www.heraldnet.com Open in urlscan Pro
104.198.41.198 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-...
Submission Tags: falconsandbox
Submission: On December 26 via api (December 26th 2021, 5:02:52 pm UTC) from US — Scanned from DE

Summary HTTP 216 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 43 domains to perform 216 HTTP transactions. The main IP is 104.198.41.198, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.heraldnet.com.
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.

This is the only time www.heraldnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.198.41.198 104.198.41.198	15169 (GOOGLE) (GOOGLE)
35	108.161.188.228 108.161.188.228	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	23.20.239.123 23.20.239.123	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.127 143.204.98.127	16509 (AMAZON-02) (AMAZON-02)
5	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:5400:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.81 143.204.98.81	16509 (AMAZON-02) (AMAZON-02)
1 1	13.251.191.176 13.251.191.176	16509 (AMAZON-02) (AMAZON-02)
2	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
8	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	104.111.214.80 104.111.214.80	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
12	54.243.105.187 54.243.105.187	14618 (AMAZON-AES) (AMAZON-AES)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	143.204.98.122 143.204.98.122	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.101 143.204.98.101	16509 (AMAZON-02) (AMAZON-02)
8	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	44.231.152.142 44.231.152.142	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
3 13	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	34.195.91.69 34.195.91.69	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.38 143.204.98.38	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4019:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	104.111.233.227 104.111.233.227	16625 (AKAMAI-AS) (AKAMAI-AS)
6	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1	84.17.46.51 84.17.46.51	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	143.204.98.57 143.204.98.57	16509 (AMAZON-02) (AMAZON-02)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	75.2.13.80 75.2.13.80	16509 (AMAZON-02) (AMAZON-02)
216	55

1 104.198.41.198 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 198.41.198.104.bc.googleusercontent.com

www.heraldnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 108.161.188.228 (United States)

ASN33438 (HIGHWINDS2, US)

2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.239.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-239-123.compute-1.amazonaws.com

everett-tpweb.newsengin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-127.fra50.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-81.fra50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.251.191.176 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-191-176.ap-southeast-1.compute.amazonaws.com

go.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

b2cdn.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-80.deploy.static.akamaitechnologies.com

www.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.243.105.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-105-187.compute-1.amazonaws.com

soundpublishing.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-101.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap4ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.231.152.142 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-152-142.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.91.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-91-69.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-38.fra50.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.51 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-51.cdn77.com

cheqzone.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-57.fra50.r.cloudfront.net

plugins.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.63.165 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signal-metrics-collector-beta.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	netdna-ssl.com 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com	598 KB
21	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	146 KB
17	blueconic.net cdn.blueconic.net soundpublishing.blueconic.net plugins.blueconic.net	496 KB
13	gstatic.com fonts.gstatic.com	265 KB
11	googlesyndication.com a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	61 KB
10	lijit.com ap.lijit.com gslbeacon.lijit.com vap4ams1.lijit.com pxdrop.lijit.com	26 KB
10	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mv.outbrain.com mcdp-nydc1.outbrain.com	120 KB
9	google-analytics.com www.google-analytics.com	20 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	59 KB
8	googletagmanager.com www.googletagmanager.com	344 KB
7	google.com adservice.google.com www.google.com	1 KB
6	google.de adservice.google.de www.google.de	2 KB
6	userway.org cdn.userway.org api.userway.org	31 KB
6	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com signal-beacon.s-onetag.com connect-metrics-collector.s-onetag.com signal-metrics-collector-beta.s-onetag.com	22 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
4	facebook.net connect.facebook.net	195 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	41 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	45 KB
3	facebook.com www.facebook.com	310 B
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	23 KB
3	automatad.com 1 redirects go.automatad.com b2cdn.automatad.com	88 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	awin1.com www.awin1.com	1 KB
2	medialead.de 2 redirects pv.medialead.de	2 KB
2	googletagservices.com www.googletagservices.com	63 KB
2	onesignal.com cdn.onesignal.com	71 KB
1	2mdn.net s0.2mdn.net	577 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	adsrvr.org match.adsrvr.org	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	535 B
1	mathtag.com 1 redirects sync.mathtag.com	862 B
1	ad-server.eu ad-server.eu	312 B
1	media01.eu pb.media01.eu	630 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	b-cdn.net cheqzone.b-cdn.net	1019 B
1	accuweather.com www.accuweather.com	964 B
1	jwplayer.com cdn.jwplayer.com	39 KB
1	newsengin.com everett-tpweb.newsengin.com	2 KB
1	heraldnet.com www.heraldnet.com	26 KB
0	newzware.com Failed everettweb.newzware.com Failed everett.newzware.com Failed
216	43

	Domain	Requested by
35	2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com	www.heraldnet.com 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
13	fonts.gstatic.com	fonts.googleapis.com
12	soundpublishing.blueconic.net	cdn.blueconic.net www.heraldnet.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.heraldnet.com
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com www.heraldnet.com
8	www.googletagmanager.com	www.heraldnet.com www.googletagmanager.com
6	www.google.com	www.heraldnet.com a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
6	stats.g.doubleclick.net	www.google-analytics.com
6	ap.lijit.com	get.s-onetag.com ap.lijit.com www.heraldnet.com
5	pagead2.googlesyndication.com	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.de	www.heraldnet.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	hal90005.redintelligence.net	1 redirects a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com hal90005.redintelligence.net
4	hal9000.redintelligence.net	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com hal90005.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	tpc.googlesyndication.com	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	plugins.blueconic.net	cdn.blueconic.net soundpublishing.blueconic.net plugins.blueconic.net
4	c.amazon-adsystem.com	2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com c.amazon-adsystem.com
4	connect.facebook.net	www.heraldnet.com connect.facebook.net soundpublishing.blueconic.net
4	cdn.userway.org	www.heraldnet.com cdn.userway.org
4	widgets.outbrain.com	www.heraldnet.com widgets.outbrain.com
3	mcdp-nydc1.outbrain.com	widgets.outbrain.com
3	www.facebook.com	www.heraldnet.com connect.facebook.net
3	log.outbrainimg.com	widgets.outbrain.com
2	c1.adform.net	2 redirects
2	www.awin1.com	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	googleads.g.doubleclick.net	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com www.heraldnet.com
2	vap4ams1.lijit.com	www.heraldnet.com
2	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	obs.cheqzone.com	ob.cheqzone.com www.heraldnet.com
2	www.i.matheranalytics.com	www.heraldnet.com
2	api.userway.org	cdn.userway.org
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	js.matheranalytics.com	1 redirects www.heraldnet.com
2	fonts.googleapis.com	ajax.googleapis.com hal90005.redintelligence.net
2	www.googletagservices.com	www.heraldnet.com a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
2	cdn.onesignal.com	www.heraldnet.com cdn.onesignal.com
2	b2cdn.automatad.com	www.heraldnet.com go.automatad.com
2	ajax.googleapis.com	www.heraldnet.com
1	signal-metrics-collector-beta.s-onetag.com	signal-beacon.s-onetag.com
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	s0.2mdn.net	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
1	match.adsrvr.org	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	ad-server.eu	a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
1	pb.media01.eu	hal90005.redintelligence.net
1	mv.outbrain.com	widgets.outbrain.com
1	cdnjs.cloudflare.com	go.automatad.com
1	cheqzone.b-cdn.net	ob.cheqzone.com
1	odb.outbrain.com	widgets.outbrain.com
1	pxdrop.lijit.com	www.heraldnet.com
1	gslbeacon.lijit.com	ap.lijit.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ob.cheqzone.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.heraldnet.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	www.accuweather.com	www.heraldnet.com
1	go.automatad.com	1 redirects
1	get.s-onetag.com	www.heraldnet.com
1	cdn.jwplayer.com	www.heraldnet.com
1	cdn.blueconic.net	www.heraldnet.com
1	everett-tpweb.newsengin.com	www.heraldnet.com
1	www.heraldnet.com
0	everett.newzware.com Failed	www.heraldnet.com
0	everettweb.newzware.com Failed	2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
216	71

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
www.pnwcareers.com
secure.adpay.com
www.facebook.com
twitter.com
reddit.com
lpost.org
www.jpost.com
www.reckonsoft.org
galleries.parentsdome.com
www.toocool2betrue.com
naploungewear.com
bestofsenior.com
www.farandwide.com
www.outbrain.com
www.instagram.com
www.soundpublishing.com
everettweb.newzware.com
soundpublishing.blueconic.net

Subject Issuer	Validity	Valid
www.heraldnet.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.newsengin.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.accuweather.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-09-16`	a year	crt.sh
cdn.userway.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-05` - `2022-01-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-05` - `2022-01-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
*.cheqzone.com Amazon	`2021-02-21` - `2022-03-22`	a year	crt.sh
obs.cheqzone.com R3	`2021-12-05` - `2022-03-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cert1.a2.atm.aqfer.net R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
b2cdn.automatad.com R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Frame ID: D6BAD1CD9107039D3C1D10105ABAE143
Requests: 164 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Frame ID: EE570C2997B7AFC2DEA15E2AF676EC7F
Requests: 9 HTTP requests in this frame

Frame: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 88692994A80B6E1BF8A8CAEF7CF7A3F6
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=m_658444_63f76412840e4d97ae7b706bf6e3b54e&rand=2912&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&v=1.2
Frame ID: 9B1BA605EB6A3BE59963CCC34DB9AC51
Requests: 1 HTTP requests in this frame

Frame: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3C15BB44E5A4C21F75B8EE8538F8A10
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8686FC81CDC46794C0B011189C9BED58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUVt6eRM9eEXmb-5M_fPsGLE2iDGm-FXZ6AeDsO_YEWJfc-5Ls3adY7UMAWf6n7UHj798Iir7N7uIgw7D53GcLXrkesQxvq0PdZ1df0G8QF540YBV0K9rMdN07nUpz0qtUf_QVwDd9eJWZB0Lvf0RdsJqqlwpfPQsq5LB0PsPzbkS1_7V4
Frame ID: 0ADD6953549094DF7BE6F277F2DFF272
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B519C00ADACA7C6ECC439754CCCF05FA
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92680800132679300710616011820005&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 98A97550485727B4446EBEBFDB86972D
Requests: 1 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d
Frame ID: 7BC0CC24D145FBB0CCB4A5C3162CE996
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2613B26B39D9C811DBDBB5B2B44359FA
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

King Cobra Gummies Reviews (Scam or Legit) - Pros, Cons, Side effects and How It works | HeraldNet.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

216
Requests

92 %
HTTPS

34 %
IPv6

43
Domains

71
Subdomains

55
IPs

9
Countries

2839 kB
Transfer

7729 kB
Size

44
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://www.legacy.com/obituaries/heraldnet/
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.pnwcareers.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/searchresultsdisplay.aspx?p=8895&procid=8e66edb6-0c7e-4555-b6ad-a1f31bdd4720&searchCategory=2287&Asearch=&searchZip=98370&searchDistance=1000&filtercatid=423609,423610,423611,423612,341536
Title: Legal Notices

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?text=King+Cobra+Gummies+Reviews+%28Scam+or+Legit%29+%E2%80%93+Pros%2C+Cons%2C+Side+effects+and+How+It+works+-+https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&title=King+Cobra+Gummies+Reviews+%28Scam+or+Legit%29+%E2%80%93+Pros%2C+Cons%2C+Side+effects+and+How+It+works

Search URL Search Domain Scan URL

URL: http://lpost.org/go/king-cobra-us/
Title: MUST SEE: (SPECIAL SAVINGS) Click Here to Get King Cobra Gummies For an Exclusive Discounted Price

Search URL Search Domain Scan URL

URL: https://www.jpost.com/promocontent/mens-miracle-health-reviews-pros-cons-side-effects-and-how-it-works-685335
Title: health

Search URL Search Domain Scan URL

URL: http://lpost.org/
Title: muscle building

Search URL Search Domain Scan URL

URL: https://www.jpost.com/promocontent/testotin-au-and-uk-reviews-does-testotin-really-work-or-scam-shocking-side-effects-reveals-686947
Title: endurance

Search URL Search Domain Scan URL

URL: https://www.reckonsoft.org/
Title: https://www.reckonsoft.org/

Search URL Search Domain Scan URL

URL: https://galleries.parentsdome.com/celebs-and-others-with-comical-t-shirt-xpd/?utm_source=outbrain&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_name$&utm_content=006b92844d2afdab34a675426368d7d13a&utm_campaign=xpd-ob-eur-d-besttshirt-21.12.21-255-1608_chrome&utm_cpc=$cpc$&utm_template=ajax&obOrigUrl=true
Title: T-Shirts That Went Totally Wrong

Search URL Search Domain Scan URL

URL: https://www.toocool2betrue.com/general-knowledge-quiz/?utm_source=ob-quiz&utm_template=quiz&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_name$&utm_content=0001d1527b8d04b5e3dbba7d73c63a9f93&utm_campaign=tc-ob-de-d-wisdomquiz-21.12.24-7152-quiz_1186_chrome&utm_cpc=$cpc$&obOrigUrl=true
Title: Your IQ Is Over 140 If You Get Even 5/20 On This Quiz

Search URL Search Domain Scan URL

URL: https://naploungewear.com/product-category/holiday-trends/?obOrigUrl=true
Title: Genießen Sie 30% Rabatt | Black Friday Sale Early Access

Search URL Search Domain Scan URL

URL: https://bestofsenior.com/trending/hollywoods-veterans-the-greatest-stars-from-the-golden-age-era-are-still-alive-enjoying-life-in-retirement-ob-lorenzolamas-2?utm_source=outbrain&utm_campaign=006ed596e75c896ff0e5ca8f966d3fab4c&utm_medium=$section_name$__$section_id$&utm_term=%5BPics%5D+Do+you+Remember+Him%3F+This+Is+Him+At+63&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Pics] Do you Remember Him? This Is Him At 63

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/european-countries-ranked-ccef2494f3994077?utm_campaign=rankingeurope-6fa833fec3d845a3&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: We Finally Know Which European Country is the Worst

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeraldNet/

Search URL Search Domain Scan URL

URL: https://twitter.com/everettherald/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/everettherald/

Search URL Search Domain Scan URL

URL: http://www.soundpublishing.com/
Title: Sound Publishing, Inc.

Search URL Search Domain Scan URL

URL: https://everettweb.newzware.com/ss70v2/everett/common/template.jsp?rpage=https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Title: Register today!

Search URL Search Domain Scan URL

URL: https://soundpublishing.blueconic.net/s/3qX?profileid=c79a0c6f-2390-4865-8b17-c973ab895323

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://go.automatad.com/geo/FtSDHt/afihbs.js HTTP 301
https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js

Request Chain 51

https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1582 HTTP 301
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1

Request Chain 173

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcigFg7NAzM8Z8YNwDBOdwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN0kgMf_OW7Wb-jKxJaliws&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN0kgMf_OW7Wb-jKxJaliws%26google_cver%3D1

Request Chain 175

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyNjI3NDA1NDg0NTY1MTM1MA%3D%3D

Request Chain 186

https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH4n9FqDIYaHgAo3MgAf4uJ3IBrXN-YNXzN65q-UM8C4QASDXr51zYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBJQCT9CEK-G4tfWO-nObXIIbFbXPqjqwwcbWoSyOKKqw0LBo2ZB93oszFh4awYj9iCpfb4Fgzw5ci0E93kWTXNV9ccIyQ6knJwJNrOdaRv8OIzbjb_Mdp15mEd1XtbXIe8NYML5p894T0Uv6KbX4u1M4J1uQK-lg0L04MCFP8dzGvGiJJ42HsMl9b00bsDpTBu7fqc3JGarzueWbmNv8GF93Gh1MDXzH3UjU0nwApPCv2DcCw04zhXFhlTE6dKa4vCTFl9-CCb5SYVEMGKgR73ZnZoQPTGwpxwIDrCkh_wYUqXant4EApUppommlZe44qlxobsIcDNnczH4bly-UORDOy7ixMFtDE-E7KDvyqltM0U_TSkTswASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoExuNhU8vxIk5MJCh224phw%26sig%3DAOD64_0mFUoGixKUdDP1KeMKjrMkg4Oxiw%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-BxwZ_Um3NXqqbpxqBd1eO0e5cwZYhh9HOD0sVI_ns9KtGHHZN48OX8B3sMy-T-mRR295yQ6jw2EgNcqHJDc7zqs5e-nJ1q5FT-IXgCSJrqtAPdwskcdbM0s8tkDtS8uVp0vPe66ezsr-vO6n7AnrrCoBeJkA%26cry%3D1%26dbm_d%3DAKAmf-D-OXKr8A6h3pmUwnpwBssr7NiiRgB5_PYg_ScFkER8NTIqqGCqfBTMhFqyfOrzMEsEJZrRPTdpve0_yLs97ByH15n0ORP61HjecyUCY_7P9g0cFcVasu5820G8dHG-z4qvm7s3FQz-bjx1o9lqift_KaZhThOG_M3Kfu5NqS1kFOOOTffZFJRwcYF0axsCh7DCfgt3rnN5lmiO_kGzGjh2d4PSfCDXV3FdEtFvmz3mVc4Rc_vx8FCQmBhJe_8yh1GmXS9DTXoBULyaoAOiIEvIfqbR4faZ7dtHuv-SbFGx2eCTRTZZyVUvryWpl9rxhAqNibxvrGWzm311eCFAV5cNfnfY4i-O0Odb4bjDre1Noy81HjTGctHUqVBmGr6X7-gR_OczdSsw23hpnYWzwqXYVXjZgK3HFZo6dfIrY1S4EoP316HlakNEtrqrV3W_UDysg1EVo2_aeWbkcoHxY-mbl2gCFdAkBukDJx5d0pCeB4ObN_I8kiQhZaDpY2ybeXtdWEfWAzJV2jUgFHYhB1i-Dm4-CjBQoZiQM5tnneQ_04XphAXEqwYxKqbIHM93XCN5TXTK-hRLq6W3B_LspWWOMVm8gA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1382134112614&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH4n9FqDIYaHgAo3MgAf4uJ3IBrXN-YNXzN65q-UM8C4QASDXr51zYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBJQCT9CEK-G4tfWO-nObXIIbFbXPqjqwwcbWoSyOKKqw0LBo2ZB93oszFh4awYj9iCpfb4Fgzw5ci0E93kWTXNV9ccIyQ6knJwJNrOdaRv8OIzbjb_Mdp15mEd1XtbXIe8NYML5p894T0Uv6KbX4u1M4J1uQK-lg0L04MCFP8dzGvGiJJ42HsMl9b00bsDpTBu7fqc3JGarzueWbmNv8GF93Gh1MDXzH3UjU0nwApPCv2DcCw04zhXFhlTE6dKa4vCTFl9-CCb5SYVEMGKgR73ZnZoQPTGwpxwIDrCkh_wYUqXant4EApUppommlZe44qlxobsIcDNnczH4bly-UORDOy7ixMFtDE-E7KDvyqltM0U_TSkTswASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoExuNhU8vxIk5MJCh224phw%26sig%3DAOD64_0mFUoGixKUdDP1KeMKjrMkg4Oxiw%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-BxwZ_Um3NXqqbpxqBd1eO0e5cwZYhh9HOD0sVI_ns9KtGHHZN48OX8B3sMy-T-mRR295yQ6jw2EgNcqHJDc7zqs5e-nJ1q5FT-IXgCSJrqtAPdwskcdbM0s8tkDtS8uVp0vPe66ezsr-vO6n7AnrrCoBeJkA%26cry%3D1%26dbm_d%3DAKAmf-D-OXKr8A6h3pmUwnpwBssr7NiiRgB5_PYg_ScFkER8NTIqqGCqfBTMhFqyfOrzMEsEJZrRPTdpve0_yLs97ByH15n0ORP61HjecyUCY_7P9g0cFcVasu5820G8dHG-z4qvm7s3FQz-bjx1o9lqift_KaZhThOG_M3Kfu5NqS1kFOOOTffZFJRwcYF0axsCh7DCfgt3rnN5lmiO_kGzGjh2d4PSfCDXV3FdEtFvmz3mVc4Rc_vx8FCQmBhJe_8yh1GmXS9DTXoBULyaoAOiIEvIfqbR4faZ7dtHuv-SbFGx2eCTRTZZyVUvryWpl9rxhAqNibxvrGWzm311eCFAV5cNfnfY4i-O0Odb4bjDre1Noy81HjTGctHUqVBmGr6X7-gR_OczdSsw23hpnYWzwqXYVXjZgK3HFZo6dfIrY1S4EoP316HlakNEtrqrV3W_UDysg1EVo2_aeWbkcoHxY-mbl2gCFdAkBukDJx5d0pCeB4ObN_I8kiQhZaDpY2ybeXtdWEfWAzJV2jUgFHYhB1i-Dm4-CjBQoZiQM5tnneQ_04XphAXEqwYxKqbIHM93XCN5TXTK-hRLq6W3B_LspWWOMVm8gA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1382134112614&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 189

