3D7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b279bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25186
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 maxresdefault-768x403.jpg
heraldposts.com/wp-content/uploads/2024/05/ 30 KB
31 KB 400ms
399ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/maxresdefault-768x403.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cfa1a9f8c461423db8dc62618e7bcecde9ab0ea72efb49477c7925911bc4946

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Mon, 13 May 2024 04:43:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fo5FRo5mcCiyDoevfoCh84aWlut0J7p7Lr9XG0WrjW7mzAuo7hyA4POU%2BG09khQd%2BaClLG3xVcYFhX3kdPGygJu3kvN6UlkheX1tpejSnmTdRv0EMwGffIotiDF%2FvFlbsQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b299bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31161
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 maxresdefault-337-768x432.jpg
heraldposts.com/wp-content/uploads/2024/05/ 53 KB
54 KB 596ms
595ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/maxresdefault-337-768x432.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc6aab47a15e8e8de5a0140d7a76447e907722e6ed81ae7693b0f18de137a0f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Mon, 13 May 2024 04:11:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJmGQU3ruvXknwis3z98g3J%2BiUkGCoJC5Hcf2ly4157PE8jyTksalPZz5M%2Buw2batD2nYcCP6zFJHISinGC28yIqrnfSB6UXVcphB5Lbcwju4%2BZtk7H1%2FdMyGwhnuNxe66s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b2a9bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 54392
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 censorship-censored-secrets-silenced-quiet-shhhh-white-woman-women-pixabay.jpg
heraldposts.com/wp-content/uploads/2024/05/ 19 KB
20 KB 607ms
606ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/censorship-censored-secrets-silenced-quiet-shhhh-white-woman-women-pixabay.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d504fd582b9ad6a4e6aad6211c1245962f043f7529bc8c2a1423e0d01fc1cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Sun, 12 May 2024 05:46:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FlSdLIeQH1bVM0VUgytbf08BYzRCo%2FJhXUMGgqDMOYULoel6LcNYL9ZDkwwFZpsg07vOb852WwwkRyBC08hYCIIUhQnDWN7iz5LShjKdVlegL5MLyT6px3B3yAjpptGyPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b2c9bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19728
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H3 200 flag-usa-americans-stars-stripes-old-glory-cracked-divide-division-crumbling-politics-republicans-democrats-pixabay.jpg
heraldposts.com/wp-content/uploads/2024/05/ 60 KB
60 KB 633ms
632ms Image
image/jpeg 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heraldposts.com/wp-content/uploads/2024/05/flag-usa-americans-stars-stripes-old-glory-cracked-divide-division-crumbling-politics-republicans-democrats-pixabay.jpg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f73bbacd6043922a822578186f4e9387a6c8b2db6b7e65015568d4e8a4ae92b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
cf-cache-status: MISS
last-modified: Sun, 12 May 2024 05:42:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wl%2BOcVm0FiCc%2FrKZbroHCdAuQWYD1greOW2yWhb7KjUb5PtY1jxMi1ih5nv0I7ukYBBwkM9mXrapBEAVInPYlsSSv7bhF7EeaP5EyvGXyHDWy0F6JmdAD7OU5irk0pErCNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 884b2bd04b2d9bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 61094
expires: Thu, 23 May 2024 11:54:06 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 44ms
39ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=226439053&post=0&tz=-4&srv=heraldposts.com&j=1%3A13.3.1&host=heraldposts.com&ref=&fcp=622&rand=0.4570238536085214
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 16 May 2024 11:54:06 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
heraldposts.com/wp-includes/js/ 18 KB
5 KB 51ms
51ms Script
application/javascript 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Apr 2024 05:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 61584
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TkhtgaYutWr9rJidrIk%2BRgFgm2WSdh%2BGK57LnJreIaY%2FjHPaJh0w%2FCvFapXhiJeG4ba5Em4yzWcS8wNwkWHBnyN57t8TCugwTbP6BLYHIjqhm0rd19rVGmtVj4Q91GzzX3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bd0fc049bbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 May 2024 18:47:42 GMT

