www.herald-dispatch.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/art...
Submission: On May 04 via api (May 4th 2021, 4:43:22 pm UTC) from US

Summary HTTP 113 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 23 domains to perform 113 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.herald-dispatch.com.
TLS certificate: Issued by R3 on March 7th 2021. Valid for: 3 months.

This is the only time www.herald-dispatch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
32	104.18.131.43 104.18.131.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.84.114 65.9.84.114	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	40.112.243.12 40.112.243.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:4000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
4	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	65.9.84.4 65.9.84.4	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	18.235.239.192 18.235.239.192	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
4	2a02:26f0:150... 2a02:26f0:1500::5c7b:d562	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
113	36

8 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.herald-dispatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.18.131.43 (United States)

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.114 (United States)

ASN16509 (AMAZON-02, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.112.243.12 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

portal.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:4000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.84.4 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.239.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-239-192.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1500::5c7b:d562 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	townnews.com bloximages.newyork1.vip.townnews.com	632 KB
15	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	258 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	170 KB
8	herald-dispatch.com www.herald-dispatch.com	70 KB
7	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	134 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	154 KB
5	google-analytics.com www.google-analytics.com	40 KB
4	azureedge.net csp.azureedge.net	10 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	5 KB
3	gstatic.com fonts.gstatic.com	46 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net	13 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	877 B
2	google.com adservice.google.com ampcid.google.com	707 B
2	google.de adservice.google.de ampcid.google.de	493 B
2	cityspark.com portal.cityspark.com p.cityspark.com	6 KB
2	googletagmanager.com www.googletagmanager.com	84 KB
1	quantserve.com pixel.quantserve.com	372 B
1	jsdelivr.net cdn.jsdelivr.net	37 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googleadservices.com partner.googleadservices.com	272 B
113	23

	Domain	Requested by
32	bloximages.newyork1.vip.townnews.com	www.herald-dispatch.com
12	pbs.twimg.com	www.herald-dispatch.com platform.twitter.com
8	www.herald-dispatch.com	www.herald-dispatch.com bloximages.newyork1.vip.townnews.com
7	platform.twitter.com	www.herald-dispatch.com platform.twitter.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.herald-dispatch.com
5	pagead2.googlesyndication.com	www.herald-dispatch.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	csp.azureedge.net	portal.cityspark.com csp.azureedge.net
4	t.teads.tv	www.herald-dispatch.com
3	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	fonts.googleapis.com	csp.azureedge.net
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	sb.scorecardresearch.com	1 redirects www.herald-dispatch.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	a.teads.tv	www.herald-dispatch.com s8t.teads.tv
2	www.googletagmanager.com	www.herald-dispatch.com www.googletagmanager.com
1	pixel.quantserve.com	portal.cityspark.com
1	cdn.jsdelivr.net	portal.cityspark.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	p.cityspark.com	portal.cityspark.com
1	ping.chartbeat.net	www.herald-dispatch.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	static.chartbeat.com	www.herald-dispatch.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s8t.teads.tv	a.teads.tv
1	portal.cityspark.com	www.herald-dispatch.com
1	tags.crwdcntrl.net	www.herald-dispatch.com
113	34

This site contains links to these domains. Also see Links.

Domain
www.waynecountynews.com
www.newslibrary.com
bit.ly
herald-dispatch.mycapture.com
www.instagram.com
heralddispatch.newzware.com
www.hdclassifieds.com
wvlegals.com
herald-dispatch.adperfect.com
www.facebook.com
twitter.com
instagram.com
media.herald-dispatch.com
wa.me
facebook.com
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
herald-dispatch.com R3	`2021-03-07` - `2021-06-05`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-09` - `2022-04-09`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
teads.tv R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.cityspark.com Go Daddy Secure Certificate Authority - G2	`2020-02-13` - `2022-04-13`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-03-26`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Frame ID: 81A3CCE67D0ED9A06BC0C9DCC88AAAD1
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: CFA52CF598C6D30A03D43DB2D5A8A654
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7816267718295528&output=html&adk=1812271804&adf=3025194257&lmt=1620042185&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620146585277&bpp=11&bdt=360&idt=111&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3380933811252&frm=20&pv=2&ga_vid=1524446291.1620146585&ga_sid=1620146585&ga_hid=689743265&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=899755822401928&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=138
Frame ID: 175970DB6296732AB219FA264891C3F2
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.herald-dispatch.com
Frame ID: DF9843387242E697C53AA10339B272AF
Requests: 2 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1389573551200559113/QpzewbCD?format=jpg&name=600x314
Frame ID: F0D43874189F51E56DE17DAB8886D4F9
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 13A4078A7B119142DABADD7E51D43D4D
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: BCA788EA6AF3EB94DA349C7CD899BF1F
Requests: 13 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%3A%22news%2C%20_recent_news%2C%20_zapp%22%7D/rt=ifr
Frame ID: 30EA0782E4BE894813068E8EA8C27209
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E53B7BDEBB217E973BD2D39D090EC8B8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

113
Requests

99 %
HTTPS

66 %
IPv6

23
Domains

34
Subdomains

36
IPs

4
Countries

1705 kB
Transfer

4175 kB
Size

13
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.waynecountynews.com/
Title: Wayne County News

Search URL Search Domain Scan URL

URL: http://www.newslibrary.com/sites/hhdb/
Title: Digital Archives

Search URL Search Domain Scan URL

URL: http://bit.ly/MUchampions
Title: Marshall Championship Reprint

Search URL Search Domain Scan URL

URL: http://bit.ly/HSreprints
Title: High School Championship Reprints

Search URL Search Domain Scan URL

URL: http://herald-dispatch.mycapture.com/mycapture/index.asp
Title: Photo and Page Reprints

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heralddispatch/
Title: HD on Instagram

Search URL Search Domain Scan URL

URL: https://heralddispatch.newzware.com/ss70v2/huntin02/common/template.jsp
Title: My Account

Search URL Search Domain Scan URL

URL: http://www.hdclassifieds.com/huntington/rentals/search
Title: For Rent

Search URL Search Domain Scan URL

URL: http://www.hdclassifieds.com/huntington/merchandise/search
Title: Items for Sale

Search URL Search Domain Scan URL

URL: https://wvlegals.com/publication/herald_dispatch/
Title: Public Notices

Search URL Search Domain Scan URL

URL: http://herald-dispatch.adperfect.com/
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theheralddispatch
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/heralddispatch/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/heralddispatch/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://media.herald-dispatch.com/ecom/
Title: Online Store

Search URL Search Domain Scan URL

URL: http://herald-dispatch.mycapture.com/mycapture/remoteimage.asp?backtext=Return%20to%20photo&backurl=&thumbpath=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Fherald-dispatch.com%2Fcontent%2Ftncms%2Fassets%2Fv3%2Feditorial%2Fd%2Fe2%2Fde21d991-95a8-50f6-b403-6f43d29fc1ec%2F608b42a6035e3.image.jpg%3Fresize%3D700%252C467&previewpath=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Fherald-dispatch.com%2Fcontent%2Ftncms%2Fassets%2Fv3%2Feditorial%2Fd%2Fe2%2Fde21d991-95a8-50f6-b403-6f43d29fc1ec%2F608b42a6035e3.image.jpg%3Fresize%3D700%252C467&pricingsheetid=2055
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2F20210429-hd-opioids%2Fimage_de21d991-95a8-50f6-b403-6f43d29fc1ec.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=20210429-hd-opioids&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2F20210429-hd-opioids%2Fimage_de21d991-95a8-50f6-b403-6f43d29fc1ec.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/20210429-hd-opioids/image_de21d991-95a8-50f6-b403-6f43d29fc1ec.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://herald-dispatch.mycapture.com/mycapture/remoteimage.asp?backtext=Return%20to%20photo&backurl=&thumbpath=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Fherald-dispatch.com%2Fcontent%2Ftncms%2Fassets%2Fv3%2Feditorial%2F7%2Fbc%2F7bce61b4-1c18-5aed-95b9-96250d9f0fbf%2F608b42a621710.image.jpg%3Fresize%3D700%252C457&previewpath=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Fherald-dispatch.com%2Fcontent%2Ftncms%2Fassets%2Fv3%2Feditorial%2F7%2Fbc%2F7bce61b4-1c18-5aed-95b9-96250d9f0fbf%2F608b42a621710.image.jpg%3Fresize%3D700%252C457&pricingsheetid=2055
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2F20210429-hd-opioids%2Fimage_7bce61b4-1c18-5aed-95b9-96250d9f0fbf.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=20210429-hd-opioids&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2F20210429-hd-opioids%2Fimage_7bce61b4-1c18-5aed-95b9-96250d9f0fbf.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/20210429-hd-opioids/image_7bce61b4-1c18-5aed-95b9-96250d9f0fbf.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.herald-dispatch.com%2Frobert-c-byrd-united-states-courthouse%2Fimage_785a02c0-e5f4-5b1f-966e-f5cfd36e7aa1.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Robert%20C.%20Byrd%20United%20States%20Courthouse&via=heralddispatch&url=https%3A%2F%2Fwww.herald-dispatch.com%2Frobert-c-byrd-united-states-courthouse%2Fimage_785a02c0-e5f4-5b1f-966e-f5cfd36e7aa1.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.herald-dispatch.com/robert-c-byrd-united-states-courthouse/image_785a02c0-e5f4-5b1f-966e-f5cfd36e7aa1.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://facebook.com/CHesslerHD
Title: Facebook.com/CHesslerHD