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=92680800132679300710616011820005&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92680800132679300710616011820005&actionid=731824&produktid=businessgiro&dt_url=

Request Chain 191

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=92680800132679300710616011820005 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 201

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAjApP0xKWJq4hE7s7GlwxU&google_cver=1&google_push=AYg5qPKAKzGshvLlVBDFz5Dy3aJFGcsC72pFv1de9xhM-itvwcscDuMSZofHIPEFXB5DmYWHBbIJXTtIQAZWVbNt9Z-bp9_R938V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKAKzGshvLlVBDFz5Dy3aJFGcsC72pFv1de9xhM-itvwcscDuMSZofHIPEFXB5DmYWHBbIJXTtIQAZWVbNt9Z-bp9_R938V

Request Chain 202

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJnuOlCjBy4FLbbTik0Sxc0&google_cver=1&google_push=AYg5qPLMmWhGJuOzkIdsP_RYUkT15UBeIQd2lDG_0CHDX4l_i224OtX1rvxacC3xs6xEjhWWe7i0m8-FcqQVZvzrkCOsqisxQT0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnuOlCjBy4FLbbTik0Sxc0&google_push=AYg5qPLMmWhGJuOzkIdsP_RYUkT15UBeIQd2lDG_0CHDX4l_i224OtX1rvxacC3xs6xEjhWWe7i0m8-FcqQVZvzrkCOsqisxQT0

Request Chain 205

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOX5aLmwg6U__xxVQfH_LjA&google_cver=1&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlogDE-G1ZF3CUesxm-Xy45nT1-W HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOX5aLmwg6U__xxVQfH_LjA&google_cver=1&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlogDE-G1ZF3CUesxm-Xy45nT1-W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3MDQzMTMxMTk2NzY4NDc0NA&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlogDE-G1ZF3CUesxm-Xy45nT1-W

Request Chain 206

https://onetag-sys.com/sync/i,19/?google_gid=CAESEJNCD1kOCtvg8DWHKz1TQN4&google_cver=1&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp

216 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/ 177 KB
26 KB 512ms
154ms Document
text/html 104.198.41.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.41.198 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.41.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: b72aeddf6a255cc03d3df245b94e4ef343cf9ef0aa8c890bd0ae34c1632d5529

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sun, 26 Dec 2021 17:02:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://www.heraldnet.com/wp-json/>; rel="https://api.w.org/" <https://www.heraldnet.com/wp-json/wp/v2/posts/750676>; rel="alternate"; type="application/json" <https://www.heraldnet.com/?p=750676>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
content-encoding: br

GET
H2 200 marketplace.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/css/ 4 KB
1 KB 39ms
6ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/css/marketplace.css?ver=5.8.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e37ae5d102b6a2a59335bdb9e89df1c3f60ed83f2153dbc5a4bf0b62467f6742

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 16:21:30 GMT
server: NetDNA-cache/2.2
etag: W/"611d338a-1003"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 weather-bug.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/weather-bug/css/ 1 KB
689 B 39ms
6ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/weather-bug/css/weather-bug.css?ver=5.8.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5da32ead21ee2f8124a0e0a6884c9a0b4cf31cdaecd23fde4e527a7cc01b187d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 22:59:08 GMT
server: NetDNA-cache/2.2
etag: W/"611ee23c-4a0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.ui.all.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/ 37 KB
9 KB 43ms
10ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/jquery.ui.all.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-9420"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 epass-css.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/ 3 KB
1 KB 43ms
10ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/epass-css.css?ver=1.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-a20"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 45ms
13ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: NetDNA-cache/2.2
etag: W/"612efc26-13abe"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wpba-frontend.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/ 852 B
653 B 45ms
13ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/wpba-frontend.css?ver=1.3.11
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:20:53 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2f85-354"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foundation.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/ 268 KB
40 KB 49ms
17ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 019e7523bf79cd8616d6d9c155dc0f825241d570951df1c47e2bdb5e9ba99a52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 17:20:58 GMT
server: NetDNA-cache/2.2
etag: W/"61b0e97a-43121"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 site-enhancements.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/ 2 KB
686 B 46ms
14ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/site-enhancements.css?ver=1.0.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a23ad54e71ea0576077799daf152f096364edbafab22410e5180d28d2a82f2b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 18:01:31 GMT
server: NetDNA-cache/2.2
etag: W/"61ba2d7b-689"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/ 2 KB
816 B 46ms
14ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 21:00:20 GMT
server: NetDNA-cache/2.2
etag: W/"59e91264-765"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/ 3 KB
1 KB 46ms
15ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick-theme.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 21:00:20 GMT
server: NetDNA-cache/2.2
etag: W/"59e91264-d28"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 teamplayer-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/ 191 B
358 B 45ms
14ms Stylesheet
text/css 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/teamplayer-theme.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 22:26:56 GMT
server: NetDNA-cache/2.2
etag: W/"59e926b0-bf"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 config.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 28 KB
8 KB 54ms
23ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/config.js?ver=3.5
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 16:58:59 GMT
server: NetDNA-cache/2.2
etag: W/"601ad653-70a2"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 site-min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 47 KB
6 KB 58ms
27ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/site-min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-bc57"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-1.7.2.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 93 KB
33 KB 65ms
34ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-1.7.2.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-1727a"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.ui.core.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 4 KB
2 KB 58ms
27ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery.ui.core.min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-1113"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-ui.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 197 KB
51 KB 71ms
40ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-ui.min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-31480"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 nwJQuery.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 35 B
269 B 61ms
31ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/nwJQuery.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: "5e540ecf-23"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35

GET
H2 200 e-pass-min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 82 KB
13 KB 56ms
26ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/e-pass-min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-146bc"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 134ms
49ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js?ver=2.1.0

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 03:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29478
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Dec 2022 03:12:48 GMT

GET
H2 200 ai-jquery.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ 18 B
252 B 54ms
24ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ai-jquery.js?ver=5.8.2+2.5.10
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
last-modified: Wed, 08 Jan 2020 21:04:07 GMT
server: NetDNA-cache/2.2
etag: "5e1643c7-12"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18

GET
H2 200 hb-amzn-uam.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/ 3 KB
1 KB 6ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:21:38 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2fb2-c02"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 picturefill.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/app/ 12 KB
5 KB 60ms
30ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/app/picturefill.min.js?ver=1630604373
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 17:39:33 GMT
server: NetDNA-cache/2.2
etag: W/"61310c55-2e37"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/ 86 KB
15 KB 60ms
30ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/slick.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 20:59:37 GMT
server: NetDNA-cache/2.2
etag: W/"59e91239-15986"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 header.js Show response
everett-tpweb.newsengin.com/tpweb/web/js/ 4 KB
2 KB 318ms
96ms Script
application/javascript 23.20.239.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://everett-tpweb.newsengin.com/tpweb/web/js/header.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.239.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-239-123.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
x-cacheable: YES
age: 0
x-cache: HIT
x-unsetcookies: TRUE
content-length: 1290
access-control-allow-origin: *
last-modified: Fri, 21 Feb 2020 17:23:59 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "f9e-59f1949826d94-gzip"
vary: Accept-Encoding
x-varnish: 18698998 16738684
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=60
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 teamplayer-local.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/ 679 B
540 B 60ms
31ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/teamplayer-local.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 22:29:27 GMT
server: NetDNA-cache/2.2
etag: W/"59e92747-2a7"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 13 KB
14 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.8.2

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:37:51 GMT
x-content-type-options: nosniff
age: 570261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13313
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Dec 2022 02:37:51 GMT

GET
H2 200 webfontloader.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 146 B
369 B 59ms
30ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/webfontloader.js?ver=1.0.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2017 01:34:13 GMT
server: NetDNA-cache/2.2
etag: W/"598bb815-92"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 opencomments.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 268 B
461 B 55ms
26ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/opencomments.js?ver=1.0.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 40e0b1381eb74784690a674838c4139c0006221c5d2d0d8be4563a33f55ccbc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 10 Jan 2018 21:10:37 GMT
server: NetDNA-cache/2.2
etag: W/"5a56814d-10c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 marketplace.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/js/ 5 KB
2 KB 6ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/js/marketplace.js?ver=5.8.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1005bca21c89da6ce6b0bcd2bd9b92fe36ca91ead2959713659e8ff176692243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 00:16:32 GMT
server: NetDNA-cache/2.2
etag: W/"61b29c60-12f0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 soundpublishing.js Show response
cdn.blueconic.net/ 133 KB
40 KB 52ms
13ms Script
text/javascript 143.204.98.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/soundpublishing.js

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-127.fra50.r.cloudfront.net

Software

- /

Resource Hash

75a7ad349db3a814199ccc5068f587c74a57cb2a0b546c65b75867ccb7846949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-length: 40555
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Nov 2021 09:35:49 GMT
server: -
etag: "21518-5d1fe485913e8-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
accept-ranges: none
x-robots-tag: noindex, nofollow
x-amz-cf-id: byZHazPYB4AgJaAtNzLkDhp4mPBYQ-sINr8WBu00RCz7FnrXiEg9-w==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 190 KB
66 KB 51ms
14ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 492f550571d56be47a3b01d0bd0a72669f2d23b7f2d664c9e99f8e358b606df9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 14:13:17 GMT
etag: "1d-X6xMrLlRrrirDlzUmmiv8smsv7o"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 8215bfaca3fe05b382db8213d843488f
timing-allow-origin: *, *
content-length: 67311

GET
H2 200 NOZVn4NA.js Show response
cdn.jwplayer.com/libraries/ 115 KB
39 KB 57ms
10ms Script
text/javascript 2600:9000:2156:5400:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f409cfdd3e7f1f2fca32014f725291a5f2420388e3944811cc8c1508664cd526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:00:15 GMT
content-encoding: gzip
server: openresty
age: 117
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: FRA50-C1
content-length: 39141
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-id: pRGB7K6y9KAL-fbfHLpaur-LB93TS7VaqR3sJ-FWAnPzqLlhT7CQhw==
expires: Sun, 26 Dec 2021 17:02:45 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/ 30 KB
10 KB 44ms
16ms Script
text/javascript 143.204.98.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-81.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xj57ez3UnPy2eN1qoVkw.LFL15QiNFIp
content-encoding: gzip
last-modified: Thu, 23 Jul 2020 20:40:43 GMT
server: AmazonS3
age: 59
etag: W/"520479fb1242c9257060bcec5558c41d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
date: Sun, 26 Dec 2021 17:01:14 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GLJlDnPOupC2znap09p8i6aHOmy4s-hO9-CqlQdtBitzRMRB83sX9w==

GET
H2

200

afihbs.js Show response
b2cdn.automatad.com/geo/FtSDHt/all-geo-W/
Redirect Chain

https://go.automatad.com/geo/FtSDHt/afihbs.js
https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js

61 KB
19 KB

396ms
346ms

Script
application/javascript

89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: f60ef9cc9b3157523ad9600ff55fc8f73edb1c7060e3d0546143a73445e1cab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
x-openstack-request-id: txaca9c378800c4040ac0f8-0061c09413
cdn-edgestorageid: 756
access-control-allow-origin: *
x-iplb-instance: 28795
cdn-cachedat: 12/26/2021 07:00:09
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: txaca9c378800c4040ac0f8-0061c09413
server: BunnyCDN-DE1-756
x-timestamp: 1640010505.08150
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 20 Dec 2021 14:28:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F1:F651_8E2CE366:01BB_61C09413_9E84EA4:12519
vary: Accept-Encoding
x-object-meta-mtime: 1639660296.495317024
cdn-cache: REVALIDATED
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: fad2588f554f6fa244f8a2730efde21d
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Sun, 26 Dec 2021 17:02:13 GMT
server: nginx/1.17.8
content-type: text/html; charset=utf-8
location: https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
cache-control: no-cache
x-automatad-country: DE
content-length: 93
expires: Sun, 26 Dec 2021 17:02:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 176ms
87ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52608-71

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68d2c0ed484a1d37e57aaff3fc3c6fd18dadca4ae60a67841944bd3e06878c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36227
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:02:12 GMT

GET
H2 200 22.svg
www.accuweather.com/images/weathericons/ 2 KB
964 B 57ms
13ms Image
image/svg+xml 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.accuweather.com/images/weathericons/22.svg

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-80.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

8d3336501c36830245727d0dede9e8b445a8959df4706d3673e4ab83b486e935

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 11:12:19 GMT
server: Akamai Resource Optimizer
etag: "0d6558a64e48a5d51422d3356e57aab2:1640104140.566172"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
cache-control: max-age=58746
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 665
expires: Mon, 27 Dec 2021 09:21:18 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 45ms
6ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4a7a5ef5d25666ae59b20ada23014e98fe70dea480358710a77bd81db29e05fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 26 Dec 2021 17:02:12 GMT
via: 1.1 14ece26b907b2b297edda8cd1de9a9b4.cloudfront.net (CloudFront)
x-77-nzt-ray: HsWXVYw8330=
age: 180
x-77-cache: HIT
x-cache: HIT
x-age: 3589
content-encoding: br
x-77-nzt: AcO1rgWuYYX/BQ4AAA==
x-accel-expires: @1640538143
last-modified: Thu, 23 Dec 2021 13:56:37 GMT
server: CDN77-Turbo
etag: W/"3d06935d8ed5dbdb779000ea4f4b7f8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: _gHO9WFTttW3WScTk2GYj3DVBBSNmgowenK_8sHc3wL0flTslxAaeQ==

GET
H2 200 marketplace-dofollow.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 206 B
404 B 8ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/marketplace-dofollow.min.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7505468536f0cc99279960b2e9380a1da3b766dbe27440f3562be6e974512e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 17:23:34 GMT
server: NetDNA-cache/2.2
etag: W/"60c8e216-ce"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 epass.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 3 KB
1 KB 6ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/epass.js?ver=2.5
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 22:10:31 GMT
server: NetDNA-cache/2.2
etag: W/"5f46ddd7-dda"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foundation.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 963 KB
263 KB 10ms
10ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/foundation.js?ver=2.9.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2017 04:14:29 GMT
server: NetDNA-cache/2.2
etag: W/"59cc7725-f0b74"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tag-styles.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/custom/ 2 KB
954 B 6ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/custom/tag-styles.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4ed55f464aa6a905c3dc6939c5629f1f323d447483590e754141ddec2e4e2208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 20:13:13 GMT
server: NetDNA-cache/2.2
etag: W/"618d7959-6bd"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.sonar.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/ 1 KB
969 B 7ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:22:17 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2fd9-580"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lazy-load.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/ 902 B
707 B 6ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:22:17 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2fd9-386"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
1016 B 6ms
6ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: NetDNA-cache/2.2
etag: W/"5ff5d754-592"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 52ms
21ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1948
etag: W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6c3be0226a2c42d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Dec 2021 17:02:12 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 137ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1082 / 59 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Dec 2021 17:02:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53fa0591d078af65c8c73d78ec878814209daca682d6e46430bd4c2176843ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 17:02:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 17:02:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Dec 2021 17:02:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
32 KB 135ms
47ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b580a3edf95098323b88af12179875d5a66ca6a5601f98219fdec26dcd76daf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32635
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:02:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
45 KB 219ms
131ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBNW4C

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e030d1964809c1476b7db565c4409882e961f511b663296bf2469085d7c73ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45885
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:02:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
39 KB 198ms
110ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWBBMFL

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a111fa94efec09bb5ab257e3f8bd5d3224cdd0b4a1a6ff05afa99f7bf36cfc5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39746
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:02:12 GMT

POST
H2 200 761 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 67 KB
12 KB 407ms
197ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-12-26T17%3A02%3A12%2B00%3A00&ts=1640538132820