GET
H2 200 16381466614649958
decide.dev/lad/ Frame EE0D 0
0 286ms
197ms Document
text/html 34.149.139.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://decide.dev/lad/16381466614649958?pubid=ld-16381466614649958&pubo=https%3A%2F%2Fheraldposts.com&rid=&width=1560&path=%2F&x=-100779&y=101199&embed_type=2&embed_frame_container_type=3
Requested by: Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.139.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://heraldposts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 943
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 11:54:07 GMT
via: 1.1 google

GET
H3 200 fetch
dotsply.com/pixel/ Frame 961C 0
0 128ms
72ms Document
text/html 172.66.40.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dotsply.com/pixel/fetch
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://heraldposts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
age: 2825
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 884b2bd32e2cbf6a-WAW
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 11:54:07 GMT
expires: Thu, 16 May 2024 20:00:28 GMT
last-modified: Wed, 15 May 2024 21:16:50 GMT
p3p: CP="CAO PSA OUR IND"
server: cloudflare
vary: *, Accept-Encoding

GET
H3 200 Tag.engine Show response
engine.4dsply.com/ 22 KB
10 KB 625ms
623ms Script
application/json 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/Tag.engine?time=-120&id=c482e2fa-0cec-4876-8a38-70eb95698f07&rand=58793&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fheraldposts.com%2F&kw=&bp=%7B%7D
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32a200096369b00d03521ae050e2d3f7f48cb77eb2f8dd7ebb08776dd931daa4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: private, no-transform
cf-ray: 884b2bd3c925bf42-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 p.js Show response
cdn.engine.4dsply.com/Scripts/MediaScripts/ 18 KB
5 KB 66ms
66ms Script
application/x-javascript 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/MediaScripts/p.js?v=4
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41473bb6ebfd04d3e7abd3677f05060285bd9bad66c4439224e255281b83df8a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 11:41:09 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
age: 248
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=803
cf-ray: 884b2bd7b861bf42-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 12:07:30 GMT

GET
H3 200 b.js Show response
cdn.engine.4dsply.com/Scripts/MediaScripts/ 178 KB
55 KB 73ms
72ms Script
application/x-javascript 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/MediaScripts/b.js?v=4
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75047016eb9e296a663e843b5df47add40f4b42ec39c443d2133227cdc1b88fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 11:37:22 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
age: 193
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=884
cf-ray: 884b2bd7b864bf42-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 12:08:51 GMT

GET
H3 200 fb.js Show response
cdn.engine.4dsply.com/Scripts/MediaScripts/ 549 KB
164 KB 121ms
120ms Script
application/x-javascript 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/MediaScripts/fb.js?v=4
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d0a2efad4931288da8dac36ac25db5cf77c4129e38b8aa4a940783f97ecf347

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 11:27:01 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
age: 224
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=348
cf-ray: 884b2bd7b867bf42-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 11:59:55 GMT

GET
H3 200 push.js Show response
cdn.engine.4dsply.com/Scripts/MediaScripts/ 4 KB
2 KB 68ms
68ms Script
application/x-javascript 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/MediaScripts/push.js?v=4
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950170202d9f62b8875a6fbefb45881b870ad7605d2c02a242a1dbaa71d642fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 11:34:57 GMT
server: cloudflare
age: 418
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=900
cf-ray: 884b2bd7b86bbf42-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 12:09:07 GMT

GET
H3 200 cv.js Show response
cdn.engine.4dsply.com/Scripts/MediaScripts/ 442 KB
128 KB 168ms
168ms Script
application/x-javascript 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/MediaScripts/cv.js?v=4
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789dfacddda8c9a9bc5ab2fa669a6a0f5d55f2c3cf546d8f6dd299c444388732

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 11:33:41 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=900
cf-ray: 884b2bd7b86dbf42-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 12:09:08 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 16:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 16:33:03 GMT