Search URL Search Domain Scan URL

URL: https://twitter.com/heralddispatch
Title: Twitter

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1620146585559&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=75428313&cs_ucfr= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1620146585559&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=75428313&cs_ucfr=

Request Chain 97

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 111

https://bcp.crwdcntrl.net/5/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%3A%22news%2C%20_recent_news%2C%20_zapp%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%3A%22news%2C%20_recent_news%2C%20_zapp%22%7D/rt=ifr

113 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request article_d4137853-5f50-5649-bb97-f63064491542.html Show response
www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/ 254 KB
53 KB 280ms
90ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

ad189b34b14b3359ae907bda1291bd32357e77e7f6359dfe74e0353242959903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.herald-dispatch.com
:scheme: https
:path: /news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 15:53:54 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 May 2021 11:43:05 GMT
x-robots-tag: noarchive
x-ua-compatible: IE=edge
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ca5a9a2f4e5b789d51303b7c20749ccd.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js>; rel=preload; as=script
x-tncms: 1.57.2; app5; 0.28s; 4.1M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/352a4ba42aa16cf95bfaf0bc12c60882
content-encoding: gzip
vary: X-IPCountry, Accept-Encoding
age: 2950
cache-control: public, max-age=10
x-vcache: HIT
accept-ranges: bytes
content-length: 52507

GET
H2 200 user.js Show response
www.herald-dispatch.com/shared-content/art/tncms/user/ 8 KB
3 KB 156ms
153ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: ce16ba482ca225565e65d98c1a2b78ed5abe790df147fd42743091df99f8244f

Request headers

Referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:42:47 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 19:04:57 GMT
age: 17
etag: W/"608b0359-1f69"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3072
service-worker-allowed: /

GET
H2 200 jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
33 KB 113ms
59ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Wed, 09 Sep 2020 19:56:59 GMT
cf-request-id: 09d9dc15970000ee03731d2000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f59338b-18813"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c191dee03-CDG
expires: Fri, 05 Nov 2021 05:42:16 GMT

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
10 KB 132ms
78ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
cf-request-id: 09d9dc15960000ee0338223000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c191fee03-CDG
expires: Sat, 20 Nov 2021 08:33:20 GMT

GET
H2 200 common.5ee3960b4d37bc106988fa535b393865.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 35 KB
13 KB 99ms
46ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Thu, 05 Nov 2020 18:39:55 GMT
cf-request-id: 09d9dc15980000ee03349f6000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5fa446fb-8a06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c2926ee03-CDG
expires: Sat, 06 Nov 2021 09:59:43 GMT

GET
H2 200 tnt.ca5a9a2f4e5b789d51303b7c20749ccd.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
3 KB 107ms
54ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ca5a9a2f4e5b789d51303b7c20749ccd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6ed9910c762e8f5580aaa2421f475f349db7081fd75cf4dd257ed145735f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Fri, 16 Apr 2021 14:03:19 GMT
cf-request-id: 09d9dc15990000ee036281f000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"60799927-1d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c292dee03-CDG
expires: Thu, 21 Apr 2022 19:01:19 GMT

GET
H2 200 application.cb897187c4718280fd69d2e6d6c3909d.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
1 KB 91ms
39ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Fri, 16 Apr 2021 14:03:19 GMT
cf-request-id: 09d9dc15990000ee036912f000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"60799927-104a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c292aee03-CDG
expires: Thu, 21 Apr 2022 19:01:19 GMT

GET
H2 200 tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
933 B 89ms
36ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Fri, 29 Jan 2021 17:55:48 GMT
cf-request-id: 09d9dc15980000ee03583ac000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"60144c24-925"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c2928ee03-CDG
expires: Wed, 02 Feb 2022 20:01:21 GMT

GET
H2 200 bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
16 KB 102ms
50ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Mon, 16 Nov 2020 16:04:28 GMT
cf-request-id: 09d9dc15930000ee03340b2000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5fb2a30c-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c190cee03-CDG
expires: Sat, 20 Nov 2021 08:33:20 GMT

GET
H2 200 layout.3b65876aac384b653b48927b9e216a6e.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 132 KB
22 KB 93ms
40ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.3b65876aac384b653b48927b9e216a6e.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc01bc293e8d2e65946e9235b1cca6488d00147fae0301093c506c27bda8ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Fri, 16 Apr 2021 14:04:20 GMT
cf-request-id: 09d9dc15970000ee034e8d3000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"60799964-2107d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c191bee03-CDG
expires: Thu, 21 Apr 2022 19:01:19 GMT

GET
H2 200 theme-basic.0740431ec2aa31f2e7d813ea5c660a8d.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
7 KB 86ms
34ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.0740431ec2aa31f2e7d813ea5c660a8d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9e67b8aa737ee25d9afa29a6d7ffb395d2390167df4ac9c8e22c23bd372f30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Wed, 24 Feb 2021 19:07:21 GMT
cf-request-id: 09d9dc15950000ee03ae2ed000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"6036a3e9-a4c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c1917ee03-CDG
expires: Fri, 25 Feb 2022 07:04:16 GMT

GET
H2 200 site.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/live/global/resources/styles/ 201 B
283 B 90ms
39ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/live/global/resources/styles/site.css?_dc=1531499659

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46db277207e35c59c276d4484cc079b8fc80d3d0db00a32b7a2875cf7ef177ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Fri, 13 Jul 2018 16:34:19 GMT
cf-request-id: 09d9dc15940000ee0399a84000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5b48d48b-c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c1913ee03-CDG
expires: Sat, 20 Nov 2021 08:33:20 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
2 KB 84ms
33ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 457069
last-modified: Fri, 16 Apr 2021 14:04:27 GMT
cf-request-id: 09d9dc15950000ee0366a8c000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"6079996b-12b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c1918ee03-CDG
expires: Sat, 23 Apr 2022 09:05:23 GMT

GET
H2 200 tntslider.f0c083d16d9ead5fda668c00e19f96ba.css
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 2 KB
725 B 89ms
38ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/tntslider.f0c083d16d9ead5fda668c00e19f96ba.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6761577003d65361b005f184a33d38dadaff9dea40f63c6018d89fd4533e17eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Fri, 23 Oct 2020 13:10:10 GMT
cf-request-id: 09d9dc15940000ee03a8356000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d632-985"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c1912ee03-CDG
expires: Fri, 05 Nov 2021 08:45:34 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/16029/ 38 KB
11 KB 52ms
20ms Script
application/json 65.9.84.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/16029/cc.js?ns=_cc16029
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e4b20212d98a2f01baec4f580070ed9fb9ce9504caf76767bf071e744ed5914