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

dbee11a8d6310b0858a2ed0ba5063f056dcc41309b38b752d0ec96cc7f50e03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 11728
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma13246/715673500/2/
Redirect Chain

https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1582
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js

140 KB
41 KB

17ms
16ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 21:26:13 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 20:56:34 GMT
server: nginx
age: 70560
etag: "a1715eaf03a833c065ff7e0c37e0c3ec"
vary: Accept-Encoding
x-cache: HIT Mon, 15 Mar 2021 15:20:27 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
content-length: 41569

Redirect headers

date: Sun, 26 Dec 2021 17:02:12 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 7-gc-euw1-10921

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: zG935hVnpMhau9Ax3zzahXHuD8J7/Wid7qgpdE9Ksntn7QZV/Hbv8q9rxRjKnwEjU85cC3GIlZ0NaBcmImGO2A==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 26 Dec 2021 17:02:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET jquery.ui.all.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/ 0
0

GET
H2 200 widget_app_base_1640267709589.js Show response
cdn.userway.org/widgetapp/2021-12-23/ 99 KB
27 KB 15ms
15ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2021-12-23/widget_app_base_1640267709589.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e9984a87719f16bd8d776cdd24a5047dbd98549c078752e1c58ffa57fabd563e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 26 Dec 2021 17:02:12 GMT
via: 1.1 ec354e6d520d6c5c48f3933476169123.cloudfront.net (CloudFront)
x-77-nzt-ray: XakrwxflBYg=
age: 171
x-77-cache: HIT
x-cache: HIT
x-age: 270078
content-encoding: br
x-77-nzt: AcO1rgWns2L//h4EAA==
x-accel-expires: @1666188054
last-modified: Thu, 23 Dec 2021 13:56:36 GMT
server: CDN77-Turbo
etag: W/"0f18b1ac9b6314749cc68e9a577ddf95"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: YBKnBgfRPBU5lu0HJ29CyOIv1zeg7opFHUUBC3qic63IdcTJ2-MhLw==

GET
H2 200 fontawesome-webfont.woff2
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/ 75 KB
76 KB 19ms
6ms Font
font/woff2 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:12 GMT
last-modified: Tue, 19 Sep 2017 19:17:53 GMT
server: NetDNA-cache/2.2
etag: "59c16d61-12d68"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 29ms
11ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 1VMHT6PH2T028HVC5PP6
etag: 1e39d25f07f5619925357b752ab10d04
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Sun, 26 Dec 2021 17:02:13 GMT
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mp8HjUkr_VVyfdRTe62IvWmcpuZifvG540KAs1fAryBklV5a-QMBXQ==

GET
H2 200 27582026_web1_M1-EDH-20211220-1280xwide-king-1200x814.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/ 47 KB
47 KB 394ms
394ms Image
image/jpeg 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/27582026_web1_M1-EDH-20211220-1280xwide-king-1200x814.jpg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9310328a2452fb4b9e16e3d9d93ea6c7cb9dc794372c30cad57e71ae2dcae031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
last-modified: Mon, 20 Dec 2021 18:45:10 GMT
server: NetDNA-cache/2.2
etag: "61c0cf36-bb25"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 47909
expires: Tue, 25 Jan 2022 17:02:13 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 179ms
93ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 21:33:16 GMT
x-content-type-options: nosniff
age: 329337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 21:33:16 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 123ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 184211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:52:02 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 224ms
142ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:18:02 GMT
x-content-type-options: nosniff
age: 186251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:18:02 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 249ms
167ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 07:59:11 GMT
x-content-type-options: nosniff
age: 464582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 07:59:11 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 187ms
108ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 21:34:12 GMT
x-content-type-options: nosniff
age: 329281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 21:34:12 GMT

GET 80.png
everett.newzware.com/newzlib/images/milky-icons/48/ 0
0

GET 23.png
everett.newzware.com/newzlib/images/milky-icons/48/ 0
0

GET 84.png
everett.newzware.com/newzlib/images/milky-icons/48/ 0
0

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 25ms
24ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2274
etag: W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6c3be0238e3e42d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 29 Dec 2021 17:02:13 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 39ms
13ms Fetch
application/json 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 01:13:46 GMT
via: 1.1 e026b2802d48048e9935caadbecf124f.cloudfront.net (CloudFront), 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
age: 56907
x-amzn-requestid: 7ada7028-98ff-43fc-98ee-1301830be819
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: K7s3tHLwCYcFazA=
content-length: 555
x-amz-cf-id: KuBs9itEKrrRMyaB_ZpoCPGfI7IJprc7Kp_Gv8ARK0OQvCgf6XqhZQ==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 45ms
7ms Script
application/javascript 143.204.98.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-101.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding: gzip
etag: W/"ea838863b2b3bf40d1353c99808a5464"
last-modified: Tue, 09 Nov 2021 13:26:48 GMT
server: AmazonS3
age: 17608
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 26 Dec 2021 12:08:46 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: caHb3qKRYRsIRrvf3PNXdy54vDwWx9k4E5oJJa3QcxLYGq3w1r3pcw==

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame EE57 5 KB
3 KB 56ms
18ms Script
text/javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:13 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"6197f1ea-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap4ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 HEcDOP2vLC Show response
api.userway.org/api/tunings/ 740 B
690 B 526ms
172ms XHR
application/json 44.231.152.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/HEcDOP2vLC
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-12-23/widget_app_base_1640267709589.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.152.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-152-142.us-west-2.compute.amazonaws.com
Software: _ / Express
Resource Hash: 923969486b2242bb7449b16b467caeab3779a575b5df2cc5649a5c7a0c0d6968

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
etag: W/"2e4-v0ViP1nWGNdO6bFKYLR00/0M8B4"
server: _
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-headers: *
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H3 200 869459273124027 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 719ms
708ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/869459273124027?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25f5fd6b5533a85ebb55c3eed769b20e97d8804a8c15128dba1d3130ba6c572d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: WEtYYl/XTupKRCuRMshFsXOnC9ZGrt5nnZ+H3QGH//02PdyP/GOY7UDK8E9tQP0oiyXgc24qcTnFIj/cW5N+GA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 26 Dec 2021 17:02:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 169ms
162ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 21:39:33 GMT
x-content-type-options: nosniff
age: 328960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19780
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 21:39:33 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
20 KB 178ms
171ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 22:03:09 GMT
x-content-type-options: nosniff
age: 327544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19900
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:23:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 22:03:09 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 139ms
132ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 21:15:30 GMT
x-content-type-options: nosniff
age: 503203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 21:15:30 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 162ms
156ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 10:02:14 GMT
x-content-type-options: nosniff
age: 370799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 10:02:14 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 156ms
150ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 04:13:52 GMT
x-content-type-options: nosniff
age: 218901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 04:13:52 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 127ms
121ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 18:06:39 GMT
x-content-type-options: nosniff
age: 341734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 18:06:39 GMT

GET
H/1.1 200
OK d3d3LmhlcmFsZG5ldC5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
460 B 50ms
8ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmhlcmFsZG5ldC5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:13 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=700
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 4167996a9e03536901c27c92d73e3359
Content-Length: 15
Expires: Sun, 26 Dec 2021 17:13:53 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 20ms
12ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=8.435822918838474
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 25 Jan 2022 17:02:13 GMT

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 156ms
49ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 210 B
765 B 150ms
45ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6bdfc740b06cd2d5bc3ec9f95a41dd58a94f97c3f763b6c4595449992501c974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 128ms
81ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2WM1N458VT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

465e024329bc0144c51602b79b83d38b331f6cf0406c29ab178a0d3c7abbe34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62351
x-xss-protection: 0
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 13ms
12ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldnet.com&pubid=f4e5f220-2efc-45a1-869f-0b293f8aec73
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 13:54:17 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server: Server
age: 11275
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.heraldnet.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WrlnGdrk9gPhSDJjplD-B6AOLvzmWEI7h8b1eUgwE5wsLBT4R40OLQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
494 B 56ms
55ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&pid=IJsTwNdbGBSfm&cb=0&ws=1600x1200&v=7.71.1&t=3000&slots=%5B%7B%22sd%22%3A%22div-gpt-2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit2%22%7D%2C%7B%22sd%22%3A%22div-gpt-3%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit3%22%7D%2C%7B%22sd%22%3A%22div-gpt-4%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit4%22%7D%2C%7B%22sd%22%3A%22div-gpt-5%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit5%22%7D%2C%7B%22sd%22%3A%22div-gpt-6%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit6%22%7D%2C%7B%22sd%22%3A%22div-gpt-7%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit7%22%7D%2C%7B%22sd%22%3A%22div-gpt-8%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit8%22%7D%2C%7B%22sd%22%3A%22div-gpt-9%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit9%22%7D%2C%7B%22sd%22%3A%22div-gpt-10%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit10%22%7D%2C%7B%22sd%22%3A%22div-gpt-11%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit11%22%7D%2C%7B%22sd%22%3A%22div-gpt-12%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit12%22%7D%2C%7B%22sd%22%3A%22div-gpt-13%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit13%22%7D%2C%7B%22sd%22%3A%22div-gpt-14%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit14%22%7D%5D&pubid=f4e5f220-2efc-45a1-869f-0b293f8aec73&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: TEH4QX9CJ777G1GFHE3J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: E8IeHjwsobDbLB86N07UC-WDDSBwhc68qK4fbao1UA9SYww_C7LDNg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
9ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 44724
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
date: Sun, 26 Dec 2021 04:36:50 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hyQtYlx-BtMupNR_qab77SaGrI0vJDrAUN7iddEle9VjJhSGnbJF1A==

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 425ms
101ms Image
image/gif 34.195.91.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sec=National%20Marketplace&artpubt=1639992600&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&tid=7ca540c3-dd51-462c-93b9-a9554af00ee5&pid=dabee9f2-91df-4b3c-a311-4023ee7580a9&dtm=1640538133144&qnm=_matherq&visible=1&tabid=c7a326ed-6fee-437a-adb1-1569a4a5e7d6&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&vp=1600x1200&ds=1600x6427&tofa=1640538133&vid=1&lvidt=1640538133&duid=8b58e9d65b144fe2&fp=401617179&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0MDUzODEzMTk0OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNC4zbWIiLCJoZWFwVCI6IjE3LjFtYiIsImZzdFBhaW50IjoiMTA0MCIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIyMSIsImNvbm5TIjoiMjEiLCJjb25uRSI6IjM1OCIsInNzbFMiOiIxMzMiLCJyZXF1UyI6IjM1OCIsInJlc3BTIjoiNTEzIiwicmVzcEUiOiI2MDEiLCJkb21Mb2FkIjoiNTE2IiwiZG9tSW50ZXIiOiIxMDM3IiwiZG9tTG9hZFMiOiIxMDQ0IiwiZG9tTG9hZEUiOiIxMDg2In0sImtleXdvcmRzIjpbImhlYWRsaW5lcyJdfQ
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.91.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-91-69.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:13 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 50 KB
19 KB 37ms
9ms Script
text/javascript 143.204.98.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-38.fra50.r.cloudfront.net
Software: /
Resource Hash: c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 11:48:01 GMT
content-encoding: gzip
cheq_headers_order: Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age: 18852
etag: "c6e6-H+PLdQz0EEd97ZlT78HNXlxTPcM"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA50-C1
content-length: 19276
x-amz-cf-id: BAtO1XXUADgn7tfFGRS6wzjKch8y-aoraKvivp84DNzcH4Mngs26CQ==
expires: Sun, 26 Dec 2021 23:48:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109002081-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21144254e21ce5ed9ab373176977eaeeef16387898110f3126b5f2470bc39c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36190
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109002081-7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dd1ed81bf1ddedf84961a3d68896ae3da8acb3e40b214e15bbeb88756c43e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36185
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame EE57 80 KB
18 KB 20ms
20ms Script
text/javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Nov 2021 18:51:37 GMT
Server: nginx
ETag: W/"6197f239-14155"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap4ams1
Expires: Mon, 27 Dec 2021 17:02:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 98ms
97ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BHJYZD7VVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15d79332f2124a2c742cc45c514a2166c4a88ba99cc378a74506aff9c8a29942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62393
x-xss-protection: 0
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBNW4C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5239
date: Sun, 26 Dec 2021 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 26 Dec 2021 17:34:54 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 18ms
18ms Fetch
application/json 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 01:13:46 GMT
via: 1.1 e026b2802d48048e9935caadbecf124f.cloudfront.net (CloudFront), 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
age: 56907
x-amzn-requestid: 7ada7028-98ff-43fc-98ee-1301830be819
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: K7s3tHLwCYcFazA=
content-length: 555
x-amz-cf-id: rUar7nQMglEdIJDJ1iJcPnmrbmJMuC89uyDMVycYH7n1R-wfQ-2UQw==

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame EE57 158 B
535 B 30ms
30ms Script
application/x-javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=658444&tid=28c4aee92238455ab8ccbf67383209e9700188ae&mode=1&dmn=www.heraldnet.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: ee96728875ed264612b6b54b664b86ac398d4fc816394d8b2a5d12e6912c22a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 146

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 6 KB
4 KB 329ms
112ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=03521910129100221192178738108901947972990717917176857286169754566716&nc=0&tsf=0&tsfmi=&pv=0&cb=1640538133364&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=909236769&at=&bid=e30%3D&di=W1siZWYiLDM0NjddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6OSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjM1Nzc1Njc1NTgsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiOCxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJ%0D%0Ad0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0z%0D%0ALCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2ll%0D%0AaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYs%0D%0AIntcIndcIjpbXCIwXCIsXCJjaHJvbWVcIixcInBocF92YXJzXCIsXCJud3ZpZXdwb3J0d2lkdGhc%0D%0AIixcIm53dmlld3BvcnRoZWlnaHRcIixcIm53U2l0ZVwiLFwibndQdWJEYXRlXCIsXCJud1Byb3Rv%0D%0AY29sXCIsXCJud1NlcnZlclwiLFwibndFZGl0aW9uXCIsXCJud1VzZXJDa1N1YnNjcmlwRGF5c1wi%0D%0ALFwibnd1c2VyQ2tEZWZhdWx0RGF5c1wiLFwibndDb250ZW50SWRcIixcIm53RUNvcHlBY2Nlc3Nc%0D%0AIixcIm53RGF5UGFzc0FjY2Vzc1wiLFwibndNZXRlckFjY2Vzc1wiLFwibndNdXN0UmVnaXN0ZXJc%0D%0AIixcIm53TWV0ZXJUaHJlc2hvbGRcIixcIm53TWV0ZXJEZWZhdWx0RGF5c1wiLFwibndDb250ZW50%0D%0AQ2FsbGJhY2tcIixcIm53SWxsZWdhbENoYXJzXCIsXCJud1Bhc3N3b3JkTGVuZ3RoXCIsXCJud0Rv%0D%0ATm9uU3ViQ2hlY2tcIixcIm53U2tpcENvbmZpcm1hdGlvblwiLFwibndUaGVtZVwiLFwidWlWZXJz%0D%0AaW9uXCIsXCJud0xhYmVsQ29sb3JcIixcIm53SW5wdXRGb250U2l6ZVwiLFwibndJbnB1dEZvbnRD%0D%0Ab2xvclwiLFwibndGYWNlYm9va1wiLFwibndHb29nbGVcIixcIm53RGlhbG9nV2lkdGhcIixcIm53%0D%0ARGlhbG9nSGVhZGluZ1wiLFwibndFQ29weVwiLFwibndEYXlQYXNzXCIsXCJud1Rlcm1cIixcIm53%0D%0AV2VsY29tZVwiLFwibndNZXRlclVzZWRcIixcIm53TG9naW5JY29uXCIsXCJud0xvZ2luSW5zdHJ1%0D%0AY3RcIixcIm53TG9naW5JZExhYmVsXCIsXCJud1Bhc3N3b3JkTGFiZWxcIixcIm53QnV0dG9uTG9n%0D%0AaW5cIixcIm53QnV0dG9uQ2FuY2VsXCIsXCJud0J1dHRvblJlZ2lzdGVyXCIsXCJud0ludmFsaWRM%0D%0Ab2dpblwiLFwibndOb1ZhbGlkU3Vic2NyaXBcIixcIm53SW5zdWZmaWNpZW50RnVuZHNcIixcIm53%0D%0ARm9yZ290UGFzc3dvcmRMaW5rVGV4dFwiLFwibndQdXJjaGFzZU9wdGlvbnNIZWFkaW5nXCJdLFwi%0D%0AblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwibmV3c19rZXl3b3Jkc1wi%0D%0ALFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIs%0D%0AXCJ0d2l0dGVyOnRpdGxlXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wi%0D%0AOjAuMDA1NjE3OTc3NTI4MDg5ODg3NX0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxb%0D%0ALTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEy%0D%0AMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxb%0D%0ALTIwLCItIl0sWy0yMSwiOU5LSmFDTlYiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJd%0D%0ALFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxNzEwMDAwMCxcInVqaHNcIjox%0D%0ANDMwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuOCwwLFwiNGdcIixudWxs%0D%0AXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiww%0D%0ALDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjIi%0D%0AXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjQwNTM4MTMzMzExLDBdIl0sWy0zNiwiW1wi%0D%0ANC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDAsMCwx%0D%0ALDAsMjAsMzM3LDI0Myw0MzYsMCwxMDQwLjEsMTE1NiwxMzYyLDEzNjMiXSxbLTM5LCJbXCIyMDAz%0D%0AMDEwN1wiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1%0D%0AZSw4LGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUz%0D%0AIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00%0D%0ANSwiNjIwLDY3OCwwLDAsMCw1NjEsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAs%0D%0AMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxs%0D%0AYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiwxMTBdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A431%2C%22y%22%3A6498%2C%22w%22%3A738%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=ex8OdmTiPQ&sdd=%7B%7D&pto=1418
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e9e164c0f56f9e065122733c07acc0e4d8e2ed04059a4795f4b597dafe04186a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 3547
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e7a4d69c4e782959f4b30130e8d4eb31 Show response
soundpublishing.blueconic.net/plugin/plugin/ 178 KB
43 KB 100ms
100ms Script
text/javascript 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/plugin/plugin/e7a4d69c4e782959f4b30130e8d4eb31