GET
H3 200 ippnotice.js Show response
cdn.engine.4dsply.com/Scripts/ 46 KB
31 KB 299ms
299ms Script
application/x-javascript 104.16.202.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.engine.4dsply.com/Scripts/ippnotice.js?v=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2&75878582
Requested by: Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=c482e2fa-0cec-4876-8a38-70eb95698f07
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.202.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222b058de12d463eb24b8049c8fc38923769e22d6918f60d6e85e604820e4be9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 May 2024 11:54:08 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: *, Accept-Encoding
p3p: CP="CAO PSA OUR IND"
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=900
cf-ray: 884b2bd92b37bf42-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 May 2024 12:09:08 GMT

GET
H2 404 ctax=Campaigns%5EExpose%5EViewers%5EPlacement%2095526%20-%20Viewer
bcp.crwdcntrl.net/5/c=3722/ 49 B
266 B 180ms
60ms Image
image/gif 54.77.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=3722/ctax=Campaigns%5EExpose%5EViewers%5EPlacement%2095526%20-%20Viewer
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-42-245.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 11:54:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.187
content-length: 49
expires: 0

GET
H3 200 adsupplylogo_purplered.svg
asmedia.adsupplyssl.com/_assets/logos/ 4 KB
3 KB 131ms
64ms Image
image/svg+xml 172.67.75.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asmedia.adsupplyssl.com/_assets/logos/adsupplylogo_purplered.svg
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.75.135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b835eed7d308831aa61c3c87f7ea902df91b3f292e30526358d0d0e3b3ca8675

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Feb 2016 23:53:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6121
etag: W/"10e5-52b9b5ee4186a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiDaAVGLZ2x8X8niVhOasU%2BbCWCkmh0OsKAhqifKixxaUAft1swvQs5vxM114MLKwDJWe1CvohwzRrQoMlU60DeIpQkE5FysuHaM5RlPXH0BNn1UIk8D3B3Kv9iAvtjYU2GZe3j0EaSR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 884b2bd99db4996f-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 May 2024 10:12:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
505 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 11:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 11:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 11:54:08 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://heraldposts.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:02:21 GMT
x-content-type-options: nosniff
age: 186707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:02:21 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://heraldposts.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:40:50 GMT
x-content-type-options: nosniff
age: 43998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 23:40:50 GMT

GET
H3

200

mediahosting.engine Show response
engine.4dsply.com/
Redirect Chain

https://engine.4dsply.com/Redirect.eng?MediaSegmentId=78996&dcid=1_ctx_b0104e40-7135-4e52-884d-e5d18a31412b&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=60&dst=True&v=vGRy2lBF...
https://engine.4dsply.com/mediahosting.engine?MediaId=129125&AId=12674&CId=56235&PId=113408&SiteId=22610&ZoneId=81356&vm=vGRy2lBFVoL7u6hdXpKPshE1rUpKr_MG5NVo4gtvgS5j1CiLujjDwgRQvqLD5lLRM3KWUGYTAYNo...