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 04 May 2021 07:15:12 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 16:55:17 GMT
server: AmazonS3
age: 34073
etag: W/"2afa8effe386b9e3c6592337f19997dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: FGfVRrOYs3VLRQTEOpR4jzF1ZzgxRXGtX6R71W--P1NXUzo_fA9hXA==

GET
H2 200 tracking.js Show response
www.herald-dispatch.com/shared-content/art/tncms/ 3 KB
1 KB 153ms
152ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

:path: /shared-content/art/tncms/tracking.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.herald-dispatch.com
referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:41:56 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 19:04:57 GMT
age: 68
etag: W/"608b0359-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 subscription.js Show response
www.herald-dispatch.com/shared-content/art/tncms/ 4 KB
2 KB 153ms
152ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/tncms/subscription.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 54317318cf662dbbb03ff87d8bafa484b37c773b8de906581d576b4d0de158be

Request headers

:path: /shared-content/art/tncms/subscription.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.herald-dispatch.com
referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:39:28 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 16:18:19 GMT
age: 216
etag: W/"608adc4b-f1e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1794
service-worker-allowed: /

GET
H2 200 tnt.access.status.828de94349981272665c0fb0107f3e49.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 927 B
425 B 88ms
38ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e0375034d708bbd07a006a0bce3e4c5ce9aecc05952f0c4ecb05117a29cb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983094
last-modified: Fri, 23 Oct 2020 13:08:19 GMT
cf-request-id: 09d9dc15980000ee0381beb000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5c3-39f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c2925ee03-CDG
expires: Wed, 03 Nov 2021 07:50:03 GMT

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 517 B
438 B 29ms
29ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Fri, 23 Oct 2020 13:08:16 GMT
cf-request-id: 09d9dc16020000ee03340bb000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5c0-205"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9cca8dee03-CDG
expires: Thu, 04 Nov 2021 09:12:17 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
909 B 46ms
42ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9180a94ecd3d5f93f0fb9fcd95a68ec3a9e1decce55694bfb9e5ce6281bdd672

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Fri, 23 Oct 2020 13:08:30 GMT
cf-request-id: 09d9dc16160000ee03aba21000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5ce-5b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9cead5ee03-CDG
expires: Wed, 03 Nov 2021 06:44:10 GMT

GET
H2 200 tnt.nextPrev.f1660ccf5d097410b8b72737d216878c.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 4 KB
2 KB 38ms
35ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.f1660ccf5d097410b8b72737d216878c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

714db6fa0eed72832d9a2ac312cf6f78fc51cfdced47f166816b9e6bc90e159a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Wed, 24 Feb 2021 19:07:03 GMT
cf-request-id: 09d9dc16170000ee0399a91000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"6036a3d7-10ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9cead8ee03-CDG
expires: Fri, 25 Feb 2022 07:04:17 GMT

GET
H2 200 tnt.followed.notifications.6600e99595fd219e961e9882c796e61c.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/ 3 KB
1 KB 37ms
34ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/search/resources/scripts/tnt.followed.notifications.6600e99595fd219e961e9882c796e61c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbcdbf64f6d2c3d36a3f3292e6114271c70fe25ac55de8c3a32262a7b736e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 948195
last-modified: Fri, 16 Apr 2021 14:03:47 GMT
cf-request-id: 09d9dc16170000ee0369135000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"60799943-d15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceadbee03-CDG
expires: Sat, 23 Apr 2022 11:14:21 GMT

GET
H2 200 tntslider.83728139a42a73a6f9da03c5dc53ccb3.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 34 KB
5 KB 39ms
36ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/tntslider.83728139a42a73a6f9da03c5dc53ccb3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abc6da98499a0956287db68f0fa75052d147129b99c11d8b17c8c330b2e487a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Wed, 23 Dec 2020 05:36:25 GMT
cf-request-id: 09d9dc16180000ee03a9864000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5fe2d759-88f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceaddee03-CDG
expires: Wed, 02 Feb 2022 20:01:51 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 198 B
394 B 36ms
35ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Fri, 23 Oct 2020 13:09:55 GMT
cf-request-id: 09d9dc15af0000ee03340b4000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d623-c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9c4982ee03-CDG
expires: Fri, 05 Nov 2021 06:51:22 GMT

GET
H2 200 fontawesome.edd147e4c2830f416874012247117438.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 252 KB
88 KB 62ms
59ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.edd147e4c2830f416874012247117438.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Fri, 23 Oct 2020 13:08:53 GMT
cf-request-id: 09d9dc16180000ee0397268000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5e5-3f1a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceadeee03-CDG
expires: Thu, 04 Nov 2021 06:16:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47791
x-xss-protection: 0
server: cafe
etag: 12720787893023158812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 16:43:05 GMT

GET
H2 200 tracker.js Show response
www.herald-dispatch.com/shared-content/art/stats/common/ 9 KB
3 KB 88ms
88ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.herald-dispatch.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f

Request headers

:path: /shared-content/art/stats/common/tracker.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.herald-dispatch.com
referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:38:43 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 20:55:05 GMT
age: 261
etag: W/"60493229-2242"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3240
service-worker-allowed: /

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
51 KB 29ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74ca082529065d72befe0366667b494e126e8d1f2fd67630c031efd6e2fe2940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52162
x-xss-protection: 0
last-modified: Tue, 04 May 2021 15:30:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 16:43:05 GMT

GET
H2 200 608b42a6035e3.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/d/e2/de21d991-95a8-50f6-b403-6f43d29fc1ec/ 161 KB
162 KB 187ms
185ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/d/e2/de21d991-95a8-50f6-b403-6f43d29fc1ec/608b42a6035e3.image.jpg?resize=1200%2C800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf77c84399e9331f97beefa9e20ac320b53b30aeeb27aa0001ec2c3ad2d8efc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Apr 2021 23:35:02 GMT
strict-transport-security: max-age=604800
content-length: 165100
cf-request-id: 09d9dc16180000ee0384115000000001
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "83d71ec008794374d1b41592d39a68f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 30 Apr 2022 04:08:51 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 64a32f9ceae0ee03-CDG
cf-bgj: h2pri

GET
H2 200 608b42a621710.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/7/bc/7bce61b4-1c18-5aed-95b9-96250d9f0fbf/ 157 KB
157 KB 184ms
182ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/7/bc/7bce61b4-1c18-5aed-95b9-96250d9f0fbf/608b42a621710.image.jpg?resize=1200%2C784

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

055ca02c2c0958f37d8b327f5b07bd3554e8c551691e14325ed6364048232c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Thu, 29 Apr 2021 23:35:02 GMT
cf-bgj: h2pri
cf-request-id: 09d9dc161a0000ee03340be000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "bdabc2e4435299ab245c1461ea68d324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceae9ee03-CDG
expires: Sat, 30 Apr 2022 04:11:29 GMT

GET
H2 200 tag Show response
a.teads.tv/page/88563/ 840 B
711 B 71ms
53ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/88563/tag
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cbaf8db9fb6736bbc170f4dddd517fe357d013ffc93619533ddc0f70e31104f4

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 512
expires: Tue, 04 May 2021 17:43:05 GMT

GET
H/1.1 200
OK widget.min.js Show response
portal.cityspark.com/js/ 3 KB
1 KB 693ms
165ms Script
application/x-javascript 40.112.243.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.cityspark.com/js/widget.min.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.112.243.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ccd6d32e24ec18ac811591d6cf517a2199da6c29afe460cc3b251cf76eef7f10

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:43:05 GMT
Content-Encoding: gzip
ETag: "0a28575ee4bd61:0"
Last-Modified: Fri, 26 Jun 2020 19:17:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Arr-Disable-Session-Affinity: true
Accept-Ranges: bytes
Content-Length: 1090

GET
H2 200 / Show response
www.herald-dispatch.com/tncms/subscription/check_ip/ 19 B
429 B 108ms
108ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herald-dispatch.com/tncms/subscription/check_ip/

Requested by

Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/shared-content/art/tncms/subscription.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

eb19bdbb8b9d5e43ed2b6c6ca6090d31767a6c7ec0b47ddf49317c450f826624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /tncms/subscription/check_ip/
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.herald-dispatch.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
:method: GET
Referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 39
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.57.2; app5; 0.01s; 0.8M
cache-control: private, max-age=3600
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/ 5 KB
1 KB 49ms
48ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b2b0ff251ace3099e3d51a387fe55a16b741832a930a21c0d0b77409e087758