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

ee431f6264a014d21c070d93b3a430932b180c36a588e5683f78a315788c4152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 25 Dec 2021 17:02:13 GMT
server: -
etag: e7a4d69c4e782959f4b30130e8d4eb31
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 43288
x-xss-protection: 1; mode=block
expires: Mon, 26 Dec 2022 17:02:13 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 108ms
60ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2WM1N458VT&gtm=2oec10&_p=1754234682&sr=1600x1200&ul=en-us&cid=180201433.1640538133&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sid=1640538133&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WM1N458VT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame EE57 261 B
846 B 22ms
22ms Script
application/x-javascript 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=658444&tid=m_658444_63f76412840e4d97ae7b706bf6e3b54e&cb=undefined&mode=1&ifr=true&od=www.heraldnet.com&time=17%3A02%3A13&fd=1&be=cr&loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&orig_loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=m_658444_63f76412840e4d97ae7b706bf6e3b54e&iv=ov
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 624aa6236e04c55fdb2aec260b01bd8bef0b0c7234385ce3ba2f7c22320d021d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 212

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=1946984773&gjid=95930528&_gid=1054082608.1640538133&_u=YCDAgAABAAAAAE~&z=1453437006

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:02:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 53ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-48&cid=180201433.1640538133&jid=808855788&gjid=8237890&_gid=1054082608.1640538133&_u=YCDAgAABAAAAAE~&z=1788422069

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:02:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 75ms
59ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1754234682&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user%20status&ea=undefined&el=logged%20out&_u=YCDAAEABAAAAAG~&jid=880217715&gjid=65549474&cid=180201433.1640538133&tid=UA-52608-71&_gid=1054082608.1640538133&_r=1&gtm=2wgc10NBNW4C&z=199582662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
59ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1754234682&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABAAAAAG~&jid=1251514258&gjid=286023384&cid=180201433.1640538133&tid=UA-52608-71&_gid=1054082608.1640538133&_r=1&gtm=2ouc10&cd1=Wire%20Service&cd2=national%20marketplace&cd3=untagged&cd4=post&cd7=December%2020%2C%202021&z=721776681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 68ms
59ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1754234682&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABAAAAAG~&jid=215891154&gjid=1472919448&cid=180201433.1640538133&tid=UA-109002081-1&_gid=1054082608.1640538133&_r=1&gtm=2ouc10&cd1=Wire%20Service&cd2=national%20marketplace&cd3=untagged&cd4=post&cd7=December%2020%2C%202021&z=1818575228

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
60ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1754234682&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABAAAAAG~&jid=766309680&gjid=130934282&cid=180201433.1640538133&tid=UA-109002081-7&_gid=1054082608.1640538133&_r=1&gtm=2ouc10&cd1=Wire%20Service&cd2=national%20marketplace&cd3=untagged&cd4=post&cd7=December%2020%2C%202021&z=796333127

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 56ms
52ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1754234682&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAAB~&jid=1946984773&gjid=95930528&cid=180201433.1640538133&tid=UA-52608-71&_gid=1054082608.1640538133&gtm=2wgc10NBNW4C&z=553479263

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 21:59:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68570
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 56ms
52ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1754234682&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAE~&jid=808855788&gjid=8237890&cid=180201433.1640538133&tid=UA-52608-48&_gid=1054082608.1640538133&gtm=2wgc10NBNW4C&z=1029864920

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 21:59:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68570
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 48ms
47ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BHJYZD7VVN&gtm=2oec10&_p=1754234682&sr=1600x1200&ul=en-us&cid=180201433.1640538133&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sid=1640538133&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.account_status=null
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BHJYZD7VVN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 631ms
244ms Script
application/javascript 2a00:1450:4019:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 143ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 419 B
261 B 128ms
82ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122815843885161&correlator=3481106812479729&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211226&iu_parts=1036994%2Cadunit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x250&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dnational-marketplace%252Cros&cookie_enabled=1&bc=31&abxe=1&lmt=1640538133&dt=1640538133544&dlt=1640538132465&idt=1045&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=106&adks=406828873&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x0&ga_vid=180201433.1640538133&ga_sid=1640538134&ga_hid=1754234682&ga_fc=true&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a36aa89f339f6b9852d95c3b2c794d4afaf198215e2346c572afad1ec1695feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
273 B 124ms
78ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122815843885161&correlator=3481106812479729&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211226&iu_parts=1036994%2CBranded-Series-Sponsor-Custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=150x35%7C320x50&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dnational-marketplace%252Cros&cookie_enabled=1&bc=31&abxe=1&lmt=1640538133&dt=1640538133552&dlt=1640538132465&idt=1045&frm=20&biw=1600&bih=1200&oid=2&adks=309399660&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=180201433.1640538133&ga_sid=1640538134&ga_hid=1754234682&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4c56a8926e42a7a3398f1402214defbb29c37f324b405005cf51b0794232a129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8869 6 KB
4 KB 155ms
43ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 26 Dec 2021 17:02:13 GMT
expires: Mon, 26 Dec 2022 17:02:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 148ms
61ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=1946984773&_u=YCDAgAABAAAAAE~&z=277670535

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
60ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=1946984773&_u=YCDAgAABAAAAAE~&z=277670535

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 40ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=880217715&gjid=65549474&_gid=1054082608.1640538133&_u=YCDAAEABAAAAAG~&z=2039610523

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:02:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 40ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=1251514258&gjid=286023384&_gid=1054082608.1640538133&_u=YCDAAUABAAAAAG~&z=1930117456

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:02:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 37ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-109002081-1&cid=180201433.1640538133&jid=215891154&gjid=1472919448&_gid=1054082608.1640538133&_u=YCDAAUABAAAAAG~&z=458146944

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:02:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 39ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-109002081-7&cid=180201433.1640538133&jid=766309680&gjid=130934282&_gid=1054082608.1640538133&_u=YCDAAUABAAAAAG~&z=1013866796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:02:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content beacon
gslbeacon.lijit.com/ Frame 9B1B 0
0 97ms
31ms Document
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_63f76412840e4d97ae7b706bf6e3b54e&rand=2912&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

Server: nginx
Date: Sun, 26 Dec 2021 17:02:13 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame EE57 6 KB
2 KB 25ms
25ms Script
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=658444&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 682c2814b10748feda9e8cc77459979b9311f6f9bb6da7980dee25b48aa46feb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:13 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap4ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap4ams1.lijit.com/addelivery/ Frame EE57 43 B
552 B 62ms
18ms Image
image/gif 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap4ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=658444&tid=m_658444_63f76412840e4d97ae7b706bf6e3b54e
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:13 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap4ams1.lijit.com/data/ Frame EE57 43 B
206 B 91ms
34ms Image
image/gif 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap4ams1.lijit.com/data/fp?tid=m_658444_63f76412840e4d97ae7b706bf6e3b54e&zoneid=658444&starttime=1640538133240&adcfg=4&adcfg_response=203&addelivery=206&addelivery_response=340&lgfired=342&beacon=343&container=344&EOL=344&ctstart=0&elapsed_ms=344
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:13 GMT
Server: nginx
X-Sovrn-Pod: ad_ap4ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET
H2 200 a5119a293075abbf36ac3a815e282658 Show response
soundpublishing.blueconic.net/plugin/library/ 322 KB
100 KB 100ms
100ms Script
text/javascript 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/plugin/library/a5119a293075abbf36ac3a815e282658

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

899e4acf9ccb79cc4a9644b406a438211f7b2724b60897a6eb50ad94e5330f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 25 Dec 2021 17:02:13 GMT
server: -
etag: a5119a293075abbf36ac3a815e282658
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 101162
x-xss-protection: 1; mode=block
expires: Mon, 26 Dec 2022 17:02:13 GMT

POST
H2 200 LB-Zone-2 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761/ 2 KB
1 KB 201ms
200ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761/LB-Zone-2?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=&bctempid=c79a0c6f-2390-4865-8b17-c973ab895323&overruleReferrer=&time=2021-12-26T17%3A02%3A13%2B00%3A00&ts=1640538133595

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

2789ab54eaa5434a174e531a3da95a09d48346eab3b42165286423408420a3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 884
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 InclementWeather_Digital_EDH.png
soundpublishing.blueconic.net/rest/dialogues/files/70f122fc-74dc-404a-bb9d-1969ef94734e/ 279 KB
280 KB 199ms
199ms Image
image/png 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://soundpublishing.blueconic.net/rest/dialogues/files/70f122fc-74dc-404a-bb9d-1969ef94734e/InclementWeather_Digital_EDH.png

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

81573bb65fe8d27e6daebc7fc5ed82a3df594fdbde4ee299cd162ccf76fd577f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
last-modified: Sat, 25 Dec 2021 17:02:13 GMT
server: -
etag: ad6f94d3b5e7951da300d140641a291b
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: image/png
content-length: 285445
x-xss-protection: 1; mode=block
expires: Mon, 26 Dec 2022 17:02:13 GMT

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame EE57 0
225 B 51ms
7ms Script
text/plain 104.111.233.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=heraldnet.com&GDPR_v2=&pubid=soundpub
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-227.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame EE57 43 B
206 B 28ms
28ms Image
image/gif 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=m_658444_63f76412840e4d97ae7b706bf6e3b54e&zoneid=658444&cid=18&geo=DE&all_tags=248%2C590%2C604&tss=29&fired_tags=590&count=1&status=8%2C1%2C8&elapsed_ms=29
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:13 GMT
Server: nginx
X-Sovrn-Pod: ad_ap4ams1
X-Powered-By: raptor
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 65ms
63ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109002081-1&cid=180201433.1640538133&jid=215891154&_u=YCDAAUABAAAAAG~&z=784175044

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109002081-1&cid=180201433.1640538133&jid=215891154&_u=YCDAAUABAAAAAG~&z=784175044

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 64ms
63ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=880217715&_u=YCDAAEABAAAAAG~&z=813293769

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=880217715&_u=YCDAAEABAAAAAG~&z=813293769

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 64ms
64ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109002081-7&cid=180201433.1640538133&jid=766309680&_u=YCDAAUABAAAAAG~&z=396186200

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-109002081-7&cid=180201433.1640538133&jid=766309680&_u=YCDAAUABAAAAAG~&z=396186200

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 64ms
63ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=1251514258&_u=YCDAAUABAAAAAG~&z=388067818

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=180201433.1640538133&jid=1251514258&_u=YCDAAUABAAAAAG~&z=388067818

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 367ms
85ms XHR
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1640538133654&sessionId=a2b31465-9c7b-a64a-1c21-6bb63e04fe21&url=www.heraldnet.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:13 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 7c5528ebf0bb31ecf3cff57d86c3d022
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 5 KB
3 KB 253ms
226ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&idx=0&rand=93318&key=NANOWDGT01&widgetJSId=TF_5&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=a2b31465-9c7b-a64a-1c21-6bb63e04fe21&fdu=www.heraldnet.com&px=431&py=6913&vpd=5713&cw=738&activeTab=true&darkMode=false&settings=true&recs=true&version=2000548&sig=9NKJaCNV&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee351314b28100da6fd03df3517b21920c13b1df4daa651b1ae2031b332333e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1640538134.694382,VS0,VE111
accept-ranges: bytes
x-served-by: cache-lga21928-LGA, cache-hhn4075-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 9c7d061bdada5bc810cd0889fabedd4d
content-encoding: gzip
content-length: 2246
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nfi.js Show response
cheqzone.b-cdn.net/ 909 B
1019 B 83ms
45ms Script
text/javascript 84.17.46.51
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cheqzone.b-cdn.net/nfi.js?v=3
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.51 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-51.cdn77.com
Software: BunnyCDN-AMS1-766 /
Resource Hash: 2cf765fa7182eb92889cebe519626ea28a7e1c1a701495546774ab5904620320

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
cdn-edgestorageid: 766
cdn-fileserver: 34
cdn-storageserver: DE-51
cdn-cachedat: 2021-08-10 06:55:04
cdn-pullzone: 47782
last-modified: Sun, 02 Feb 2020 11:53:27 GMT
server: BunnyCDN-AMS1-766
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 2642aeaf-0ebf-4c43-9f87-c153981605b2
cache-control: public, max-age=43200
cdn-requestid: 436ad9a94a4d74ddae6de4dd0f0d2ec6
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 345ms
94ms XHR
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1640538133707&sessionId=a2b31465-9c7b-a64a-1c21-6bb63e04fe21&url=www.heraldnet.com&cheqSource=1&cheqEvent=2&responseTime=554
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 38fd0a82acab0b639992b1caa29a847d
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
135 B 105ms
104ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136eeec236e246899e9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e4604259e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c02a0616e96569ae940a6dedc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c3d3eca688b9b51b23f17ce7bcf3285467be8035c1bd10b0414357d35d5e87d4c38681eb923bce6a88deb4df29bb7b2035d679289492c31971d7ba25fb57bdc517952cac7d4418009a62ff439cd0be71f8df78d209f2c3d6dc778d574261fa485852734633cbaf75bf48d8cf896baa9d75f4973ac88ceaff7ac2b9ec53633189e45e54d8f80c4d0dfbe7e525b978cfac05baa76daf3ff360c84e8b56caf469904363f9eed0397c22335c74484154f3b5d9718754e1101d076ae5e5118b854053b9a586fea12b9dafbfbf99eab3e31f1a2ef1469aa41b3bd2003a45c5695c6d7eb427bd7c72c3f7c263837cd4278db72fc8b0119a7a0c3d3d047c1280dde2db386748991e4589cedfbbb2a74f17cda2b76fe2ba6167ca80003668e5839c0733bd23994ddc4fa179ce50a89756a6fe6bbccc9ad8dc0527bafc2920c264ac8dfd&cb=1640538133706&cri=ex8OdmTiPQ
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid_FtSDHt.js Show response
b2cdn.automatad.com/js/ 207 KB
69 KB 134ms
134ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/js/prebid_FtSDHt.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/FtSDHt/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 47595a2b8126e731e601f84664ef31f9fe8a7690b9618d852258b9edcc3c78a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
x-openstack-request-id: tx2ef25a0f3d7f45b6adf3e-0061c0940e
cdn-edgestorageid: 756
access-control-allow-origin: *
x-iplb-instance: 28796
cdn-cachedat: 12/26/2021 18:02:13
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: tx2ef25a0f3d7f45b6adf3e-0061c0940e
server: BunnyCDN-DE1-756
x-timestamp: 1639660093.65967
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Thu, 16 Dec 2021 13:08:14 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F1:6565_8E2CE366:01BB_61C0940E_9E12A2B:1914D
vary: Accept-Encoding
x-object-meta-mtime: 1639660070.84951503
cdn-cache: EXPIRED
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: 04e93793eb9335043c8a5f8b06de6bc8
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sizzle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 19 KB
7 KB 37ms
18ms XHR
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js

Requested by

Host: go.automatad.com
URL: https://go.automatad.com/geo/FtSDHt/afihbs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3360334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6679
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd4-4dc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRs2JGsKrL7uSflXNnkVm15L4wspVHETbtMJu2zQIXL9%2F4eMd1nBgREG6oTWgm7BtMvnWtKwFaGK26VzlG6Q5wjAIP1pbpyKGmEgk4Dk4fouOzyZzjgh3zWv3rfRUUN9FKGqSC6dYuOwiJt9QNXpQsB6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c3be0285ea95c44-FRA
expires: Fri, 16 Dec 2022 17:02:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 31ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=869459273124027&ev=PageView&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&rl=&if=false&ts=1640538133836&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640538133835.1355646525&it=1640538133069&coo=false&rqm=GET

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 26 Dec 2021 17:02:13 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/ 23 KB
9 KB 37ms
8ms Script
text/javascript 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.pack.js
Requested by: Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: - /
Resource Hash: 99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 13:12:45 GMT
content-encoding: gzip
age: 1482568
x-cache: Hit from cloudfront
content-length: 8529
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 12:13:16 GMT
server: -
etag: "5a2b-5c78cfa88ea38-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 2PGygdQD9GlBKvQC_YI8eqoJNFzaV23jFzVUUYmhuGXvlEPXOwZKXA==
expires: Sat, 08 Jan 2022 13:12:45 GMT

POST
H2 200 761 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 2 KB
1 KB 100ms
100ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=c79a0c6f-2390-4865-8b17-c973ab895323&bctempid=&overruleReferrer=&time=2021-12-26T17%3A02%3A13%2B00%3A00&ts=1640538133941

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

63a4574f31b5a78ab49e841647deca48b4f783e79623740d51e03a89a0d58e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 791
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 761 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 246 B
921 B 106ms
106ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=c79a0c6f-2390-4865-8b17-c973ab895323&bctempid=&overruleReferrer=&time=2021-12-26T17%3A02%3A13%2B00%3A00&ts=1640538133951

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

0aeccbcbf2db7b32108a31bcc6e177eac344e1242267a78e2393168127f2025f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 187
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/plugin/e7a4d69c4e782959f4b30130e8d4eb31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fafb414e3dc805097e97f7104088988032dd306bcbcb79b1a355356fbc53a40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xuR3vBjvszUFU5J5ihacnw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 26 Dec 2021 17:07:13 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 0xLyt4CNcnw0sXyW85pcwF2OYUPpWyhVkss1wDhJrcfV/pQg75BdtjScEGm+AhHucy994hYCrQ0umVHKGSugEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e89cf1c917e82d104a1119ed28fce910
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 17:02:13 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "edac45a187d1c58df7a79d100327283f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 761 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 373 B
908 B 110ms
110ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=c79a0c6f-2390-4865-8b17-c973ab895323&bctempid=&overruleReferrer=&time=2021-12-26T17%3A02%3A13%2B00%3A00&ts=1640538133956

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

bd4024805e2b933b59f91c8c38dcf2a7e52131b9893efd22688fa822669ae953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 177
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 761 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 187 B
903 B 103ms
103ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=c79a0c6f-2390-4865-8b17-c973ab895323&bctempid=&overruleReferrer=&time=2021-12-26T17%3A02%3A13%2B00%3A00&ts=1640538133956

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

2312f9a497b6f056018600d10de77a3441a964c6b803c2655326864d32d7fbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 761 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 187 B
899 B 185ms
184ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=c79a0c6f-2390-4865-8b17-c973ab895323&bctempid=&overruleReferrer=&time=2021-12-26T17%3A02%3A13%2B00%3A00&ts=1640538133957