1 KB
4 KB

221ms
220ms

XHR
application/json

104.16.203.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.4dsply.com/mediahosting.engine?MediaId=129125&AId=12674&CId=56235&PId=113408&SiteId=22610&ZoneId=81356&vm=vGRy2lBFVoL7u6hdXpKPshE1rUpKr_MG5NVo4gtvgS5j1CiLujjDwgRQvqLD5lLRM3KWUGYTAYNooC-xNBl8G1W89ms4QQhdtch0eDr-t9mzbhTA07VwBUzKziVY29BbaCcWDwYp61NiMeSoQzQncEZDtvhvzYl4q69pE-_pRO6bx_hINXshy79m7sUcknqqs3XBZL_5joxHv942xFkp7s1UsFphc-X0gJvFBLHPiquyNoy4UpEs2ZVOiM4iUd9P4fvHO5aIGxf0ntuOnieXmKUPRcsk8ZDdlV161ODMHAN3wD9Ld8Dnhd5kWPVMkrOCjs83-sFq8LD0G5-sgoyl1Nv77HOO-KRFDaTpPBuk-DxuYTI8aYGH2EHgwDhU98eIIcjgbPW9qNKZC2hLBmXQWGhjA_H6Hgq7xUepcXYP4wR3I1Jh--gMYDNUgTTMD7CNTYYzI9xsGaAvC-vYJlp0YqvTozWuRLeP94eTyUmO5JEcnahUOKTI3PjZAFDYGf7qaKdRgDkQO7yignEr-HkHhLsvpkhuqpktn_krudA9LpI9tpJFVrPq7NEm-PQAX-DHWbSuVhi1Mkt-p4HQcp3PVNSv4GomEEIsESyn13EWos7sZc-HH5Z5gNYODeu_BZQELa02LH_oYOtfO5tb8zrfre-kzk4Jg953CV2kPO7A2oNUfBHnbAugfPw8yphylEcmQsP6WXANB2EM8tMaiM5XbCHUlM0rvmCt9G1S9tl7i4XDGD-kMxfc2Y7tl1WGAItraI94lAOI8oVboqxgB44priFPj_DEMdoUTNRFuQWfT8ZrrKYdqqdJCYNO-3r8x7rHHQMJ_sTQcuy9nW0wqOfyvlq7JaXpxJvqlUho203vDMIGNeBiNpckZ-QEwylf7LESTHUZGK59rR3x-GUvyOWtf1e4RQULWxWOmSAGiW2BVV0jt7xSoMTbKvC6M6sNR7VpW29V04RBUKbVKddYDS1g-xSFWSulSYsLRYP4jQXJbUqSWa_ywkBXMiFOPSULCNCUfsO8P6KkPLvyxh5qRAEANQ2&PassBackUrl=&res=1600x1200&dcid=1_ctx_b0104e40-7135-4e52-884d-e5d18a31412b&cu=&kw=&mw=800&mh=600
Protocol: H3
Server: 104.16.203.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd292d964d67d3ef721f9b037b71b8203f5a481cae370a741e5adf3188f9a68