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Wed, 24 Feb 2021 19:07:05 GMT
cf-request-id: 09d9dc161a0000ee0358afe000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"6036a3d9-1290"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceae3ee03-CDG
expires: Fri, 25 Feb 2022 07:04:17 GMT

GET
H2 200 asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 941 B
497 B 33ms
31ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Fri, 23 Oct 2020 13:08:14 GMT
cf-request-id: 09d9dc16190000ee0366a99000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5be-3ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceae4ee03-CDG
expires: Thu, 04 Nov 2021 09:56:50 GMT

GET
H2 200 owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 40 KB
10 KB 46ms
44ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2bedb8d9b818971c16b394180d1decd7e9993d6d6bcc0656637fa4a2e0ef191

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 944166
last-modified: Fri, 16 Apr 2021 14:03:41 GMT
cf-request-id: 09d9dc161a0000ee03583b8000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"6079993d-9fe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceae7ee03-CDG
expires: Sat, 23 Apr 2022 12:06:40 GMT

GET
H2 200 tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 4 KB
2 KB 38ms
36ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67aa6b2a6e81fa0331589f7fbd4c5b38bdf0cee81568eb7d7fba48fe1c04b86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Mon, 16 Nov 2020 16:06:20 GMT
cf-request-id: 09d9dc161a0000ee033a089000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5fb2a37c-f70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceae8ee03-CDG
expires: Sat, 20 Nov 2021 08:09:23 GMT

GET
H2 200 tnt.regions.54d9f15b0d238de6bb20ec82ed8307ac.js Show response
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 36ms
35ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc168c638e5100e78d92f788ab0e1119353fb2cff24ccbbabd5fced1b9af4b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 983095
last-modified: Fri, 23 Oct 2020 13:08:13 GMT
cf-request-id: 09d9dc161a0000ee034686d000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: W/"5f92d5bd-cd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9ceaebee03-CDG
expires: Fri, 05 Nov 2021 16:53:04 GMT

GET
H2 200 tracker.gif
www.herald-dispatch.com/shared-content/art/stats/common/ 0
145 B 87ms
86ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.herald-dispatch.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_upage=1&tnms_do=www.herald-dispatch.com&tnms_uri=/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html&tnms_ref=&rt=1620146585110
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_upage=1&tnms_do=www.herald-dispatch.com&tnms_uri=/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html&tnms_ref=&rt=1620146585110
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.herald-dispatch.com
referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
age: 0
etag: "48f79fed-0"
x-vcache: MISS
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 22fce642-46a8-11e5-abe7-9bde14e42eb5.png
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/ 27 KB
27 KB 30ms
29ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/custom/image/22fce642-46a8-11e5-abe7-9bde14e42eb5.png?resize=640%2C81

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c13a5f077929e3d5fc5ce7de624148aa89b569a6af86a978c7c5875ef389de72

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 718370
last-modified: Wed, 19 Aug 2015 19:26:06 GMT
cf-request-id: 09d9dc16710000ee0346879000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "23bed4fb85cd867eaa53211abb89902d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9d8c23ee03-CDG
expires: Sat, 23 Apr 2022 12:06:57 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/ 223 KB
82 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7816267718295528&plah=www.herald-dispatch.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84200
x-xss-protection: 0
server: cafe
etag: 1635929098252524918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 16:43:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame CFA5 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald-dispatch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herald-dispatch.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 May 2021 02:53:05 GMT
expires: Tue, 18 May 2021 02:53:05 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 49800
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 606 KB
132 KB 22ms
7ms Script
text/javascript 2a02:26f0:6c00:191::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/88563/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a11f850f6dd583d61a69c820edb915eeba945d5d2c9d6608ffca72c6a1efa52d

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: X10AG2A1NWX1D2YA
content-length: 134890
x-amz-id-2: +hm9oDI/LWwtjDmZgjBpBkOHuovCg1x8G9ohVbYjgwgKt4NkVGdwRp/iUGP70dE2p8evIdW3HJw=
last-modified: Mon, 03 May 2021 12:55:17 GMT
etag: "e54d6953c48de4f5554a32521cb4016d"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 8
accept-ranges: bytes
access-control-allow-headers: *
expires: Tue, 04 May 2021 17:13:05 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:43:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/668B)
Age: 847
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3750
date: Tue, 04 May 2021 15:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 17:40:35 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
33 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32e72a775d0772a1068b1a1efc3f7a8659ab5818543558c8aace316666488eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33941
x-xss-protection: 0
last-modified: Tue, 04 May 2021 15:30:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 16:43:05 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
272 B 30ms
29ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.herald-dispatch.com&callback=_gfp_s_&client=ca-pub-7816267718295528

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7816267718295528&plah=www.herald-dispatch.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6c7ea30924b4baef9c39eb70d6ef711328187e9ec2b463ead4aa98e9105f81d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.herald-dispatch.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.herald-dispatch.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1759 54 B
56 B 77ms
76ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7816267718295528&output=html&adk=1812271804&adf=3025194257&lmt=1620042185&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620146585277&bpp=11&bdt=360&idt=111&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3380933811252&frm=20&pv=2&ga_vid=1524446291.1620146585&ga_sid=1620146585&ga_hid=689743265&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=899755822401928&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=138

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7816267718295528&output=html&adk=1812271804&adf=3025194257&lmt=1620042185&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620146585277&bpp=11&bdt=360&idt=111&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3380933811252&frm=20&pv=2&ga_vid=1524446291.1620146585&ga_sid=1620146585&ga_hid=689743265&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=899755822401928&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=138
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald-dispatch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herald-dispatch.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 16:43:05 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 16:58:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 16:43:05 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 04 May 2021 16:43:05 GMT

GET
H2 200 / Show response
www.herald-dispatch.com/tncms/search/mlt/ 18 KB
6 KB 155ms
155ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herald-dispatch.com/tncms/search/mlt/?origin=d4137853-5f50-5649-bb97-f63064491542&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.f1660ccf5d097410b8b72737d216878c.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

1603202acfe49262df1ccbe0351096a4c85606f6932b816b305ea915919754b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /tncms/search/mlt/?origin=d4137853-5f50-5649-bb97-f63064491542&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.herald-dispatch.com
referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
last-modified: Mon, 03 May 2021 11:43:05 GMT
content-length: 5937
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
etag: W/ff2a744970bbef32d9011344a3d3cc44
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.57.2; app8; 0.06s; 2.2M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 6081dc70353b7.preview-300.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/eedition/e/8c/e8c2f1c9-683c-55c6-b7ad-6a5734857b74/ 23 KB
24 KB 31ms
30ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/eedition/e/8c/e8c2f1c9-683c-55c6-b7ad-6a5734857b74/6081dc70353b7.preview-300.jpg?resize=300%2C273

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5e6eaff8cc7c79344d2c4301e16e8f925c0675caa13da53c61303f188d94f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 795377
last-modified: Thu, 22 Apr 2021 20:28:35 GMT
cf-bgj: h2pri
cf-request-id: 09d9dc17730000ee0379b27000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "b066086d0ca834fc50ce100dfac7c8c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9f1f50ee03-CDG
expires: Mon, 25 Apr 2022 04:00:25 GMT

GET
H2 200 607f2f47311be.preview-300.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/eedition/3/26/326a6566-535f-5be3-adaa-96760699aa43/ 15 KB
15 KB 34ms
34ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/eedition/3/26/326a6566-535f-5be3-adaa-96760699aa43/607f2f47311be.preview-300.jpg?resize=300%2C273