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

86c84acdd4f78d4e0bc7d21db80aa8d0c8092db2aa483e910445dfcb0ad929d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
soundpublishing.blueconic.net/DG/DEFAULT/ 66 B
860 B 181ms
181ms Script
text/javascript 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/cs?bcsessionid=c79a0c6f-2390-4865-8b17-c973ab895323&&callback=bc_json762

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

50a8d4a16cedb5d426a2926e1d43faddfe20f470fc7aff226b14fd2dd76c22b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 143ms
84ms Fetch
application/json 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=501106bb8e7d3fc6eec6c189764aa68e&pvId=501106bb8e7d3fc6eec6c189764aa68e&sid=67480&pid=39028&idx=0&wId=1154&pad=0&org=0&tm=873&eT=0&cnsnt=no_consent&widgetWidth=738&widgetHeight=0&widgetX=431&widgetY=7163&wRV=2000548&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=305&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 988efb77afe597cf8871763dc5b9ffd2
Content-Length: 4
Expires: 0

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000548/module/ 55 KB
19 KB 15ms
15ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000548/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8cfe0731466619f9a97479157471a72c4f2e0f9d668d0bf424972f2a7c7816bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:13 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 09:16:40 GMT
server: AkamaiNetStorage
etag: "76c5d99fbdfd3c65c43a3b3efa77da9c:1640079805.822467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18981
expires: Sun, 26 Dec 2021 21:02:13 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 284 KB
80 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=074c96c4a64cde08e399640b614a7289

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2270b79eaa2dce323e8c984f9f7aae3f1af57f6e74ff3b6e4401c49473022a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.heraldnet.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wl7rU+nwxq14bZ5cFGXQQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Dec 2022 14:03:12 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 81968
x-fb-rlafr: 0
x-fb-debug: CKQg+jHmeDpUBcMPM9V7yUEaJQ1bwj/M6vJ2EBiqG4P1V/8nxnfPNl7jinc7LXx6qOX2UZShJWnkoQOT8MgcdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 236b4c4f06997117804aba06c6fb4a25
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 17:02:14 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7d0dbe0d297ef95e6e57f1791d2bbe3f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 jquery.fancybox.css
plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/ 5 KB
2 KB 8ms
8ms Stylesheet
text/css 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.css
Requested by: Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/plugin/e7a4d69c4e782959f4b30130e8d4eb31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: - /
Resource Hash: 27eb87df8f4eb3164ad81ff266aed79d50a33f6869c249ee27ac80ad0c1e3dc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 20:30:14 GMT
content-encoding: gzip
age: 73992
x-cache: Hit from cloudfront
content-length: 1429
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 12:13:16 GMT
server: -
etag: "13d2-5c78cfa879a48-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 4s4bZ0kNT9siphnA3mD0N4tI15oWwy0GgCpIILPxRBQp0nSmzmZtaQ==
expires: Mon, 24 Jan 2022 20:29:01 GMT

GET
H2 200 lightbox.css
plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/css/ 219 B
597 B 9ms
8ms Stylesheet
text/css 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/css/lightbox.css
Requested by: Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/plugin/e7a4d69c4e782959f4b30130e8d4eb31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: - /
Resource Hash: e4058b846286433d019ff33bb22b2eca434c9d36249df436d5a3c623825674d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 16:34:16 GMT
content-encoding: gzip
age: 88244
x-cache: Hit from cloudfront
content-length: 174
access-control-allow-origin: *
last-modified: Tue, 20 Jul 2021 12:13:15 GMT
server: -
etag: "db-5c78cfa825e70-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: egnivApf7CRgHbGws37ZGB7etgeI8sMvWUED9zItYpRfoYBsvkrMyQ==
expires: Mon, 24 Jan 2022 16:31:29 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
11 KB 258ms
257ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1122815843885161&correlator=638382728793979&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211226&iu_parts=175265624%2Csite%2C300x250&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x250&prev_scp=mod%3Dfi_ap_btf&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dnational-marketplace%252Cros&cookie=ID%3D637d1672775ba1e8-22409ac110cd00df%3AT%3D1640538133%3AS%3DALNI_MZOiUdHyqCzW42k5H8HynuTYDdF2g&bc=31&abxe=1&lmt=1640538133&dt=1640538133995&dlt=1640538132465&idt=1045&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=5850&adks=519793908&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=640x250&msz=300x-1&ga_vid=180201433.1640538133&ga_sid=1640538134&ga_hid=1754234682&ga_fc=true&fws=4&ohw=300&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a032fb39d04535c6f67ed428a79dfa403214d9127a22f47c45430001bb8bca3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10763
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 71 KB
23 KB 521ms
514ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&settings=true&recs=true&widgetJSId=TF_5&key=NANOWDGT01&version=2000548&apv=false&sig=9NKJaCNV&format=html&rand=51975&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NTAxMTA2YmI4ZTdkM2ZjNmVlYzZjMTg5NzY0YWE2OGU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=PfVowGWzvckpjgb74sR5aOPITxZ%2FssJiy%2FifnPf4u0uVUFSJY%2FD2Kc%2BS3vq%2B5CFzvMixqG9ujokofgV2&dpr=1&cw=738&darkMode=false&activeTab=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000548/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bd7ac641ed5df476805a5422302c937ce46c19a2a9885083f5e69782dd2aca61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:14 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1640538134.044906,VS0,VE506
accept-ranges: bytes
x-served-by: cache-lga21938-LGA, cache-hhn4075-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 48fd61a67c1ec7bb2335a08841e7db0e
content-encoding: gzip
content-length: 23319
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 761 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 376 B
1017 B 107ms
106ms XHR
application/json 54.243.105.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/761?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=c79a0c6f-2390-4865-8b17-c973ab895323&bctempid=&overruleReferrer=&time=2021-12-26T17%3A02%3A14%2B00%3A00&ts=1640538134110

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.105.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-105-187.compute-1.amazonaws.com

Software

- /

Resource Hash

25a8e81d786fa99fef99b1c0e020e909b37b3bd080856ccffb83f9c96a841193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 187
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
947 B 7ms
6ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 26 Dec 2021 17:02:14 GMT
via: 1.1 f4d15e906467f56692c7fc70be861e04.cloudfront.net (CloudFront)
x-77-nzt-ray: es3UPXkhTBg=
age: 44
x-edge-origin-shield-skipped: 0
x-cache: HIT
x-age: 7474554
content-encoding: br
x-77-nzt: AcO1rgVRzjj/eg1yAA==
x-accel-expires: @1658983580
last-modified: Thu, 30 Sep 2021 16:45:19 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache: HIT
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: 9_8GXEsy7efdDWMrZdVoKl7Lw10BfgFsXf9-meLQGCQ7F0qurSVJww==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
988 B 7ms
7ms Image
image/svg+xml 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 26 Dec 2021 17:02:14 GMT
via: 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
x-77-nzt-ray: VxetzWsiDzY=
age: 45
x-77-cache: HIT
x-edge-origin-shield-skipped: 0
x-cache: HIT
x-age: 7474553
content-encoding: br
x-77-nzt: AcO1rgW1BiP/eQ1yAA==
x-accel-expires: @1658983581
last-modified: Thu, 30 Sep 2021 16:45:19 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: TRgPlTiXajncpFeaeipHytSlOIZc_jN2tABb9IWZbutImy2u8g3o5w==

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 44ms
34ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1458930781088413&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=074c96c4a64cde08e399640b614a7289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: qCddbG6ACWnqZ0c0ekzfa4WCb87beyBJsFElzkQLIfxH4OPVSftrWwfKTtwNDAq8Q/N5nH9bbP8/z3f5Og3dYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Sun, 26 Dec 2021 17:02:14 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 container.html Show response
a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3C1 6 KB
3 KB 83ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 26 Dec 2021 17:02:13 GMT
expires: Mon, 26 Dec 2022 17:02:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8686 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.heraldnet.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sun, 26 Dec 2021 17:02:14 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0ADD 624 B
733 B 129ms
47ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUVt6eRM9eEXmb-5M_fPsGLE2iDGm-FXZ6AeDsO_YEWJfc-5Ls3adY7UMAWf6n7UHj798Iir7N7uIgw7D53GcLXrkesQxvq0PdZ1df0G8QF540YBV0K9rMdN07nUpz0qtUf_QVwDd9eJWZB0Lvf0RdsJqqlwpfPQsq5LB0PsPzbkS1_7V4

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 26 Dec 2021 17:02:14 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C3C1 24 KB
14 KB 155ms
75ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy00jxV-RQjS0gZmuKha3dG7L-CgR3OTXpE3xzRD4cAAst3z-gflCSmIyx1gstPvKp7cUhR_1lXvv6_ID__vBI8rz-nm40VNWp81UEwP10qQS2HxGrnwSibGIkyKCdU9G37Hs0XXa5slt1Va6Na_MPkm1zdQ&cry=1&dbm_d=AKAmf-D0A5wVlHMjWpSQ2Wmli-QTF8xAMzuPMQA34qG82SOUkwxcRfLFLHd7NcYJkmBJfrLxJR3TG97dwQtXfwcitgbbn89TOHzh3-gX7U2Jjrl9ss5bkrwnQpphLKfEEQ9HytOdN4uG8lG5XS9pcCb9VahPrK2X_RnMcRBWwTaSfs7TMh56GFQg2mA_RgAYG2hgJvAdjl7K_lZ61TjMEsShEzMeiOnhr7POLOfsrUEkbdh7TRHX3GS8ecIxK2CRFJT5Qe2HKVlnes0dl-gO3AyXwEnw3GuE_pQvi4RCBcpVNDbZ643EWkZmzaOI7xQHPjZKs2Phx0bKwublJPEVNF2JivpkkBiH3aRX3_CP8rOLXlCRDBi5AMfBIq-GLeKdRF9df-Dr_ZWlBBBMSLfLeaIZWyNYQDmhxxeHHVtnpNzvtxAvTyIJy0xaGZtD8dFvVfS2ar57poLJsdalimT8nYjLONmNHHK9nugOyaBqFZz-CmUSLbcIlEerUK-VFtyKyl8QEEq2UiW-IfuEbrUDsVMGpK6_gJgoERDpDt4FytJmUOXjnVhWro7vbqgsFhN3F5nVg2w0w2H47TZzresJ08oOUIOrQsDVlMwKS2NqVgSYYMhqUvHUzx-YmjqXdEYlT4zTELdN-XxtHTeF2Jt-lG-Av4Na9mwglJ0odW_ICH1nbHddC85HJLOGQq0zMRh5haeBRXMxiwOmdhfHgtjuGvqsjC9wGFJuWMe9o6Do4knRsR8WPKbXBLFHSVBhp3dMcGWc1uZS9vHcfmtejf_jKV89RMCnCKbGOqnkiJpeWitIevER2WnYNRkF7T7WOOaj2LZbLrvJzwbMzQUNJc6hqZB2BB_nbZ0oJeqhzNAQuNPmvcoHqkM6M6Td99-Dqo1Qe_N2KhWjCR3-mc95JuPhlU_3uYlBLaBmZncnxgDSOszmtekdBQ0J1PVF0LLuPGEtfl_Jxlq43lS-Jl1ALnMsLgYoC7qdFctkptPUqbsdi83tdaHl2Tl_rfXm2OXzon4Z7-roPw6rCdO8kjFmseS41_TdRhzcC0Gh8X2dfDWDxZQQEbx-KRNFn4C9xLASFJ14j731n6cNoMUnMvo26WwuCHMpNGKyg4FZjjgypNojp5K7WoTM_iuAitu4gEwXmIGVzEoYWCx481MKsZzjnImI3gLmX4T7-d2VhQbwgPloWjWBkAsx8rdJkEYmqjYbVGM45JA2Le02wkdP52lWlGKZkhT2TbZF3P7ZWGmYZKEocjWTYZtSRtTDANTvGFU4frG6qnts2-o-nJ7PSRDpetb9bdzcLNzr-gvTCytT5NxwHrs6u_ClRAzDxPsfalddlYy2XFv-l4LCS9fTfkdXtc_n8Az5r5W_QLf2ziC9rOJmxTa5KFiMusQeMLZTOw2lj2USxKiqLTzA1KTxDET-Q5zrqwNDv8MHXBSWu12kdkEYxq_9sfobec004qruOCZVrYr7t5vBFybuB8RUOHUKjayqvGgja6hVqvxP0Ckz6Tyf9rWUa981OoUhfgVzFZPB1q2MQXFS6VQwRmOvx9a1gFvPPVldhKIqlih7WqL3fQYegNuVZBJR0N4Q0EsZirIBq1CaEPwDTnLrA56Wkr1lvDkTgHU1vb0aVeu3qkW8roDHWE-wAK-s2-4eytLDOXqmSCqPe_I6mrpDzPwr5CeoQhYbwfNfGpjP34p-y-2oclnHtYn_OWCjvlbIUDl8k8iPhf_-hXRn1S9obgJbDYR86MXrbNXx33uIfyFYNgarxlqd6V8xmDei0nUulmwIVNcXvtTC0CxTlOfFAPeFSCPwkXBggo9-wwYPJxuq8s1vtufkJuZdsF5uq6mt_ksSDnI-n-c_f89BLCvBhlUZM42cdq_ZH_zkLAw47Zteywfg8KTh6mdHP__gm2inRMm8x8wsgRRzJwMQBuARIPrrKC6vPCBMnlPT1UGcGnuzXfH94Q1w0DtBH7-bVma6Gt78x59laYrpQEsJKDRA8H2XpYhpkQ-bQeUZYbz0L9cLKGy9XfcJznyPO7HRudiQrb5Ne_jjYnGMuDmceR2zwNfwblcLZwzJ1SU1w816yOWhh2clFGA4T_suLD-9zDh8w197TAnEO8H-k0NvmOrC0vo5QNw7IlJbUoIadv-MrUyslQtND9ky9H25-mQMCqPiNPdBsQ9bOgjZ18u2GpjjyydCv7E3qJCbb4Q_gs3bJ1u3xeV2_zlZA5VkTOz7lbPxcqv9Ki1g7Eti1jsgZpayGAE6K4mVLGWRwBM8uOBFCcTiqfconQmAXwDG4eYQ9qhwAAFabOPNO_XPTCjepAPzOdy53Qz_zzRFTNMpXkH8RYxo6rnR10HUFx-xSPysOvsLGgnxHjGDTSY276Tg_FAJXLpYCa7B7kHTnprhOpdwKPPsNvKSmUhs8v6BPRNSdRwdaSksOH1u-OpvH5-gwck0n6mvZN628A6fH50IgpNnj6ZhG6SXCPegBmYnEwV7Is1kFOsLIV6jgUV21TNvSTnC7XWyVojMGDeeMU8u960--U8CjkEY7qJRNzYIOxAZMDRh5MKkpPA85GvBtPFV7up4Z3LwvapfglVT_xoP5Go2svqSlKuiocqddXn8EwlGjE02olWK8QnmwckoxGF5hVbpIq9QJuupssye3Ik8y9X5UsjtNKwP0y0lHqELVQdud5U2xkhoQi82d3vDnTu16EL3HUrvy34r4RMeF4-zixDTw1KieEHYmAqTMk1HiiiojnDLUZ14CRZeO0ckNYYfHKFHYWT-fxhtglFneRDxEWHSAGlk9dmiZt19wEXdRu7by96daMaQrwUmAKcpIPvWJyC5t26LZtifNQhfROGLOPNMg2gbJ9kY-kvid8zSHO_VH88f1MblF24Vb0kjBSgP3aOyN2Q03yGtCW7ROeoPD5a9i79CpNmxjnVqZASeP8XQdADFTsdGnZOa6BwP6cQ4MimVL-FynKQWmCIuJhav2M-u8uxTI8Ij5mJnNANFlx2H9cWzYAsLVDHImULksLsqfQv1sxs5iafksRYNyNU6WmsaEhe3_vlDDQEzklyfDrfRuFLGB0ZQPGpDMd6b_HJXwhgdHmdmAP3I8V_UeCUzPwHiYRKzA6Zm8T1Vr30Lv7YCmJTfWZaKJb7k5of8w4K3nTHLKrcbldwqrkD7urCd3mqkn8ba4jmjPLWUkc3GqIE5NDMwl5hHoRmhWX6j0DpES3iBMvtzV2U5leagNvx0B4pmaHjBzJfkRTHprbEhLtHmLqr-7fWtEo63vAfCCD6rfD6Ts2D8RH6Q0opVilal5QlR3giL-raVNxyTkU3ssKq1rg7I9l-DTR7Tu6MSK6t0K_gynp0LMvGwOxtzoFUxInMkE-7zLIIoF4IK-ycXKcQ2KrwIxczpXXDEWM0TkocjSOmcDTKqJzozXOyasfZ6YSfmiK_K6BGT8cwjv8aZyz8auptpFoxQ59tUssBer4fNZErl3MzNo_QcgJGXTcqjEl4hYxkX8XFqRG0163dJbNNYDgC4PUMfJAJmfnbqCoPrQCYcrdpvG6XOsj_pCaIZcOqvTMcvM4wgvScn1nnN9rBTrucmCyY&cid=CAASEuRoExuNhU8vxIk5MJCh224phw&rfl=1%2Chttps%253A%252F%252Fwww.heraldnet.com%252F%240

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63c645e04eecf22b163125848297bd35ed2a5905c9e203c6adc9c90617a9080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14491
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3C1 42 B
300 B 71ms
69ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dpu67RECvBNz_aTg_6pyrhfTw5IYAXSMgxC1N5wv-0lFcJDt5kN262O-_F6wYC3vxYpwCffqlcB4xLNAYWdUoYdOIKerAU5iOHH97TcEzkhFwMQSg

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C3C1 2 KB
1 KB 50ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 16:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jan 2022 16:58:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3C1 119 KB
36 KB 101ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Dec 2021 17:02:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C3C1 15 KB
7 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jan 2022 17:01:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C3C1 0
0 101ms
50ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZe76OilPnbqDTuoROtNCV_mVmZvXNGx6-e-YDPGKqf5keitP0qu0IvI78NBrBgrIai7D5el418wBvck49qucqBdVSlg
Requested by: Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0ADD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1