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://heraldposts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 16 May 2024 11:54:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: private, no-transform
cf-ray: 884b2bdcef47349e-WAW
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 16 May 2024 11:54:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
location: https://engine.4dsply.com/mediahosting.engine?MediaId=129125&AId=12674&CId=56235&PId=113408&SiteId=22610&ZoneId=81356&vm=vGRy2lBFVoL7u6hdXpKPshE1rUpKr_MG5NVo4gtvgS5j1CiLujjDwgRQvqLD5lLRM3KWUGYTAYNooC-xNBl8G1W89ms4QQhdtch0eDr-t9mzbhTA07VwBUzKziVY29BbaCcWDwYp61NiMeSoQzQncEZDtvhvzYl4q69pE-_pRO6bx_hINXshy79m7sUcknqqs3XBZL_5joxHv942xFkp7s1UsFphc-X0gJvFBLHPiquyNoy4UpEs2ZVOiM4iUd9P4fvHO5aIGxf0ntuOnieXmKUPRcsk8ZDdlV161ODMHAN3wD9Ld8Dnhd5kWPVMkrOCjs83-sFq8LD0G5-sgoyl1Nv77HOO-KRFDaTpPBuk-DxuYTI8aYGH2EHgwDhU98eIIcjgbPW9qNKZC2hLBmXQWGhjA_H6Hgq7xUepcXYP4wR3I1Jh--gMYDNUgTTMD7CNTYYzI9xsGaAvC-vYJlp0YqvTozWuRLeP94eTyUmO5JEcnahUOKTI3PjZAFDYGf7qaKdRgDkQO7yignEr-HkHhLsvpkhuqpktn_krudA9LpI9tpJFVrPq7NEm-PQAX-DHWbSuVhi1Mkt-p4HQcp3PVNSv4GomEEIsESyn13EWos7sZc-HH5Z5gNYODeu_BZQELa02LH_oYOtfO5tb8zrfre-kzk4Jg953CV2kPO7A2oNUfBHnbAugfPw8yphylEcmQsP6WXANB2EM8tMaiM5XbCHUlM0rvmCt9G1S9tl7i4XDGD-kMxfc2Y7tl1WGAItraI94lAOI8oVboqxgB44priFPj_DEMdoUTNRFuQWfT8ZrrKYdqqdJCYNO-3r8x7rHHQMJ_sTQcuy9nW0wqOfyvlq7JaXpxJvqlUho203vDMIGNeBiNpckZ-QEwylf7LESTHUZGK59rR3x-GUvyOWtf1e4RQULWxWOmSAGiW2BVV0jt7xSoMTbKvC6M6sNR7VpW29V04RBUKbVKddYDS1g-xSFWSulSYsLRYP4jQXJbUqSWa_ywkBXMiFOPSULCNCUfsO8P6KkPLvyxh5qRAEANQ2&PassBackUrl=&res=1600x1200&dcid=1_ctx_b0104e40-7135-4e52-884d-e5d18a31412b&cu=&kw=&mw=800&mh=600
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cache-control: private, no-transform
cf-ray: 884b2bdb6b89349e-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 404 ctax=Campaigns%5EExpose%5EViewers%5EPlacement%20113408%20-%20Viewer
bcp.crwdcntrl.net/5/c=3722/ 49 B
265 B 55ms
55ms Image
image/gif 54.77.42.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=3722/ctax=Campaigns%5EExpose%5EViewers%5EPlacement%20113408%20-%20Viewer
Requested by: Host: heraldposts.com
URL: https://heraldposts.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.42.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-42-245.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 11:54:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.192
content-length: 49
expires: 0

GET
H3 404 favicon.ico
heraldposts.com/ 1 KB
1 KB 249ms
249ms Other
text/html 172.67.221.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heraldposts.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 11:54:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJiu8q5PWxZ7i1xBT867bDDUu0RVLDoTdNjrFNXJYwnqFOTZRs4jRDL47dG7zR5TR%2FrlabLsd60kANESnc2IimvSTwzWi8GkD6l6sIiultGyOn2DreieFjsU49RH7DRJST0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 884b2bdb78eb9bbf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 m129125.jpg
digiadsply.com/ 136 KB
136 KB 152ms
112ms Image
image/jpeg 172.64.149.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digiadsply.com/m129125.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.149.245 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c4d9ea292c8b47b8d7b3fd54a531e9183e8f784931ec468a4850c1f2ebe166d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://heraldposts.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 11:54:09 GMT
via: 1.1 11db54d41dc7b64f760df4a169363db2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1192442
x-amz-cf-pop: MRS52-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
alt-svc: h3=":443"; ma=86400
content-length: 138778
last-modified: Wed, 10 May 2023 18:18:59 GMT
server: cloudflare
etag: "0240a26e4c9f9239159986b0dc75b7d9"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 884b2bde894a4516-TXL
x-amz-cf-id: DUbVhybM6v-Jee3H-ievEYq35BtHVK6gMwOckuhqGACqWsYAvpUKfA==
expires: Sun, 16 Jun 2024 11:54:09 GMT

GET
DATA 200
OK truncated
/ 895 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff9a0eecab4d5e979c494f81057e58444fafa59ea780676a9907f446f4b62fb9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 26 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6ef59e4ac95f5effa2d96e6d4d882fc296d68c4db104c1577312fd8e5ac1d5a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89efe7d036185c00c3703901cdc792c17275fe23c390c44c3f4e2143d1b39c97