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa706b496a7efda991d4e9533d8f1a301c96d6a4a6bc00ae412999bca8aa74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 457070
last-modified: Tue, 20 Apr 2021 19:45:11 GMT
cf-bgj: h2pri
cf-request-id: 09d9dc17740000ee03a9883000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "ed659ef29b45c9c61c7a31e5386bd006"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64a32f9f1f52ee03-CDG
expires: Sat, 23 Apr 2022 12:06:41 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 49ms
16ms Script
application/x-javascript 2600:9000:2104:4000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:06:28 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 2197
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: ApV5VWTc0fTDszfWcRfQ7dKwliKoFHvJ1ynRQUSnLFLndlXwbkqwyw==
expires: Wed, 05 May 2021 16:06:28 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame DF98 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.herald-dispatch.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.herald-dispatch.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herald-dispatch.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 505150
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 04 May 2021 16:43:05 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2434
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Tue, 04 May 2021 17:02:31 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
542 B 34ms
14ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.herald-dispatch.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 100ms
57ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=735&ts=1620146585549&env=js-web&pageId=88563&pid=95855&auctid=8bef3f33-2e88-4d95-9379-d5a28a5e21f7&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 108ms
65ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=8bef3f33-2e88-4d95-9379-d5a28a5e21f7&pageId=88563&pid=95855&debug_metadata=mv9ESm1SMR&fv=735&ts=1620146585550&f=1&referer=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 110ms
67ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=8bef3f33-2e88-4d95-9379-d5a28a5e21f7&pageId=88563&pid=95855&slot=corner&fv=735&ts=1620146585555&f=1&referer=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1620146585559&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1620146585559&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

64 B
328 B

30ms
30ms

Image
image/gif

65.9.84.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1620146585559&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=75428313&cs_ucfr=
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: F3YoxC3gR6ji67cLrvRDyum6t1hMJia79ds7OB80NRrA5j79egRCjw==

Redirect headers

date: Tue, 04 May 2021 16:43:05 GMT
via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1620146585559&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=75428313&cs_ucfr=
content-length: 302
x-amz-cf-id: qSa2Qk8vGMXwB7ZWn9Cl4tkiq4ghKheLza68khc9GI35g-Zm3xMPig==

GET
H2 200 ad Show response
a.teads.tv/page/88563/ 519 B
570 B 46ms
46ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/88563/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&page=%7B%22id%22%3A88563%2C%22placements%22%3A%5B%7B%22id%22%3A95855%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=8bef3f33-2e88-4d95-9379-d5a28a5e21f7&formatVersion=735&env=js-web&netBw=9.4&ttfb=90
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e472cb38984a59897b0d311f3fb0df55772b0ecf60f353035dac87e179c0799d

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 357
expires: Tue, 04 May 2021 16:43:05 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
328 B 15ms
14ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.herald-dispatch.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 track
t.teads.tv/ 23 B
143 B 103ms
102ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=95855&pageId=88563&auctid=8bef3f33-2e88-4d95-9379-d5a28a5e21f7&vid=b9be283700546fffe171f90cf365cc0942a936f9&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&cts=1620146585589&cs=-311478501003662153704&fv=735&ts=1620146585633&referer=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-54716522-7&cid=1524446291.1620146585&jid=1971698776&gjid=1259145112&_gid=1557414297.1620146586&_u=aChAgUALAAQCAE~&z=432374094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 16:43:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=689743265&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&ul=en-us&de=UTF-8&dt=As%20W.Va.%20drug%20overdose%20deaths%20increase%2C%20Huntington%2C%20Cabell%20County%20first%20in%20country%20to%20face%20distributors%20in%20courtroom%20%7C%20News%20%7C%20herald-dispatch.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAUALAAQCAG~&jid=502648570&gjid=162485209&cid=1524446291.1620146585&tid=UA-2621936-1&_gid=1557414297.1620146586&_r=1&gtm=2wg4l3PDQV3N&z=1570504664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:43:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=689743265&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&ul=en-us&de=UTF-8&dt=As%20W.Va.%20drug%20overdose%20deaths%20increase%2C%20Huntington%2C%20Cabell%20County%20first%20in%20country%20to%20face%20distributors%20in%20courtroom%20%7C%20News%20%7C%20herald-dispatch.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUALAAQC~&jid=1971698776&gjid=1259145112&cid=1524446291.1620146585&tid=UA-54716522-7&_gid=1557414297.1620146586&gtm=2wg4l3PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.herald-dispatch.com%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=d4137853-5f50-5649-bb97-f63064491542&cm1=275&z=1096282336

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 04:49:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42845
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 298ms
100ms Image
image/gif 18.235.239.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=herald-dispatch.com&p=%2Fnews%2Fas-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face%2Farticle_d4137853-5f50-5649-bb97-f63064491542.html&u=BoKJF7CnQFjkjRtXX&d=herald-dispatch.com&g=66149&g0=No%20Section&g1=COURTNEY%20HESSLER%0AThe%20Herald-Dispatch&n=1&f=00001&c=0&x=0&m=0&y=2147&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1029&t=-AfrHDyUb-R3io_fB6cL02CMoAHh&V=126&i=As%20W.Va.%20drug%20overdose%20deaths%20increase%2C%20Huntington%2C%20Cabell%20County%20first%20in%20country%20to%20face%20distribut&tz=-120&sn=1&sv=CkC2Jod6cOODITHg7B55JmST4KLc&sd=1&im=067b0fff&_
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.239.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-239-192.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:43:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2621936-1&cid=1524446291.1620146585&jid=502648570&gjid=162485209&_gid=1557414297.1620146586&_u=aCjAAUALAAQCAG~&z=467832351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 16:43:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.herald-dispatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DF98 183 B
419 B 158ms
128ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=05647b2d19fe76f2505aee06508e79fba44d2fc3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.herald-dispatch.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:05 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 16:43:05 GMT
server: tsa_devel
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: be9cf47c79b85ae599ef5a0dbc54fd3f402c9a8f0e15b59eb04b367801c06e28
content-length: 152

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 14 KB
4 KB 681ms
159ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=5919&callback=jsonp1620147523933
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb9c5beea4d852ffdd9e185d5df7e9edb11f3e68aa8cb3b0c909911b189f9579

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:43:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK moment~timeline.bcb1cafa923482f4826e32741fe16a98.js Show response
platform.twitter.com/js/ 25 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:43:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BE)
Age: 505150
Etag: "16c9189d13c8dd38e3e003ac2c6bcc8f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8011

GET
H/1.1 200
OK timeline.28ecda9667eeb8e1b18898b99fee6c31.js Show response
platform.twitter.com/js/ 20 KB
7 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.28ecda9667eeb8e1b18898b99fee6c31.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:43:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/6763)
Age: 505150
Etag: "c0840e4754c01a08685ae9833ec830c8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6363

GET
H2 200 list Show response
cdn.syndication.twimg.com/timeline/ 104 KB
9 KB 216ms
216ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/list?callback=__twttr.callbacks.tl_i3_list_heralddispatch_hd_news_4_old&dnt=true&domain=www.herald-dispatch.com&lang=en&list_slug=hd-news-4&screen_name=heralddispatch&suppress_response_codes=true&t=1800162&tz=GMT%2B0200

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

4f0e08ecbd559f8ca0cd50d6e21b5182afe594a8353bfb48b6a88ed3a7adeb5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 8900
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 195
last-modified: Tue, 04 May 2021 16:43:06 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 5496d94ef8cc14ba6544d008e2ca58d3
timing-allow-origin: *
x-transaction: 00165e9300938e1e
expires: Tue, 04 May 2021 16:48:06 GMT

GET
H2 200 QpzewbCD
pbs.twimg.com/card_img/1389573551200559113/ Frame F0D4 49 KB
49 KB 13ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1389573551200559113/QpzewbCD?format=jpg&name=600x314

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

7a8b95e59196ef05021384a2270e41944ced0995a589bc234e17ac1def2e6be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 7623
x-cache: HIT
content-length: 50291
surrogate-key: card_img card_img/bucket/3 card_img/1389573551200559113
last-modified: Tue, 04 May 2021 13:30:06 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9f116246fa8ef3f8489dbb64ab44a9d4ad53544ac4fbab6964e52f7662db0dc8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 54ngg98C
pbs.twimg.com/card_img/1389567465563299844/ Frame F0D4 5 KB
5 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1389567465563299844/54ngg98C?format=jpg&name=386x202