43 B
1014 B

34ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUVt6eRM9eEXmb-5M_fPsGLE2iDGm-FXZ6AeDsO_YEWJfc-5Ls3adY7UMAWf6n7UHj798Iir7N7uIgw7D53GcLXrkesQxvq0PdZ1df0G8QF540YBV0K9rMdN07nUpz0qtUf_QVwDd9eJWZB0Lvf0RdsJqqlwpfPQsq5LB0PsPzbkS1_7V4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 26 Dec 2021 17:02:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0ADD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcigFg7NAzM8Z8YNwDBOdwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUVt6eRM9eEXmb-5M_fPsGLE2iDGm-FXZ6AeDsO_YEWJfc-5Ls3adY7UMAWf6n7UHj798Iir7N7uIgw7D53GcLXrkesQxvq0PdZ1df0G8QF540YBV0K9rMdN07nUpz0qtUf_QVwDd9eJWZB0Lvf0RdsJqqlwpfPQsq5LB0PsPzbkS1_7V4
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 26 Dec 2021 17:02:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEYQ_dRl840RHgrIgfyrfVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 0ADD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN0kgMf_OW7Wb-jKxJaliws&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN0kgMf_OW7Wb-jKxJaliws%26google_cver%3D1

43 B
1 KB

55ms
55ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN0kgMf_OW7Wb-jKxJaliws%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUVt6eRM9eEXmb-5M_fPsGLE2iDGm-FXZ6AeDsO_YEWJfc-5Ls3adY7UMAWf6n7UHj798Iir7N7uIgw7D53GcLXrkesQxvq0PdZ1df0G8QF540YBV0K9rMdN07nUpz0qtUf_QVwDd9eJWZB0Lvf0RdsJqqlwpfPQsq5LB0PsPzbkS1_7V4

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f504ae3d-71c9-4ff7-a33a-ec0bb77805ae
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0a908c2e-3bb0-4fe4-8e3f-f9077e4920ad
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEN0kgMf_OW7Wb-jKxJaliws%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0ADD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyNjI3NDA1NDg0NTY1MTM1MA%3D%3D

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyNjI3NDA1NDg0NTY1MTM1MA%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 18493d77-8f16-4216-bb0d-b1d9ae529fd3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIyNjI3NDA1NDg0NTY1MTM1MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame C3C1 24 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy00jxV-RQjS0gZmuKha3dG7L-CgR3OTXpE3xzRD4cAAst3z-gflCSmIyx1gstPvKp7cUhR_1lXvv6_ID__vBI8rz-nm40VNWp81UEwP10qQS2HxGrnwSibGIkyKCdU9G37Hs0XXa5slt1Va6Na_MPkm1zdQ&cry=1&dbm_d=AKAmf-D0A5wVlHMjWpSQ2Wmli-QTF8xAMzuPMQA34qG82SOUkwxcRfLFLHd7NcYJkmBJfrLxJR3TG97dwQtXfwcitgbbn89TOHzh3-gX7U2Jjrl9ss5bkrwnQpphLKfEEQ9HytOdN4uG8lG5XS9pcCb9VahPrK2X_RnMcRBWwTaSfs7TMh56GFQg2mA_RgAYG2hgJvAdjl7K_lZ61TjMEsShEzMeiOnhr7POLOfsrUEkbdh7TRHX3GS8ecIxK2CRFJT5Qe2HKVlnes0dl-gO3AyXwEnw3GuE_pQvi4RCBcpVNDbZ643EWkZmzaOI7xQHPjZKs2Phx0bKwublJPEVNF2JivpkkBiH3aRX3_CP8rOLXlCRDBi5AMfBIq-GLeKdRF9df-Dr_ZWlBBBMSLfLeaIZWyNYQDmhxxeHHVtnpNzvtxAvTyIJy0xaGZtD8dFvVfS2ar57poLJsdalimT8nYjLONmNHHK9nugOyaBqFZz-CmUSLbcIlEerUK-VFtyKyl8QEEq2UiW-IfuEbrUDsVMGpK6_gJgoERDpDt4FytJmUOXjnVhWro7vbqgsFhN3F5nVg2w0w2H47TZzresJ08oOUIOrQsDVlMwKS2NqVgSYYMhqUvHUzx-YmjqXdEYlT4zTELdN-XxtHTeF2Jt-lG-Av4Na9mwglJ0odW_ICH1nbHddC85HJLOGQq0zMRh5haeBRXMxiwOmdhfHgtjuGvqsjC9wGFJuWMe9o6Do4knRsR8WPKbXBLFHSVBhp3dMcGWc1uZS9vHcfmtejf_jKV89RMCnCKbGOqnkiJpeWitIevER2WnYNRkF7T7WOOaj2LZbLrvJzwbMzQUNJc6hqZB2BB_nbZ0oJeqhzNAQuNPmvcoHqkM6M6Td99-Dqo1Qe_N2KhWjCR3-mc95JuPhlU_3uYlBLaBmZncnxgDSOszmtekdBQ0J1PVF0LLuPGEtfl_Jxlq43lS-Jl1ALnMsLgYoC7qdFctkptPUqbsdi83tdaHl2Tl_rfXm2OXzon4Z7-roPw6rCdO8kjFmseS41_TdRhzcC0Gh8X2dfDWDxZQQEbx-KRNFn4C9xLASFJ14j731n6cNoMUnMvo26WwuCHMpNGKyg4FZjjgypNojp5K7WoTM_iuAitu4gEwXmIGVzEoYWCx481MKsZzjnImI3gLmX4T7-d2VhQbwgPloWjWBkAsx8rdJkEYmqjYbVGM45JA2Le02wkdP52lWlGKZkhT2TbZF3P7ZWGmYZKEocjWTYZtSRtTDANTvGFU4frG6qnts2-o-nJ7PSRDpetb9bdzcLNzr-gvTCytT5NxwHrs6u_ClRAzDxPsfalddlYy2XFv-l4LCS9fTfkdXtc_n8Az5r5W_QLf2ziC9rOJmxTa5KFiMusQeMLZTOw2lj2USxKiqLTzA1KTxDET-Q5zrqwNDv8MHXBSWu12kdkEYxq_9sfobec004qruOCZVrYr7t5vBFybuB8RUOHUKjayqvGgja6hVqvxP0Ckz6Tyf9rWUa981OoUhfgVzFZPB1q2MQXFS6VQwRmOvx9a1gFvPPVldhKIqlih7WqL3fQYegNuVZBJR0N4Q0EsZirIBq1CaEPwDTnLrA56Wkr1lvDkTgHU1vb0aVeu3qkW8roDHWE-wAK-s2-4eytLDOXqmSCqPe_I6mrpDzPwr5CeoQhYbwfNfGpjP34p-y-2oclnHtYn_OWCjvlbIUDl8k8iPhf_-hXRn1S9obgJbDYR86MXrbNXx33uIfyFYNgarxlqd6V8xmDei0nUulmwIVNcXvtTC0CxTlOfFAPeFSCPwkXBggo9-wwYPJxuq8s1vtufkJuZdsF5uq6mt_ksSDnI-n-c_f89BLCvBhlUZM42cdq_ZH_zkLAw47Zteywfg8KTh6mdHP__gm2inRMm8x8wsgRRzJwMQBuARIPrrKC6vPCBMnlPT1UGcGnuzXfH94Q1w0DtBH7-bVma6Gt78x59laYrpQEsJKDRA8H2XpYhpkQ-bQeUZYbz0L9cLKGy9XfcJznyPO7HRudiQrb5Ne_jjYnGMuDmceR2zwNfwblcLZwzJ1SU1w816yOWhh2clFGA4T_suLD-9zDh8w197TAnEO8H-k0NvmOrC0vo5QNw7IlJbUoIadv-MrUyslQtND9ky9H25-mQMCqPiNPdBsQ9bOgjZ18u2GpjjyydCv7E3qJCbb4Q_gs3bJ1u3xeV2_zlZA5VkTOz7lbPxcqv9Ki1g7Eti1jsgZpayGAE6K4mVLGWRwBM8uOBFCcTiqfconQmAXwDG4eYQ9qhwAAFabOPNO_XPTCjepAPzOdy53Qz_zzRFTNMpXkH8RYxo6rnR10HUFx-xSPysOvsLGgnxHjGDTSY276Tg_FAJXLpYCa7B7kHTnprhOpdwKPPsNvKSmUhs8v6BPRNSdRwdaSksOH1u-OpvH5-gwck0n6mvZN628A6fH50IgpNnj6ZhG6SXCPegBmYnEwV7Is1kFOsLIV6jgUV21TNvSTnC7XWyVojMGDeeMU8u960--U8CjkEY7qJRNzYIOxAZMDRh5MKkpPA85GvBtPFV7up4Z3LwvapfglVT_xoP5Go2svqSlKuiocqddXn8EwlGjE02olWK8QnmwckoxGF5hVbpIq9QJuupssye3Ik8y9X5UsjtNKwP0y0lHqELVQdud5U2xkhoQi82d3vDnTu16EL3HUrvy34r4RMeF4-zixDTw1KieEHYmAqTMk1HiiiojnDLUZ14CRZeO0ckNYYfHKFHYWT-fxhtglFneRDxEWHSAGlk9dmiZt19wEXdRu7by96daMaQrwUmAKcpIPvWJyC5t26LZtifNQhfROGLOPNMg2gbJ9kY-kvid8zSHO_VH88f1MblF24Vb0kjBSgP3aOyN2Q03yGtCW7ROeoPD5a9i79CpNmxjnVqZASeP8XQdADFTsdGnZOa6BwP6cQ4MimVL-FynKQWmCIuJhav2M-u8uxTI8Ij5mJnNANFlx2H9cWzYAsLVDHImULksLsqfQv1sxs5iafksRYNyNU6WmsaEhe3_vlDDQEzklyfDrfRuFLGB0ZQPGpDMd6b_HJXwhgdHmdmAP3I8V_UeCUzPwHiYRKzA6Zm8T1Vr30Lv7YCmJTfWZaKJb7k5of8w4K3nTHLKrcbldwqrkD7urCd3mqkn8ba4jmjPLWUkc3GqIE5NDMwl5hHoRmhWX6j0DpES3iBMvtzV2U5leagNvx0B4pmaHjBzJfkRTHprbEhLtHmLqr-7fWtEo63vAfCCD6rfD6Ts2D8RH6Q0opVilal5QlR3giL-raVNxyTkU3ssKq1rg7I9l-DTR7Tu6MSK6t0K_gynp0LMvGwOxtzoFUxInMkE-7zLIIoF4IK-ycXKcQ2KrwIxczpXXDEWM0TkocjSOmcDTKqJzozXOyasfZ6YSfmiK_K6BGT8cwjv8aZyz8auptpFoxQ59tUssBer4fNZErl3MzNo_QcgJGXTcqjEl4hYxkX8XFqRG0163dJbNNYDgC4PUMfJAJmfnbqCoPrQCYcrdpvG6XOsj_pCaIZcOqvTMcvM4wgvScn1nnN9rBTrucmCyY&cid=CAASEuRoExuNhU8vxIk5MJCh224phw&rfl=1%2Chttps%253A%252F%252Fwww.heraldnet.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 16:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Jan 2022 16:58:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C3C1 41 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Dec 2022 15:13:53 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000548/module/ 503 B
811 B 11ms
10ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000548/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eee1807b6aa60fabd89cb374b26a21ec5f56d4281c183b6c56c6a72a85ddbc7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:14 GMT
last-modified: Tue, 21 Dec 2021 09:16:40 GMT
server: AkamaiNetStorage
etag: "7729c15a51ea48f26a25ceb3a5d80fbf:1640079800.989361"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Sun, 26 Dec 2021 21:02:14 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 358ms
87ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ed7ba25573162e51e8b6d07e7d35cdec_39028_1640538134454&tm=1480&eT=0&widgetWidth=738&widgetHeight=291&widgetX=431&widgetY=7163&wRV=2000548&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=528&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
X-TraceId: 0a5e0d4ecc88bb3b7dc348e05f28e77d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 reel.js Show response
widgets.outbrain.com/nanoWidget/2000548/module/ 23 KB
8 KB 8ms
8ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000548/module/reel.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eb1d8f7db5e659f42403a2560471c3939b0d1cec0ec9c09a13bcbb27cec271f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 09:16:40 GMT
server: AkamaiNetStorage
etag: "c16c3fdcc521f843c287305a28239e91:1640079798.110582"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7583
expires: Sun, 26 Dec 2021 21:02:14 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 371ms
93ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=37d81fb748ce4e523aa2fcdc6fb72e65_39028_1640538134414&tm=1485&eT=0&widgetWidth=738&widgetHeight=439&widgetX=431&widgetY=7469&wRV=2000548&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=528&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
X-TraceId: ce64584e61169bbf02a8e351a141748e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 379ms
93ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=a1e1efaefc1e0072bdadff6705f93b37_39028_1640538134488&tm=1486&eT=0&widgetWidth=738&widgetHeight=291&widgetX=431&widgetY=7908&wRV=2000548&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=528&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 26 Dec 2021 17:02:14 GMT
content-encoding: gzip
X-TraceId: 9826836aec3990b0d634b10f6151166d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame C3C1 11 KB
4 KB 50ms
16ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH4n9FqDIYaHgAo3MgAf4uJ3IBrXN-YNXzN65q-UM8C4QASDXr51zYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBJQCT9CEK-G4tfWO-nObXIIbFbXPqjqwwcbWoSyOKKqw0LBo2ZB93oszFh4awYj9iCpfb4Fgzw5ci0E93kWTXNV9ccIyQ6knJwJNrOdaRv8OIzbjb_Mdp15mEd1XtbXIe8NYML5p894T0Uv6KbX4u1M4J1uQK-lg0L04MCFP8dzGvGiJJ42HsMl9b00bsDpTBu7fqc3JGarzueWbmNv8GF93Gh1MDXzH3UjU0nwApPCv2DcCw04zhXFhlTE6dKa4vCTFl9-CCb5SYVEMGKgR73ZnZoQPTGwpxwIDrCkh_wYUqXant4EApUppommlZe44qlxobsIcDNnczH4bly-UORDOy7ixMFtDE-E7KDvyqltM0U_TSkTswASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoExuNhU8vxIk5MJCh224phw%26sig%3DAOD64_0mFUoGixKUdDP1KeMKjrMkg4Oxiw%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-BxwZ_Um3NXqqbpxqBd1eO0e5cwZYhh9HOD0sVI_ns9KtGHHZN48OX8B3sMy-T-mRR295yQ6jw2EgNcqHJDc7zqs5e-nJ1q5FT-IXgCSJrqtAPdwskcdbM0s8tkDtS8uVp0vPe66ezsr-vO6n7AnrrCoBeJkA%26cry%3D1%26dbm_d%3DAKAmf-D-OXKr8A6h3pmUwnpwBssr7NiiRgB5_PYg_ScFkER8NTIqqGCqfBTMhFqyfOrzMEsEJZrRPTdpve0_yLs97ByH15n0ORP61HjecyUCY_7P9g0cFcVasu5820G8dHG-z4qvm7s3FQz-bjx1o9lqift_KaZhThOG_M3Kfu5NqS1kFOOOTffZFJRwcYF0axsCh7DCfgt3rnN5lmiO_kGzGjh2d4PSfCDXV3FdEtFvmz3mVc4Rc_vx8FCQmBhJe_8yh1GmXS9DTXoBULyaoAOiIEvIfqbR4faZ7dtHuv-SbFGx2eCTRTZZyVUvryWpl9rxhAqNibxvrGWzm311eCFAV5cNfnfY4i-O0Odb4bjDre1Noy81HjTGctHUqVBmGr6X7-gR_OczdSsw23hpnYWzwqXYVXjZgK3HFZo6dfIrY1S4EoP316HlakNEtrqrV3W_UDysg1EVo2_aeWbkcoHxY-mbl2gCFdAkBukDJx5d0pCeB4ObN_I8kiQhZaDpY2ybeXtdWEfWAzJV2jUgFHYhB1i-Dm4-CjBQoZiQM5tnneQ_04XphAXEqwYxKqbIHM93XCN5TXTK-hRLq6W3B_LspWWOMVm8gA%26adurl%3D
Requested by: Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 037b038f562fcd4f9dfcbdc296317f0ae1a804cebdf1ca04765fa14d8ee22c54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4099
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B519 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 21 Dec 2021 15:13:54 GMT
expires: Wed, 21 Dec 2022 15:13:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 438500
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame C3C1
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