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
engine.4dsply.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
engine.4dsply.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
engine.4dsply.com/	1970-01-21 06:13:40	Name: IUID Value: 2b76c30f-4489-4654-9b1b-4d8b517be2e4
engine.4dsply.com/	1969-12-31 23:59:59	Name: ISSH Value: 7356C6
engine.4dsply.com/	1969-12-31 23:59:59	Name: VMI Value:
engine.4dsply.com/	1970-01-21 06:13:40	Name: CHN Value: #[]
engine.4dsply.com/	1970-01-21 06:13:40	Name: MSSH Value: #{}
engine.4dsply.com/	1970-01-21 06:13:40	Name: MSRH Value: #{}
engine.4dsply.com/	1970-01-21 06:13:40	Name: ILP Value: null
engine.4dsply.com/	1970-01-21 06:13:40	Name: ILPLU Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-21 06:13:40	Name: ILEALC Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-20 20:37:54	Name: ILMPF Value: #False
engine.4dsply.com/	1970-01-21 06:13:40	Name: IPMPLU Value: #1/1/0001 12:00:00 AM
engine.4dsply.com/	1970-01-21 06:13:40	Name: IPMUID Value: #
engine.4dsply.com/	1970-01-21 06:13:40	Name: BSWUID Value: #
engine.4dsply.com/	1970-01-21 06:13:40	Name: IBL Value: #[]
engine.4dsply.com/	1970-01-21 06:13:40	Name: IOPT Value: #[]
engine.4dsply.com/	1970-01-21 06:13:40	Name: ISH Value: #{"22610":[{"SId":"7356C6","D":"24/5/16T4:54:7"}]}
engine.4dsply.com/	1970-01-21 06:13:40	Name: ISH_Q Value: #[22610]