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

ac7c62380a5740bc868ee45406d3192d0548e7b4a76278ac1cf6dad7e83b62b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 12116
x-cache: HIT
content-length: 4794
surrogate-key: card_img card_img/bucket/4 card_img/1389567465563299844
last-modified: Tue, 04 May 2021 13:05:55 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c987920f6091ca982f9ac408e65dae22cb243a2096994d554963fc1c0da9afe9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame F0D4 53 KB
12 KB 12ms
12ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:43:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:38 GMT
Server: ECS (frb/673A)
Age: 505151
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 9 KB
9 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 16:43:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:38 GMT
Server: ECS (frb/673A)
Age: 505151
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 QpzewbCD
pbs.twimg.com/card_img/1389573551200559113/ Frame F0D4 49 KB
49 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1389573551200559113/QpzewbCD?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

7a8b95e59196ef05021384a2270e41944ced0995a589bc234e17ac1def2e6be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 7623
x-cache: HIT
content-length: 50291
surrogate-key: card_img card_img/bucket/3 card_img/1389573551200559113
last-modified: Tue, 04 May 2021 13:30:06 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9f116246fa8ef3f8489dbb64ab44a9d4ad53544ac4fbab6964e52f7662db0dc8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 54ngg98C
pbs.twimg.com/card_img/1389567465563299844/ Frame F0D4 5 KB
5 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1389567465563299844/54ngg98C?format=jpg&name=386x202

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

ac7c62380a5740bc868ee45406d3192d0548e7b4a76278ac1cf6dad7e83b62b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 12116
x-cache: HIT
content-length: 4794
surrogate-key: card_img card_img/bucket/4 card_img/1389567465563299844
last-modified: Tue, 04 May 2021 13:05:55 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c987920f6091ca982f9ac408e65dae22cb243a2096994d554963fc1c0da9afe9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5Of2ZEes_normal.jpg
pbs.twimg.com/profile_images/1100898670549991424/ Frame F0D4 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1100898670549991424/5Of2ZEes_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) /

Resource Hash

8c97b48c4c7e3a3a9c4bc73ebb6da8b2700e01aa0849fb8597b5929ef09363db

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 562389
x-cache: HIT
content-length: 2111
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/3 profile_images/1100898670549991424
last-modified: Wed, 27 Feb 2019 23:19:11 GMT
server: ECS (frb/67BE)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6dd3ecf7782c09a8708cf0734671ceb2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xsNxEF-9_normal.png
pbs.twimg.com/profile_images/1123205422821904385/ Frame F0D4 5 KB
6 KB 8ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1123205422821904385/xsNxEF-9_normal.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

671e486efa39a64402ec2938afa69a71193a1d14c5e6e7a9ef01ad8aa77da405

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 258896
x-cache: HIT
content-length: 5607
surrogate-key: profile_images profile_images/bucket/6 profile_images/1123205422821904385
last-modified: Tue, 30 Apr 2019 12:38:15 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b653865ae81cebe1d2a89cd78094a7e0abbc8e59acbece1d91c0b28041d4a5a2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E0jE49nWQAUlwzl
pbs.twimg.com/media/ Frame F0D4 6 KB
6 KB 16ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E0jE49nWQAUlwzl?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

42a69b526be8ee3e0c25914b2d3fc628216b7f01a975dbbc4f14bfee0765aa2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 7623
x-cache: MISS
content-length: 6272
surrogate-key: media media/bucket/4 media/1389576967935115269
last-modified: Tue, 04 May 2021 13:43:40 GMT
server: ECS (frb/67D4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f8bfe04cb6c24809eaea826794f21e8e08c893693644121b793deacb5f660133
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E0jCz5jWUAkmKt5
pbs.twimg.com/tweet_video_thumb/ Frame F0D4 13 KB
13 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/E0jCz5jWUAkmKt5?format=jpg&name=small

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

110521bb55c8f2b4c44aec3715bc6b2f8b449cfadc5bf09ce97c07ec5147d5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 7623
x-cache: HIT
content-length: 12814
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/8 tweet_video_thumb/1389574681921998857
last-modified: Tue, 04 May 2021 13:34:35 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dd528cbac490c3153a22e636855f6084ddbb22cf6b19090a242cdfbe3c2811f6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E0jGb4iXoAQadNa
pbs.twimg.com/media/ Frame F0D4 5 KB
5 KB 16ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E0jGb4iXoAQadNa?format=jpg&name=240x240

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

3e485e3518f66ce5ad5c8f8a247191d4956d22d47d9d10d540015ef008f0f685

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 7347
x-cache: MISS
content-length: 4971
x-response-time: 150
surrogate-key: media media/bucket/9 media/1389578667379105796
last-modified: Tue, 04 May 2021 13:50:26 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2cc2bcd71475d4e80fb554e2d38eedcf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E0jGb4hXoAMzTW8
pbs.twimg.com/media/ Frame F0D4 4 KB
4 KB 16ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E0jGb4hXoAMzTW8?format=jpg&name=240x240

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674C) /

Resource Hash

4dd84b27f362f37fc2f8d422ba50d1f99935cc8f7fbf99049c0b567a334568d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 7347
x-cache: MISS
content-length: 3724
surrogate-key: media media/bucket/7 media/1389578667374911491
last-modified: Tue, 04 May 2021 13:50:26 GMT
server: ECS (frb/674C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e932bf3bf517b4d27abdb406a1c8084f8082cdea0c41e6c69b84d4f0e400995f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame F0D4 44 KB
7 KB 27ms
7ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512137
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 50ec093ada802c7ff1a9a2d65ebdae65
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 11 May 2021 16:43:06 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 29ms
9ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512137
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 12
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 50ec093ada802c7ff1a9a2d65ebdae65
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Tue, 11 May 2021 16:43:06 GMT

GET
DATA 200
OK truncated
/ Frame F0D4 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F0D4 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F0D4 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F0D4 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F0D4 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 QpzewbCD
pbs.twimg.com/card_img/1389573551200559113/ Frame F0D4 49 KB
49 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1389573551200559113/QpzewbCD?format=jpg&name=600x314

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

7a8b95e59196ef05021384a2270e41944ced0995a589bc234e17ac1def2e6be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 7623
x-cache: HIT
content-length: 50291
surrogate-key: card_img card_img/bucket/3 card_img/1389573551200559113
last-modified: Tue, 04 May 2021 13:30:06 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9f116246fa8ef3f8489dbb64ab44a9d4ad53544ac4fbab6964e52f7662db0dc8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 54ngg98C
pbs.twimg.com/card_img/1389567465563299844/ Frame F0D4 5 KB
5 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1389567465563299844/54ngg98C?format=jpg&name=386x202

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

ac7c62380a5740bc868ee45406d3192d0548e7b4a76278ac1cf6dad7e83b62b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
age: 12116
x-cache: HIT
content-length: 4794
surrogate-key: card_img card_img/bucket/4 card_img/1389567465563299844
last-modified: Tue, 04 May 2021 13:05:55 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c987920f6091ca982f9ac408e65dae22cb243a2096994d554963fc1c0da9afe9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 13A4
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: www.herald-dispatch.com
URL: https://www.herald-dispatch.com/news/as-w-va-drug-overdose-deaths-increase-huntington-cabell-county-first-in-country-to-face/article_d4137853-5f50-5649-bb97-f63064491542.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.herald-dispatch.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 505152
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 04 May 2021 16:43:06 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6763)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Tue, 04 May 2021 16:43:06 GMT
pragma: no-cache
server: tsa_devel
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Tue, 04 May 2021 16:43:06 GMT
x-transaction: 663cafdad2d3cd4c
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: be9cf47c79b85ae599ef5a0dbc54fd3f402c9a8f0e15b59eb04b367801c06e28

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame BCA7 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3751
date: Tue, 04 May 2021 15:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 17:40:35 GMT

GET
H2 200 WidgetTemplate2.min.css
csp.azureedge.net/cdn/widget/ Frame BCA7 4 KB
2 KB 56ms
25ms Stylesheet
text/css 2a02:26f0:1500::5c7b:d562
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1500::5c7b:d562 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d64bee6a327941"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1712