99ms
76ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH4n9FqDIYaHgAo3MgAf4uJ3IBrXN-YNXzN65q-UM8C4QASDXr51zYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBJQCT9CEK-G4tfWO-nObXIIbFbXPqjqwwcbWoSyOKKqw0LBo2ZB93oszFh4awYj9iCpfb4Fgzw5ci0E93kWTXNV9ccIyQ6knJwJNrOdaRv8OIzbjb_Mdp15mEd1XtbXIe8NYML5p894T0Uv6KbX4u1M4J1uQK-lg0L04MCFP8dzGvGiJJ42HsMl9b00bsDpTBu7fqc3JGarzueWbmNv8GF93Gh1MDXzH3UjU0nwApPCv2DcCw04zhXFhlTE6dKa4vCTFl9-CCb5SYVEMGKgR73ZnZoQPTGwpxwIDrCkh_wYUqXant4EApUppommlZe44qlxobsIcDNnczH4bly-UORDOy7ixMFtDE-E7KDvyqltM0U_TSkTswASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoExuNhU8vxIk5MJCh224phw%26sig%3DAOD64_0mFUoGixKUdDP1KeMKjrMkg4Oxiw%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-BxwZ_Um3NXqqbpxqBd1eO0e5cwZYhh9HOD0sVI_ns9KtGHHZN48OX8B3sMy-T-mRR295yQ6jw2EgNcqHJDc7zqs5e-nJ1q5FT-IXgCSJrqtAPdwskcdbM0s8tkDtS8uVp0vPe66ezsr-vO6n7AnrrCoBeJkA%26cry%3D1%26dbm_d%3DAKAmf-D-OXKr8A6h3pmUwnpwBssr7NiiRgB5_PYg_ScFkER8NTIqqGCqfBTMhFqyfOrzMEsEJZrRPTdpve0_yLs97ByH15n0ORP61HjecyUCY_7P9g0cFcVasu5820G8dHG-z4qvm7s3FQz-bjx1o9lqift_KaZhThOG_M3Kfu5NqS1kFOOOTffZFJRwcYF0axsCh7DCfgt3rnN5lmiO_kGzGjh2d4PSfCDXV3FdEtFvmz3mVc4Rc_vx8FCQmBhJe_8yh1GmXS9DTXoBULyaoAOiIEvIfqbR4faZ7dtHuv-SbFGx2eCTRTZZyVUvryWpl9rxhAqNibxvrGWzm311eCFAV5cNfnfY4i-O0Odb4bjDre1Noy81HjTGctHUqVBmGr6X7-gR_OczdSsw23hpnYWzwqXYVXjZgK3HFZo6dfIrY1S4EoP316HlakNEtrqrV3W_UDysg1EVo2_aeWbkcoHxY-mbl2gCFdAkBukDJx5d0pCeB4ObN_I8kiQhZaDpY2ybeXtdWEfWAzJV2jUgFHYhB1i-Dm4-CjBQoZiQM5tnneQ_04XphAXEqwYxKqbIHM93XCN5TXTK-hRLq6W3B_LspWWOMVm8gA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1382134112614&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9cd51cb19dee8df06a1f5a96da2d69d2c3f3d878bff0cd60075a276b808471cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92680800132679300710616011820005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 864
Expires: Sun, 26 Dec 2021 17:02:14 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH4n9FqDIYaHgAo3MgAf4uJ3IBrXN-YNXzN65q-UM8C4QASDXr51zYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBJQCT9CEK-G4tfWO-nObXIIbFbXPqjqwwcbWoSyOKKqw0LBo2ZB93oszFh4awYj9iCpfb4Fgzw5ci0E93kWTXNV9ccIyQ6knJwJNrOdaRv8OIzbjb_Mdp15mEd1XtbXIe8NYML5p894T0Uv6KbX4u1M4J1uQK-lg0L04MCFP8dzGvGiJJ42HsMl9b00bsDpTBu7fqc3JGarzueWbmNv8GF93Gh1MDXzH3UjU0nwApPCv2DcCw04zhXFhlTE6dKa4vCTFl9-CCb5SYVEMGKgR73ZnZoQPTGwpxwIDrCkh_wYUqXant4EApUppommlZe44qlxobsIcDNnczH4bly-UORDOy7ixMFtDE-E7KDvyqltM0U_TSkTswASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoExuNhU8vxIk5MJCh224phw%26sig%3DAOD64_0mFUoGixKUdDP1KeMKjrMkg4Oxiw%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-BxwZ_Um3NXqqbpxqBd1eO0e5cwZYhh9HOD0sVI_ns9KtGHHZN48OX8B3sMy-T-mRR295yQ6jw2EgNcqHJDc7zqs5e-nJ1q5FT-IXgCSJrqtAPdwskcdbM0s8tkDtS8uVp0vPe66ezsr-vO6n7AnrrCoBeJkA%26cry%3D1%26dbm_d%3DAKAmf-D-OXKr8A6h3pmUwnpwBssr7NiiRgB5_PYg_ScFkER8NTIqqGCqfBTMhFqyfOrzMEsEJZrRPTdpve0_yLs97ByH15n0ORP61HjecyUCY_7P9g0cFcVasu5820G8dHG-z4qvm7s3FQz-bjx1o9lqift_KaZhThOG_M3Kfu5NqS1kFOOOTffZFJRwcYF0axsCh7DCfgt3rnN5lmiO_kGzGjh2d4PSfCDXV3FdEtFvmz3mVc4Rc_vx8FCQmBhJe_8yh1GmXS9DTXoBULyaoAOiIEvIfqbR4faZ7dtHuv-SbFGx2eCTRTZZyVUvryWpl9rxhAqNibxvrGWzm311eCFAV5cNfnfY4i-O0Odb4bjDre1Noy81HjTGctHUqVBmGr6X7-gR_OczdSsw23hpnYWzwqXYVXjZgK3HFZo6dfIrY1S4EoP316HlakNEtrqrV3W_UDysg1EVo2_aeWbkcoHxY-mbl2gCFdAkBukDJx5d0pCeB4ObN_I8kiQhZaDpY2ybeXtdWEfWAzJV2jUgFHYhB1i-Dm4-CjBQoZiQM5tnneQ_04XphAXEqwYxKqbIHM93XCN5TXTK-hRLq6W3B_LspWWOMVm8gA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1382134112614&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 26 Dec 2021 17:02:14 +0100

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame B519 35 KB
13 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 13:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Dec 2022 13:15:00 GMT

GET
H2 200 fancybox_sprite.png
plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/ 1 KB
2 KB 16ms
13ms Image
image/png 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/fancybox_sprite.png
Requested by: Host: plugins.blueconic.net
URL: https://plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: - /
Resource Hash: b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://plugins.blueconic.net/lightboxinteractiontype/2.4.1/frontend/src/lib/fancybox/jquery.fancybox.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 12:23:02 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 12:13:15 GMT
server: -
age: 275952
etag: "552-5c78cfa84d358"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1362
x-amz-cf-id: 2HwrHKvhiy5_ayUWWge8d5nIf3h91ynTAxBuvjlLT3FEDDOzFEo_KA==
expires: Sat, 22 Jan 2022 12:23:02 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 98A9
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=92680800132679300710616011820005&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92680800132679300710616011820005&actionid=731824&produktid=businessgiro&dt_url=

0
630 B

125ms
88ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92680800132679300710616011820005&actionid=731824&produktid=businessgiro&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH4n9FqDIYaHgAo3MgAf4uJ3IBrXN-YNXzN65q-UM8C4QASDXr51zYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBJQCT9CEK-G4tfWO-nObXIIbFbXPqjqwwcbWoSyOKKqw0LBo2ZB93oszFh4awYj9iCpfb4Fgzw5ci0E93kWTXNV9ccIyQ6knJwJNrOdaRv8OIzbjb_Mdp15mEd1XtbXIe8NYML5p894T0Uv6KbX4u1M4J1uQK-lg0L04MCFP8dzGvGiJJ42HsMl9b00bsDpTBu7fqc3JGarzueWbmNv8GF93Gh1MDXzH3UjU0nwApPCv2DcCw04zhXFhlTE6dKa4vCTFl9-CCb5SYVEMGKgR73ZnZoQPTGwpxwIDrCkh_wYUqXant4EApUppommlZe44qlxobsIcDNnczH4bly-UORDOy7ixMFtDE-E7KDvyqltM0U_TSkTswASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoExuNhU8vxIk5MJCh224phw%26sig%3DAOD64_0mFUoGixKUdDP1KeMKjrMkg4Oxiw%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-BxwZ_Um3NXqqbpxqBd1eO0e5cwZYhh9HOD0sVI_ns9KtGHHZN48OX8B3sMy-T-mRR295yQ6jw2EgNcqHJDc7zqs5e-nJ1q5FT-IXgCSJrqtAPdwskcdbM0s8tkDtS8uVp0vPe66ezsr-vO6n7AnrrCoBeJkA%26cry%3D1%26dbm_d%3DAKAmf-D-OXKr8A6h3pmUwnpwBssr7NiiRgB5_PYg_ScFkER8NTIqqGCqfBTMhFqyfOrzMEsEJZrRPTdpve0_yLs97ByH15n0ORP61HjecyUCY_7P9g0cFcVasu5820G8dHG-z4qvm7s3FQz-bjx1o9lqift_KaZhThOG_M3Kfu5NqS1kFOOOTffZFJRwcYF0axsCh7DCfgt3rnN5lmiO_kGzGjh2d4PSfCDXV3FdEtFvmz3mVc4Rc_vx8FCQmBhJe_8yh1GmXS9DTXoBULyaoAOiIEvIfqbR4faZ7dtHuv-SbFGx2eCTRTZZyVUvryWpl9rxhAqNibxvrGWzm311eCFAV5cNfnfY4i-O0Odb4bjDre1Noy81HjTGctHUqVBmGr6X7-gR_OczdSsw23hpnYWzwqXYVXjZgK3HFZo6dfIrY1S4EoP316HlakNEtrqrV3W_UDysg1EVo2_aeWbkcoHxY-mbl2gCFdAkBukDJx5d0pCeB4ObN_I8kiQhZaDpY2ybeXtdWEfWAzJV2jUgFHYhB1i-Dm4-CjBQoZiQM5tnneQ_04XphAXEqwYxKqbIHM93XCN5TXTK-hRLq6W3B_LspWWOMVm8gA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1382134112614&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 26 Dec 2021 06:02:14 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sun, 26 Dec 2021 17:02:13 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Sun, 26 Dec 2021 17:02:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=92680800132679300710616011820005&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: B9D59BA9:D9DA_91EFC182:01BB_61C8A016_21283A6:297E8
X-IPLB-Instance: 40028
Cache-control: private

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 7BC0 7 KB
2 KB 34ms
12ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=ab5f90bf4c&subid=&uid=8eb5bc1c8d47edee&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCH4n9FqDIYaHgAo3MgAf4uJ3IBrXN-YNXzN65q-UM8C4QASDXr51zYJXikIKgB8gBCakCPVGexJX9sj6oAwGqBJQCT9CEK-G4tfWO-nObXIIbFbXPqjqwwcbWoSyOKKqw0LBo2ZB93oszFh4awYj9iCpfb4Fgzw5ci0E93kWTXNV9ccIyQ6knJwJNrOdaRv8OIzbjb_Mdp15mEd1XtbXIe8NYML5p894T0Uv6KbX4u1M4J1uQK-lg0L04MCFP8dzGvGiJJ42HsMl9b00bsDpTBu7fqc3JGarzueWbmNv8GF93Gh1MDXzH3UjU0nwApPCv2DcCw04zhXFhlTE6dKa4vCTFl9-CCb5SYVEMGKgR73ZnZoQPTGwpxwIDrCkh_wYUqXant4EApUppommlZe44qlxobsIcDNnczH4bly-UORDOy7ixMFtDE-E7KDvyqltM0U_TSkTswASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoExuNhU8vxIk5MJCh224phw%26sig%3DAOD64_0mFUoGixKUdDP1KeMKjrMkg4Oxiw%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-BxwZ_Um3NXqqbpxqBd1eO0e5cwZYhh9HOD0sVI_ns9KtGHHZN48OX8B3sMy-T-mRR295yQ6jw2EgNcqHJDc7zqs5e-nJ1q5FT-IXgCSJrqtAPdwskcdbM0s8tkDtS8uVp0vPe66ezsr-vO6n7AnrrCoBeJkA%26cry%3D1%26dbm_d%3DAKAmf-D-OXKr8A6h3pmUwnpwBssr7NiiRgB5_PYg_ScFkER8NTIqqGCqfBTMhFqyfOrzMEsEJZrRPTdpve0_yLs97ByH15n0ORP61HjecyUCY_7P9g0cFcVasu5820G8dHG-z4qvm7s3FQz-bjx1o9lqift_KaZhThOG_M3Kfu5NqS1kFOOOTffZFJRwcYF0axsCh7DCfgt3rnN5lmiO_kGzGjh2d4PSfCDXV3FdEtFvmz3mVc4Rc_vx8FCQmBhJe_8yh1GmXS9DTXoBULyaoAOiIEvIfqbR4faZ7dtHuv-SbFGx2eCTRTZZyVUvryWpl9rxhAqNibxvrGWzm311eCFAV5cNfnfY4i-O0Odb4bjDre1Noy81HjTGctHUqVBmGr6X7-gR_OczdSsw23hpnYWzwqXYVXjZgK3HFZo6dfIrY1S4EoP316HlakNEtrqrV3W_UDysg1EVo2_aeWbkcoHxY-mbl2gCFdAkBukDJx5d0pCeB4ObN_I8kiQhZaDpY2ybeXtdWEfWAzJV2jUgFHYhB1i-Dm4-CjBQoZiQM5tnneQ_04XphAXEqwYxKqbIHM93XCN5TXTK-hRLq6W3B_LspWWOMVm8gA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1382134112614&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 259ce80fd0c81a7fbb9d6875d33bb55d01564944878a77185533f7f4e6d68ae9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/

Response headers

Date: Sun, 26 Dec 2021 17:02:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 26 Dec 2021 17:02:14 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2034
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame C3C1
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=92680800132679300710616011820005
https://ad-server.eu/wm/pb/native.png

68 B
312 B

153ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:07:07 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 26 Dec 2021 17:02:14 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: B9D59BA9:D9DC_91EFC182:01BB_61C8A016_212F216:297EB
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C3C1 43 B
703 B 44ms
13ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601050&v=18332&q=376776&r=296283&pref1=92680800132679300710616011820005&pv=1

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame C3C1 43 B
702 B 51ms
20ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=92680800132679300710616011820005&pv=1

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:02:14 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2613 1 KB
749 B 36ms
36ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 26 Dec 2021 05:53:44 GMT
expires: Mon, 27 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 40110
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C3C1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae0ca5dc76185170f5f9406731b202a567c1e95bcf23de95b0f1671b47bad1ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B519 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqhK0FqDIYbOqHZuj9u8PlL2t2AEAAAAAOAHgBAI&bg=!UVKlUhbNAAZKWFskSlg7ACkAdvg8WqZyUbbFlccQHx9kAabEN8883X_aH5g5BwNpkusy5XOL5J7AqQIAAACAUgAAAAtoAQcKAGNM37XkLWVymYKWf8mnaQge-CNCApfmqXTy4xrmDlbt4Yz5-yEGxD2bpTEY5G66D7z2oPKoyyE7UaJQo2J_-Dpn1wT9eeGcreCIab_7WbwixEJMLhhhzRgEU8qLoV6i_LHpmAeZAw9I2ObQp1g41DMgD-ETmbP3RcUu3STRmFrM_CClZRj3j7Kp1gag4dPwYuJ937YkJagunKNW8fsj3y1Y7kb1fuO596dLPemViL8OD6w80UxY-tNQoJCenNBWdz56mxPGQoVxNadsMprNZapRblSheK-8czVg59z1BRKYpb36MJNt2Qy-edIVAlaHRaVzq_csTgUtiyJ-Flm3TUAScP2q7IGQ39aSHiOup3-OMOENmN9rF2zdkcoKQBhClqu05dIa-deNdH-kpoPk47KGoRI0QS0i76cfaJRHkNNlZNwgD-XrCcRpCUD1FQYa9CXzpjjaR3NbTKm6GDvoLPm2wUsQbYHRy3MTUwOIBjIIdjfWWsMoev09YegT5ekXiCk5G8RDXIWehgcblpfv1DNvN0pzU959OSJinNAjaYjqz74V_mONuM-6CXLL_kx-onWmU9ul443MZHDOaFUXsSW6IInCDNNfqE76QGP7rzkryt6Ls5K-1lzDvjA-_HTVcsb0xiHRfYjvGhG42GBL3VUxwwU3CMkn5YZ53klRjfZRhU6_2yuEMsWFbMKtcJFhZWMnX4LF7__V-1FRI9ezHsZLnlJR3m5IxUXsLXipAQOO3feAMC-dKF9R_E4ZKbzdoT1KpkeF9EF8Me1EADqaKIhb4s971ijlJDLDyzZ7RRbjkPjEaZ-U4DbRFi_Td42ksrO5Ss13qFIFDyHgzIAPRk2MWCqIKmv6b8d2m0nln1496R4otokqbKQm4f4qMtDLLHyGkMFeVOuR-PPu-9o6fG57P_wtV5KzjvBVJcOS64Jat25Y510f38Ju4Y2EpT5_scEfZ2Fj7N-dK6L7ax0TDi1EA3bEXb_FkR6AIXaKWMywYj9cugs8m7qy9-cekI3TNuAfA_21x1PKr1tjor8uRnO1v8yS39JPt-9lpYR__APkus-iuqtyS3IHyPtOFSjUWHCg1Rmodw6hy4izi2l97P_qD0C2PuMN0Jqwp9ByVxFqTbny1-7fosIkjfUc8QboOQhjOB8lBjt7zFljct6No95ok1B5_Us

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7BC0 4 KB
649 B 89ms
45ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 16:36:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 17:02:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Dec 2021 17:02:15 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7BC0 16 KB
16 KB 34ms
12ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7111797fe33052ec812875bfb37ae69d42a24f893dfb007e0187e72a6bfb3bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16465
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7BC0 15 KB
15 KB 157ms
135ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2204c353c14f1d81461c17fecc2195c5e08f16b6f9ae48d0681e237e7589e56e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15247
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7BC0 17 KB
17 KB 34ms
12ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 729b1f672eb91e0e61ea63f6300e501b63ca763bcfd28213f8bd498a2fd4e7d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16858
Vary: Accept-Encoding
Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2613
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAjApP0xKWJq4hE7s7GlwxU&google_cver=1&google_push=AYg5qPKAKzGshvLlVBDFz5Dy3aJFGcsC72pFv1de9xhM-itvwcscDuMSZofHIPEFXB5DmYWHBbIJXTtIQAZWVbNt...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKAKzGshvLlVBDFz5Dy3aJFGcsC72pFv1de9xhM-itvwcscDuMSZofHIPEFXB5DmYWHBbIJXTtIQAZWVbNt9Z-bp9_R938V

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKAKzGshvLlVBDFz5Dy3aJFGcsC72pFv1de9xhM-itvwcscDuMSZofHIPEFXB5DmYWHBbIJXTtIQAZWVbNt9Z-bp9_R938V

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 26 Dec 2021 17:02:15 GMT
Server: MT3 4133 baa842e master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKAKzGshvLlVBDFz5Dy3aJFGcsC72pFv1de9xhM-itvwcscDuMSZofHIPEFXB5DmYWHBbIJXTtIQAZWVbNt9Z-bp9_R938V
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 26 Dec 2021 17:02:14 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2613
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnuOlCjBy4FLbbTik0Sxc0&google_push=AYg5qPLMmWhGJuOzkIdsP_RYUkT15UBeIQd2lDG_0CHDX4l_i224OtX1rv...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnuOlCjBy4FLbbTik0Sxc0&google_push=AYg5qPLMmWhGJuOzkIdsP_RYUkT15UBeIQd2lDG_0CHDX4l_i224OtX1rvxacC3xs6xEjhWWe7i0m8-FcqQVZvzrkCOsqisxQT0