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heraldposts.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bcp.crwdcntrl.net/5/c=3722/ctax=Campaigns%5EExpose%5EViewers%5EPlacement%2095526%20-%20Viewer Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bcp.crwdcntrl.net/5/c=3722/ctax=Campaigns%5EExpose%5EViewers%5EPlacement%20113408%20-%20Viewer Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://heraldposts.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
asmedia.adsupplyssl.com
bcp.crwdcntrl.net
cdn.engine.4dsply.com
cdn2.decide.dev
decide.dev
digiadsply.com
dotsply.com
engine.4dsply.com
fonts.googleapis.com
fonts.gstatic.com
heraldposts.com
pagead2.googlesyndication.com
pixel.wp.com
rddywd.com
stats.wp.com
widget.adcovery.com
www.googleapis.com
104.16.202.119
104.16.203.119
142.250.185.194
172.64.149.245
172.66.40.43
172.67.221.55
172.67.75.135
188.114.96.3
188.114.97.3
192.0.76.3
2600:9000:26da:b800:3:7df3:55c0:93a1
2a00:1450:4001:802::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:82a::200a
34.149.139.129
54.77.42.245
0088b39cba3f0249966d0c1496dba8ca26a158dbfa1b24b0e652e5adea2b55ec
07f6fb005beb60d6d9731eb9ae8deb4f626b4f3e5ffa4231502cb132dd3eee15
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1c4d9ea292c8b47b8d7b3fd54a531e9183e8f784931ec468a4850c1f2ebe166d
1cc6aab47a15e8e8de5a0140d7a76447e907722e6ed81ae7693b0f18de137a0f
1dd292d964d67d3ef721f9b037b71b8203f5a481cae370a741e5adf3188f9a68
222b058de12d463eb24b8049c8fc38923769e22d6918f60d6e85e604820e4be9
28c2873b764dc536271bf99b7ec84c1188be91984f371f7bcab71edfb38b6aa1
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32a200096369b00d03521ae050e2d3f7f48cb77eb2f8dd7ebb08776dd931daa4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41473bb6ebfd04d3e7abd3677f05060285bd9bad66c4439224e255281b83df8a
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
4dc5458298259b71f232a194e14797c88ff0c07fbf5fe5c6e6d6fcbb6c18e579
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53f1db9dd46e890199fc5e1bd7b13ead06e316381b7a69d25f7109aec0942f4d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61773d9a3aa1ba14b2f4ea9a8118c619c460c5acbc8770405530cc5ce31ed7e4
6316d8e4e0a5b5f2e10fc551a9e60d944b33688424040e22527a4dd8ff68b080
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076
75047016eb9e296a663e843b5df47add40f4b42ec39c443d2133227cdc1b88fe
789dfacddda8c9a9bc5ab2fa669a6a0f5d55f2c3cf546d8f6dd299c444388732
7a6d859f6646d4c5218bdbd7f173889943456be57bb0378368d8bf250e82ac96
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
83925af05f950a4a51a385add3aa842f09d360b3cf9366ad032824ad29f07e1a
887ba5f1679562f0564e5893e7ef763e4a47a9f8648475fbbb614155b5fb4d38
89efe7d036185c00c3703901cdc792c17275fe23c390c44c3f4e2143d1b39c97
8f73bbacd6043922a822578186f4e9387a6c8b2db6b7e65015568d4e8a4ae92b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91d504fd582b9ad6a4e6aad6211c1245962f043f7529bc8c2a1423e0d01fc1cf
950170202d9f62b8875a6fbefb45881b870ad7605d2c02a242a1dbaa71d642fc
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9953c308ec479e813830b10ce8c7cd1ea3584081a922daef831cfc8329fd09b4
9b7d4d2f319cbb07f0c7b26a14c7230faad53fa9a7222c64ff235b940a1514ea
9cfa1a9f8c461423db8dc62618e7bcecde9ab0ea72efb49477c7925911bc4946
9d0a2efad4931288da8dac36ac25db5cf77c4129e38b8aa4a940783f97ecf347
a673d4f16dc53823fa9507e85ac4f6b2bd6e585e8ea7496c064015fa7959532e
b4b9cdc6d16f97060375c033467396b3714421fdfad7cdbd2d8c9bfcb4c41bcf
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b835eed7d308831aa61c3c87f7ea902df91b3f292e30526358d0d0e3b3ca8675
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6ef59e4ac95f5effa2d96e6d4d882fc296d68c4db104c1577312fd8e5ac1d5a
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
ce0477266b74aaf28ad06af9034aa4d46642b8afcafe460c9af61e6abf615ab1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
da57fbd9832933c8aae0b6c6354ecc0c71fb5ada3a9c266396e1844cce9d3534
e2471acb25e2b95a7363e287721e37ce11a34b6c3d458a37ba2273ee4e550629
e2775524b60233028a4b417f94a3c7712169c88d6dd61d7c957e2f64898ce1e1
e315bcd312f01a113e8a78e03505ebe54716194464869cafc956f4ad87e1e863
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7dd2ead43cc928b383c4bf87256795c1d2980337f9eea8c2b9dfa9b6608b32f
ef24bf05d1aef12565ada57d1dfb85812afd62ee7ab4db4f8e21627b2b9b6c0c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b1dc3aa084cfec7cc7efe76a5a468f5c7f2548c69d0e19e7e609ec1bdfeb60
f8a754efdbc7fe7aae0e3fd79f2afb1f5a66dd0de46cfce359aa6a6bc5939db5
fc9fb107bb9b0941b5052d23671b3e1eea7f7db9a96ffd79a83d9f695c236c25
fd8e7ad6dcff77b9b6d46cd834394eef23361dca8e4ecb1d564b94eab4ad1805
ff9a0eecab4d5e979c494f81057e58444fafa59ea780676a9907f446f4b62fb9

heraldposts.com Open in urlscan Pro 172.67.221.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

29 %IPv6

13 Domains

18 Subdomains

18 IPs

5 Countries

2189 kBTransfer

4088 kBSize

19 Cookies

2 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heraldposts.com Open in urlscan Pro
172.67.221.55 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

29 %
IPv6

13
Domains

18
Subdomains

18
IPs

5
Countries

2189 kB
Transfer

4088 kB
Size

19
Cookies

67 HTTP transactions
3 data transactions