GET
H2 200 jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js) Show response
cdn.jsdelivr.net/g/ Frame BCA7 115 KB
37 KB 7ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)

Requested by

Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1614003
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 38019
etag: W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
x-served-by: cache-fra19144-FRA
date: Tue, 04 May 2021 16:43:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.fireSlider.min.js Show response
csp.azureedge.net/cdn/js/ Frame BCA7 13 KB
5 KB 49ms
20ms Script
application/javascript 2a02:26f0:1500::5c7b:d562
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/js/jquery.fireSlider.min.js
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1500::5c7b:d562 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d64bee6a324253"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4442

GET
H2 200 rad.js Show response
csp.azureedge.net/cdn/js/ Frame BCA7 5 KB
2 KB 46ms
17ms Script
application/javascript 2a02:26f0:1500::5c7b:d562
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/js/rad.js
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1500::5c7b:d562 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d64bee6a3265ea"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1892

GET
H2 200 p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame BCA7 35 B
372 B 30ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif

Requested by

Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:43:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BCA7 12 KB
912 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Requested by

Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://csp.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 16:43:06 GMT
server: ESF
date: Tue, 04 May 2021 16:43:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 16:43:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BCA7 7 KB
803 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Requested by

Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://csp.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 15:37:38 GMT
server: ESF
date: Tue, 04 May 2021 16:43:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 16:43:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BCA7 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.herald-dispatch.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 436057
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:29 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame BCA7 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.herald-dispatch.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 23:35:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
age: 61673
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
expires: Tue, 03 May 2022 23:35:13 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame BCA7 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.herald-dispatch.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:46:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
age: 410186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:46:40 GMT

GET icomoon.woff
csp.azureedge.net/cdn/widget/fonts/ Frame BCA7 0
0

GET
H2 200 icomoon.ttf
csp.azureedge.net/cdn/widget/fonts/ Frame BCA7 2 KB
2 KB 26ms
26ms Font
application/x-font-ttf 2a02:26f0:1500::5c7b:d562
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/widget/fonts/icomoon.ttf?-35bf
Requested by: Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1500::5c7b:d562 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 745d298c124bd38392bcef5d3d707004d15989870c3889a50cea881568b585eb

Request headers

Origin: https://www.herald-dispatch.com
Referer: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d64bee6a327110"
content-type: application/x-font-ttf
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1936

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%3A%... Frame 30EA
Redirect Chain

https://bcp.crwdcntrl.net/5/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%...
https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_ta...

163 B
834 B

45ms
44ms

Document
text/html

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%3A%22news%2C%20_recent_news%2C%20_zapp%22%7D/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/16029/cc.js?ns=_cc16029
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%3A%22news%2C%20_recent_news%2C%20_zapp%22%7D/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald-dispatch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herald-dispatch.com/

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-type: text/html;charset=UTF-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.19.38
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 29-Jan-2022 16:01:00 GMT;SameSite=None;Secure _cc_id=db529077da8ffcbd15752319658946ad;Path=/;Domain=crwdcntrl.net;Expires=Sat, 29-Jan-2022 16:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQSEkyNbI0MDdPSbRIS0tOSjE0NTc1Mja0NDO1sDQxS0xhAIKEiZWzQDQUAABYzArH";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 29-Jan-2022 16:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBImFg5C0hBAQAY%2BQIF";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 29-Jan-2022 16:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

date: Tue, 04 May 2021 16:43:06 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=16029/rand=485569636/pv=y/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20news%2C%20_recent_news%2C%20_zapp/rb=%7B%22meta_tag%22%3A%22news%2C%20_recent_news%2C%20_zapp%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.14
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 26ms
25ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8598e81e252cd45a981c5c354adc46b8d5d37886524e6476e817f9942b544b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7585
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 16:43:06 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E53B 12 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herald-dispatch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.herald-dispatch.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 16:09:42 GMT
expires: Wed, 04 May 2022 16:09:42 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2004
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame E53B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 14:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 9002
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 14:13:04 GMT

GET
H2 200 609168b5c9431.image.jpg
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/8/0c/80c91ee4-44ab-5dba-9813-48474062f313/ 2 KB
2 KB 150ms
150ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/8/0c/80c91ee4-44ab-5dba-9813-48474062f313/609168b5c9431.image.jpg?crop=641%2C641%2C249%2C0&resize=100%2C100&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66d4d99dd056410bbd128c6c25d550cf05269a566babe1d5dda106c5055e1b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 15:31:01 GMT
strict-transport-security: max-age=604800
content-length: 2352
cf-request-id: 09d9dc1ca50000ee034d9c9000000001
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "2edeae9c477114b95438e3453f9504dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 04 May 2022 15:39:11 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 64a32fa76961ee03-CDG
cf-bgj: h2pri

GET
H2 200 5ff7c85a0f378.image.png
bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/5/e2/5e2e69b8-9129-54e1-adb2-4052ad568713/ 21 KB
22 KB 139ms
139ms Image
image/png 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/content/tncms/assets/v3/editorial/5/e2/5e2e69b8-9129-54e1-adb2-4052ad568713/5ff7c85a0f378.image.png?crop=960%2C960%2C0%2C357&resize=100%2C100&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a31927b478932197ec428316c623680c86e4212edc1755f953f191e11d34720a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 16:43:06 GMT
vary: Accept-Encoding
cf-cache-status: HIT
last-modified: Fri, 08 Jan 2021 02:50:10 GMT
content-length: 21808
cf-request-id: 09d9dc1ca50000ee03969a0000000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5bb6909f87d0946abf0b0605e622d0fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 64a32fa76965ee03-CDG
expires: Wed, 04 May 2022 12:47:48 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=899755822401928&bg=!NDelN3PNAAYXzPaOF8w7ACkAdvg8Wu-ifyYiPUNiQSn1FB8GzVzTcTSxtaJbOClxYCvC6ExIQiyOlAIAAABNUgAAAAtoAQcKAA9mrOCFy-wVdc317VYhZ0aZAkLXWSF-cG6IZ7vwmHFSxHE39vDVYnCXq6GcVc_PRiTTHDpsITzWS1XGVp019CK_0g36cJj4xWWtdEPQhOU100G2kZkRf25OKykzIoyYUnkI1Ex4YHkgrIV5I2YBavU3Ui0YMcms3vU3Nmsit7FbbM6cJw1xLe4gSK64sMviCR_7grpvtwFHNA-lo8KWQoJOWTiCXgr0Oup076R-_a4_M_793TRewvzlsbOjqeFoxs069ZfNc4is0rd302f1caBtKdACJQ5THICoLPph1uGvJycmDKeBYS6DLK88FqpQlyGCA4GRBVs9p6TRsMtK9uxYgV5WdNx3n165xdsM-frU8WGlXPyeamwhyaMar6JZOazT_nAv5jLfS_u_3fz2dusedTv0P0onkI5d6vJHS80qazoUb9QxK6p604O2YNfQCovNbbcl5kIux0NgCIMZE4_5k2JTPxhC5kBINLN052nnz7Em5iCnzMIeg4n-d58IjbpNhr83BVeFUB5wS358dZWIm75ZqfzClQ53o0j4R7J2cHnvPz6AG_PNVmtGTrz0bFoKEntKc8FZuJ-muSHsALJtqRDBRZVpSvfFz7TwvCLeTZzhxJHCoLQhomtw7xAlxsnYxGWSN2WdVTt9SRbSRkPJaDr5Us65gkLluFQ1wKCb_stVukQ1K7V627npswzJScLcQ1Xic3innJ81cjaujTs7myvZAtKrYrworTInUa2yivTKmn8ZG_rCePA7V-fengrYbTCazE1fZn6pzFvqqw8gOtmmWA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.herald-dispatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 16:43:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:02:27	Name: test_cookie Value: CheckForPermission
www.herald-dispatch.com/	1970-01-19 18:03:52	Name: _gid Value: GA1.1.1557414297.1620146586
.herald-dispatch.com/	1970-01-19 18:02:26	Name: _gat_UA-2621936-1 Value: 1
www.herald-dispatch.com/	1970-01-19 18:02:28	Name: _cb_svref Value: null
.herald-dispatch.com/	1970-01-20 11:33:38	Name: _ga Value: GA1.2.1524446291.1620146585
www.herald-dispatch.com/	1970-01-20 03:31:14	Name: _chartbeat2 Value: .1620146585652.1620146585652.1.CkC2Jod6cOODITHg7B55JmST4KLc.1
www.herald-dispatch.com/	1970-01-20 03:31:14	Name: _cb Value: BoKJF7CnQFjkjRtXX
.herald-dispatch.com/	1970-01-19 18:03:52	Name: _gid Value: GA1.2.1557414297.1620146586
.herald-dispatch.com/	1970-01-19 18:02:30	Name: AMP_TOKEN Value: %24NOT_FOUND
www.herald-dispatch.com/	1970-01-20 11:33:38	Name: _ga Value: GA1.1.1524446291.1620146585
.herald-dispatch.com/	1970-01-19 18:02:26	Name: _dc_gtm_UA-54716522-7 Value: 1
www.herald-dispatch.com/	1970-01-20 03:31:14	Name: _cb_ls Value: 1
.herald-dispatch.com/	1970-01-20 03:24:02	Name: __gads Value: ID=5234aa01e1677d1b-2218ef3bc5c70054:T=1620146585:RT=1620146585:S=ALNI_MaGkYCpyWAITGq84ETCoWEA9458lQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ca5a9a2f4e5b789d51303b7c20749ccd.js(Line 1) Message: evaluating metering
console-api	log	URL: https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js(Line 1) Message: encountered an error when setting local storage
console-api	log	URL: https://bloximages.newyork1.vip.townnews.com/herald-dispatch.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js(Line 1) Message: encountered an error when setting local storage
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
csp.azureedge.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
p.cityspark.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
ping.chartbeat.net
pixel.quantserve.com
platform.twitter.com
portal.cityspark.com
s8t.teads.tv
sb.scorecardresearch.com
static.chartbeat.com
stats.g.doubleclick.net
syndication.twitter.com
t.teads.tv
tags.crwdcntrl.net
ton.twimg.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.herald-dispatch.com
csp.azureedge.net
104.18.131.43
104.244.42.8
142.250.185.226
18.235.239.192
184.30.21.51
192.104.183.109
2.18.232.7
2600:9000:2104:4000:18:1fcd:34e:d2a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c04::9a
2a00:1450:400c:c08::9a
2a02:26f0:1500::5c7b:d562
2a02:26f0:6c00:191::26e5
2a04:4e42:3::621
34.253.109.165
40.112.243.12
52.160.40.218
65.9.84.114
65.9.84.4
055ca02c2c0958f37d8b327f5b07bd3554e8c551691e14325ed6364048232c9c
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
110521bb55c8f2b4c44aec3715bc6b2f8b449cfadc5bf09ce97c07ec5147d5d8
1603202acfe49262df1ccbe0351096a4c85606f6932b816b305ea915919754b4
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18e0375034d708bbd07a006a0bce3e4c5ce9aecc05952f0c4ecb05117a29cb54
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b2b0ff251ace3099e3d51a387fe55a16b741832a930a21c0d0b77409e087758
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d6ed9910c762e8f5580aaa2421f475f349db7081fd75cf4dd257ed145735f69
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e72a775d0772a1068b1a1efc3f7a8659ab5818543558c8aace316666488eec
3e485e3518f66ce5ad5c8f8a247191d4956d22d47d9d10d540015ef008f0f685
42a69b526be8ee3e0c25914b2d3fc628216b7f01a975dbbc4f14bfee0765aa2e
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
46db277207e35c59c276d4484cc079b8fc80d3d0db00a32b7a2875cf7ef177ab
4cc01bc293e8d2e65946e9235b1cca6488d00147fae0301093c506c27bda8ff8
4dd84b27f362f37fc2f8d422ba50d1f99935cc8f7fbf99049c0b567a334568d8
4f0e08ecbd559f8ca0cd50d6e21b5182afe594a8353bfb48b6a88ed3a7adeb5f
5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
54317318cf662dbbb03ff87d8bafa484b37c773b8de906581d576b4d0de158be
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b
66d4d99dd056410bbd128c6c25d550cf05269a566babe1d5dda106c5055e1b12
671e486efa39a64402ec2938afa69a71193a1d14c5e6e7a9ef01ad8aa77da405
6761577003d65361b005f184a33d38dadaff9dea40f63c6018d89fd4533e17eb
67aa6b2a6e81fa0331589f7fbd4c5b38bdf0cee81568eb7d7fba48fe1c04b86a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7ea30924b4baef9c39eb70d6ef711328187e9ec2b463ead4aa98e9105f81d6
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
714db6fa0eed72832d9a2ac312cf6f78fc51cfdced47f166816b9e6bc90e159a
745d298c124bd38392bcef5d3d707004d15989870c3889a50cea881568b585eb
74ca082529065d72befe0366667b494e126e8d1f2fd67630c031efd6e2fe2940
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
7a8b95e59196ef05021384a2270e41944ced0995a589bc234e17ac1def2e6be7
7dbcdbf64f6d2c3d36a3f3292e6114271c70fe25ac55de8c3a32262a7b736e62
7e4b20212d98a2f01baec4f580070ed9fb9ce9504caf76767bf071e744ed5914
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8c97b48c4c7e3a3a9c4bc73ebb6da8b2700e01aa0849fb8597b5929ef09363db
8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9180a94ecd3d5f93f0fb9fcd95a68ec3a9e1decce55694bfb9e5ce6281bdd672
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9fa706b496a7efda991d4e9533d8f1a301c96d6a4a6bc00ae412999bca8aa74c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f850f6dd583d61a69c820edb915eeba945d5d2c9d6608ffca72c6a1efa52d
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a31927b478932197ec428316c623680c86e4212edc1755f953f191e11d34720a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
abc6da98499a0956287db68f0fa75052d147129b99c11d8b17c8c330b2e487a1
ac7c62380a5740bc868ee45406d3192d0548e7b4a76278ac1cf6dad7e83b62b1
ad189b34b14b3359ae907bda1291bd32357e77e7f6359dfe74e0353242959903
b2bedb8d9b818971c16b394180d1decd7e9993d6d6bcc0656637fa4a2e0ef191
b8598e81e252cd45a981c5c354adc46b8d5d37886524e6476e817f9942b544b4
b9e67b8aa737ee25d9afa29a6d7ffb395d2390167df4ac9c8e22c23bd372f30d
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c13a5f077929e3d5fc5ce7de624148aa89b569a6af86a978c7c5875ef389de72
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbaf8db9fb6736bbc170f4dddd517fe357d013ffc93619533ddc0f70e31104f4
ccd6d32e24ec18ac811591d6cf517a2199da6c29afe460cc3b251cf76eef7f10
ce16ba482ca225565e65d98c1a2b78ed5abe790df147fd42743091df99f8244f
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf77c84399e9331f97beefa9e20ac320b53b30aeeb27aa0001ec2c3ad2d8efc0
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
d5e6eaff8cc7c79344d2c4301e16e8f925c0675caa13da53c61303f188d94f5d
d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e472cb38984a59897b0d311f3fb0df55772b0ecf60f353035dac87e179c0799d
eb19bdbb8b9d5e43ed2b6c6ca6090d31767a6c7ec0b47ddf49317c450f826624
eb9c5beea4d852ffdd9e185d5df7e9edb11f3e68aa8cb3b0c909911b189f9579
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
fc168c638e5100e78d92f788ab0e1119353fb2cff24ccbbabd5fced1b9af4b8b
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da

www.herald-dispatch.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

113 Requests

99 %HTTPS

66 %IPv6

23 Domains

34 Subdomains

36 IPs

4 Countries

1705 kBTransfer

4175 kBSize

13 Cookies

30 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.herald-dispatch.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

99 %
HTTPS

66 %
IPv6

23
Domains

34
Subdomains

36
IPs

4
Countries

1705 kB
Transfer

4175 kB
Size

13
Cookies

113 HTTP transactions
7 data transactions