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:16 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1640538135.016432,VS0,VE1653
x-served-by: cache-hhn4049-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJnuOlCjBy4FLbbTik0Sxc0&google_push=AYg5qPLMmWhGJuOzkIdsP_RYUkT15UBeIQd2lDG_0CHDX4l_i224OtX1rvxacC3xs6xEjhWWe7i0m8-FcqQVZvzrkCOsqisxQT0
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2613 70 B
265 B 110ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAFLa1JNUEFb650szRBZFNQ&google_cver=1&google_push=AYg5qPLZDLV53fZNZVHUB_CLtU9gADWZFbAonkkQ_fh9FHxfVxPXEE3m2zXzM8QilN5oF1zqsQoZOuu0GwRq3co_WRKid30lBs4
Requested by: Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2613 0
191 B 75ms
20ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAx1D4ShHJxxIpCDektR5FI&google_cver=1&google_push=AYg5qPJgwAGKffauZqoXSBZG0zhEvZPMzU_FmbLYf7vbFRJ9NKVc-NGvJseGjg4gGc3oDYSvNzl6QS-q6UZ-0fS0fsUgRHT0NUGN
Requested by: Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:14 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2613
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOX5aLmwg6U__xxVQfH_LjA&google_cver=1&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlogDE-G...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOX5aLmwg6U__xxVQfH_LjA&google_cver=1&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlo...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3MDQzMTMxMTk2NzY4NDc0NA&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlogDE...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3MDQzMTMxMTk2NzY4NDc0NA&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlogDE-G1ZF3CUesxm-Xy45nT1-W

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:02:15 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk3MDQzMTMxMTk2NzY4NDc0NA&google_push=AYg5qPJADXLGPpaaz2j1eSTff9Yzyoq28XQL4CwGPyAsEnTyfULHvM2rw7jXKJ8FFZulolE1rlogDE-G1ZF3CUesxm-Xy45nT1-W
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame 2613
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEJNCD1kOCtvg8DWHKz1TQN4&google_cver=1&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp

0
0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 2613 43 B
577 B 159ms
44ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESELLFJ6Y4SYspt24kr8nSB7g&google_cver=1&google_push=AYg5qPJi5eyjzVzATLkkM0-zgVjK9ApDd3x7ABLR7ejAx02en5GY-Er0vu7Qcv2d1p_24mk_vcqRM4fOzty-xtZyLARTXyDpgrImkA

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Dec 2021 17:02:15 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2613 0
12 B 47ms
47ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JI8ZyyCLynMuYA8W5jGBuqo0QbI0aPTJt-2EwrKkgOcjxyccSFT8qvZ4J5wPMsUFM27PUtQQ

Requested by

Host: a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
URL: https://a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 7BC0 0
150 B 34ms
12ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=92680800132679300710616011820005&a=d7d7dd7b&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=92680800132679300710616011820005&a=f87b5b7d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:15 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7BC0 13 KB
13 KB 83ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90005.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 21:39:33 GMT
x-content-type-options: nosniff
age: 501762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 21:39:33 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7BC0 13 KB
13 KB 86ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90005.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 14:56:27 GMT
x-content-type-options: nosniff
age: 353148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 14:56:27 GMT

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F/DESKTOP/WIDGET_OFF/ 77 B
417 B 1494ms
1494ms Fetch
application/json 44.231.152.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-12-23/widget_app_base_1640267709589.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.152.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-152-142.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:02:20 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 3000
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-61d20e41
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 100ms
100ms Image
image/gif 34.195.91.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&f_privb=0&tid=5b88201a-1587-45d0-b5c1-6fddfe412e35&pid=dabee9f2-91df-4b3c-a311-4023ee7580a9&dtm=1640538143144&qnm=_matherq&visible=1&tabid=c7a326ed-6fee-437a-adb1-1569a4a5e7d6&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&vp=1600x1200&ds=1600x8692&tofa=1640538133&vid=1&lvidt=1640538133&duid=8b58e9d65b144fe2&fp=401617179&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0MDUzODEzMTk0OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNC4zbWIiLCJoZWFwVCI6IjE3LjFtYiIsImZzdFBhaW50IjoiMTA0MCIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIyMSIsImNvbm5TIjoiMjEiLCJjb25uRSI6IjM1OCIsInNzbFMiOiIxMzMiLCJyZXF1UyI6IjM1OCIsInJlc3BTIjoiNTEzIiwicmVzcEUiOiI2MDEiLCJkb21Mb2FkIjoiNTE2IiwiZG9tSW50ZXIiOiIxMDM3IiwiZG9tTG9hZFMiOiIxMDQ0IiwiZG9tTG9hZEUiOiIxMDg2In19
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.91.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-91-69.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:02:23 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 71ms
22ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Dec 2021 17:02:24 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
signal-metrics-collector-beta.s-onetag.com/ 0
72 B 28ms
21ms Ping
text/plain 75.2.13.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Dec 2021 17:02:24 GMT
content-length: 0
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css

Domain: everett.newzware.com
URL: https://everett.newzware.com/newzlib/images/milky-icons/48/80.png

Domain: everett.newzware.com
URL: https://everett.newzware.com/newzlib/images/milky-icons/48/23.png

Domain: everett.newzware.com
URL: https://everett.newzware.com/newzlib/images/milky-icons/48/84.png

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp

Verdicts & Comments Add Verdict or Comment

478 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
soundpublishing.blueconic.net/DG/DEFAULT	1970-01-20 08:27:54	Name: BCSessionID Value: c79a0c6f-2390-4865-8b17-c973ab895323
www.heraldnet.com/	1970-01-19 23:43:44	Name: spi-adslots Value: %5B%22f4e5f220-2efc-45a1-869f-0b293f8aec73%22%2C%201036994%2C%20%5B%5B2%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B3%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%20%5B320%2C%2050%5D%22%5D%2C%20%5B4%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B5%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B6%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B7%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B8%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B9%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B10%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B11%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B12%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B13%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B14%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%5D%5D
www.heraldnet.com/	1970-01-19 23:43:44	Name: spi-check Value: 0
www.heraldnet.com/	1970-01-20 00:25:30	Name: nwssmcookie Value: ssm
.heraldnet.com/	1970-01-20 08:27:54	Name: bc_tstgrp Value: 1
www.heraldnet.com/	1970-01-29 23:40:51	Name: nwcompname Value: FtUH8HmZ
.heraldnet.com/	1970-01-19 23:42:19	Name: _ml_ses Value: *
.heraldnet.com/	1970-01-20 17:13:30	Name: _ga_2WM1N458VT Value: GS1.1.1640538133.1.0.1640538133.0
.heraldnet.com/	1970-01-19 23:43:44	Name: _gid Value: GA1.2.1054082608.1640538133
.heraldnet.com/	1970-01-19 23:42:18	Name: _dc_gtm_UA-52608-71 Value: 1
.heraldnet.com/	1970-01-19 23:42:18	Name: _dc_gtm_UA-52608-48 Value: 1
.heraldnet.com/	1970-01-19 23:42:18	Name: _gat_UA-52608-71 Value: 1
.heraldnet.com/	1970-01-19 23:42:18	Name: _gat_gtag_UA_52608_71 Value: 1
.heraldnet.com/	1970-01-19 23:42:18	Name: _gat_gtag_UA_109002081_1 Value: 1
.heraldnet.com/	1970-01-19 23:42:18	Name: _gat_gtag_UA_109002081_7 Value: 1
.heraldnet.com/	1970-01-20 17:13:30	Name: _ga_BHJYZD7VVN Value: GS1.1.1640538133.1.0.1640538133.0
.heraldnet.com/	1970-01-20 17:13:30	Name: _ga Value: GA1.1.180201433.1640538133
.lijit.com/	1970-01-20 00:25:30	Name: ctag Value:
obs.cheqzone.com/	1970-01-20 07:46:08	Name: cg_uuid Value: c537e9c0cabd054e0424848a9abd1646
.heraldnet.com/	1970-01-20 01:51:54	Name: _fbp Value: fb.1.1640538133835.1355646525
.heraldnet.com/	1970-01-20 08:27:54	Name: BCSessionID Value: c79a0c6f-2390-4865-8b17-c973ab895323
soundpublishing.blueconic.net/	1970-01-19 23:52:22	Name: AWSALBCORS Value: 4qcQCxfWBKwnEOsAcRiy+Rkr3/dB9PqZzapoVS44KgF1jXaH0f2DU0tL1z7NCsJIbf0bW/xjE7VAexXpUFtqaHQX3jG27gZ+s7TGhzYLM4mfJfhasaC0KIJnzDDu
.doubleclick.net/	1970-01-20 09:03:54	Name: IDE Value: AHWqTUktuH6Wrqz6iv27AoL-xV5mIav1n_rOdo5UZ7uZGsdcctxH0fXtBwKZF1sNL1Y
.heraldnet.com/	1970-01-20 09:03:54	Name: __gads Value: ID=637d1672775ba1e8:T=1640538133:S=ALNI_Ma9KoWCHqt2e0qrAlcOBolPwszrKA
.casalemedia.com/	1970-01-20 08:27:54	Name: CMID Value: YcigFg7NAzM8Z8YNwDBOdwAA
.casalemedia.com/	1970-01-20 01:51:54	Name: CMPS Value: 3274
.casalemedia.com/	1970-01-20 01:51:54	Name: CMPRO Value: 1146
.casalemedia.com/	1970-01-19 23:43:44	Name: CMST Value: YcigFmHIoBYA
.adnxs.com/	1970-01-20 01:51:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUcnXQ:(!@wnfH8K6pQK`!5=E<*L5?%M-.CWG@2e(dM7CU4tgMgZE3io@CAGFo9:AEyg%nugO%v4VB%nlr')rbn`
.adnxs.com/	1970-01-20 01:51:54	Name: uuid2 Value: 9207650252580771916
.casalemedia.com/	1970-01-20 08:27:54	Name: CMRUM3 Value: 2d61c8a0162760CAESEEYQ_dRl840RHgrIgfyrfVk
.redintelligence.net/	1970-01-20 01:51:54	Name: 8lcfmzhxc8d6_uid Value: f448c2300709f25b
.awin1.com/	1970-01-19 23:45:10	Name: awpv18332 Value: 296283\|1640538134\|933bc900-666d-11ec-a9fe-2263e4039ea6
.awin1.com/	1970-01-19 23:52:22	Name: awpv14098 Value: 296283\|1640538134\|933bf010-666d-11ec-9ff3-2231056962d9
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519595
.medialead.de/	1970-01-20 08:27:54	Name: trscj Value: MTY0MDUzODEzNHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRreU5qZ3dPREF3TVRNeU5qYzVNekF3TnpFd05qRTJNREV4T0RJd01EQTFKblE5YUhSc2NBPT18YUhSMGNITTZMeTloTXpWak1EaGlaVEpoTVRZMVlUSTNNREprTXpreE5qazJaVEF3TWpKak9TNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
.mathtag.com/	1970-01-20 09:08:13	Name: uuid Value: 516c61c8-a016-4b00-b3a6-20c78d09d659
.mathtag.com/	1970-01-20 00:25:30	Name: mt_mop Value: 4:1640538135
.adform.net/	1970-01-20 00:26:56	Name: C Value: 1
.adform.net/	1970-01-20 01:08:42	Name: uid Value: 1970431311967684744
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zq3pmgwez0qyg1qtzvqdqjq5
pb.media01.eu/	1970-01-20 17:13:30	Name: DTU Value: 64EFDFC3A260533F431B5F3071218B2F
.everesttech.net/	1970-01-20 08:27:54	Name: everest_g_v2 Value: g_surferid~YcigGAAA22yLNwAm
.heraldnet.com/	1970-01-20 17:13:30	Name: _ml_id Value: 8b58e9d65b144fe2.1640538133.1.1640538143.1640538133

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJYDfHxEyO-R4aF2bMzlMrgtZOgVdPEO3rhqQEnYYIv1D3n3JlYMPwfXM_ZhGcf-aVXybURqUMsklYoCRYE2PKgk4EMXKEp Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
a35c08be2a165a2702d391696e0022c9.safeframe.googlesyndication.com
ad-server.eu
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.userway.org
b2cdn.automatad.com
c.amazon-adsystem.com
c1.adform.net
cdn.blueconic.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.userway.org
cdnjs.cloudflare.com
cheqzone.b-cdn.net
cm.g.doubleclick.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
dsum-sec.casalemedia.com
everett-tpweb.newsengin.com
everett.newzware.com
everettweb.newzware.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
go.automatad.com
googleads.g.doubleclick.net
gslbeacon.lijit.com
hal9000.redintelligence.net
hal90005.redintelligence.net
ib.adnxs.com
js.matheranalytics.com
log.outbrainimg.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pb.media01.eu
pixel-sync.sitescout.com
plugins.blueconic.net
pv.medialead.de
pxdrop.lijit.com
s0.2mdn.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
soundpublishing.blueconic.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
vap4ams1.lijit.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.accuweather.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.heraldnet.com
www.i.matheranalytics.com
cm.g.doubleclick.net
everett.newzware.com
everettweb.newzware.com
104.111.214.80
104.111.233.227
104.111.239.217
104.198.41.198
107.178.250.234
108.161.188.228
13.251.191.176
138.201.63.165
142.250.185.226
143.204.95.188
143.204.98.101
143.204.98.122
143.204.98.127
143.204.98.38
143.204.98.57
143.204.98.81
145.239.193.130
15.197.193.217
151.101.114.132
151.101.130.49
185.29.134.244
185.33.220.244
2.18.232.28
2.18.234.190
2.18.234.21
216.52.2.19
23.20.239.123
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2156:5400:1:a3fa:7cc0:93a1
2606:4700::6810:125e
2606:4700::6812:e134
2a00:1450:4001:801::2008
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9a
2a00:1450:4019:806::2002
2a02:6ea0:c700::11
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.195.91.69
37.157.2.236
44.231.152.142
54.243.105.187
54.76.176.197
64.202.112.31
66.155.71.25
72.251.249.14
75.2.13.80
84.17.46.51
88.198.250.30
89.187.169.47
019e7523bf79cd8616d6d9c155dc0f825241d570951df1c47e2bdb5e9ba99a52
037b038f562fcd4f9dfcbdc296317f0ae1a804cebdf1ca04765fa14d8ee22c54
048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0aeccbcbf2db7b32108a31bcc6e177eac344e1242267a78e2393168127f2025f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3
1005bca21c89da6ce6b0bcd2bd9b92fe36ca91ead2959713659e8ff176692243
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
15d79332f2124a2c742cc45c514a2166c4a88ba99cc378a74506aff9c8a29942
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c
1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8
1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017
21144254e21ce5ed9ab373176977eaeeef16387898110f3126b5f2470bc39c15
2204c353c14f1d81461c17fecc2195c5e08f16b6f9ae48d0681e237e7589e56e
2270b79eaa2dce323e8c984f9f7aae3f1af57f6e74ff3b6e4401c49473022a57
22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd
2312f9a497b6f056018600d10de77a3441a964c6b803c2655326864d32d7fbad
2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4
259ce80fd0c81a7fbb9d6875d33bb55d01564944878a77185533f7f4e6d68ae9
25a8e81d786fa99fef99b1c0e020e909b37b3bd080856ccffb83f9c96a841193
25f5fd6b5533a85ebb55c3eed769b20e97d8804a8c15128dba1d3130ba6c572d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2789ab54eaa5434a174e531a3da95a09d48346eab3b42165286423408420a3f4
27eb87df8f4eb3164ad81ff266aed79d50a33f6869c249ee27ac80ad0c1e3dc2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8
2cf765fa7182eb92889cebe519626ea28a7e1c1a701495546774ab5904620320
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4
2dd1ed81bf1ddedf84961a3d68896ae3da8acb3e40b214e15bbeb88756c43e7b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
40e0b1381eb74784690a674838c4139c0006221c5d2d0d8be4563a33f55ccbc5
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
465e024329bc0144c51602b79b83d38b331f6cf0406c29ab178a0d3c7abbe34b
47595a2b8126e731e601f84664ef31f9fe8a7690b9618d852258b9edcc3c78a2
48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71
492f550571d56be47a3b01d0bd0a72669f2d23b7f2d664c9e99f8e358b606df9
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4a7a5ef5d25666ae59b20ada23014e98fe70dea480358710a77bd81db29e05fd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c56a8926e42a7a3398f1402214defbb29c37f324b405005cf51b0794232a129
4e030d1964809c1476b7db565c4409882e961f511b663296bf2469085d7c73ce
4ed55f464aa6a905c3dc6939c5629f1f323d447483590e754141ddec2e4e2208
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a8d4a16cedb5d426a2926e1d43faddfe20f470fc7aff226b14fd2dd76c22b8
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
53fa0591d078af65c8c73d78ec878814209daca682d6e46430bd4c2176843ac9
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5da32ead21ee2f8124a0e0a6884c9a0b4cf31cdaecd23fde4e527a7cc01b187d
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
624aa6236e04c55fdb2aec260b01bd8bef0b0c7234385ce3ba2f7c22320d021d
63a4574f31b5a78ab49e841647deca48b4f783e79623740d51e03a89a0d58e86
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
682c2814b10748feda9e8cc77459979b9311f6f9bb6da7980dee25b48aa46feb
68d2c0ed484a1d37e57aaff3fc3c6fd18dadca4ae60a67841944bd3e06878c60
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdfc740b06cd2d5bc3ec9f95a41dd58a94f97c3f763b6c4595449992501c974
7111797fe33052ec812875bfb37ae69d42a24f893dfb007e0187e72a6bfb3bf8
729b1f672eb91e0e61ea63f6300e501b63ca763bcfd28213f8bd498a2fd4e7d2
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7505468536f0cc99279960b2e9380a1da3b766dbe27440f3562be6e974512e32
75a7ad349db3a814199ccc5068f587c74a57cb2a0b546c65b75867ccb7846949
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
81573bb65fe8d27e6daebc7fc5ed82a3df594fdbde4ee299cd162ccf76fd577f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c84acdd4f78d4e0bc7d21db80aa8d0c8092db2aa483e910445dfcb0ad929d2
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
899e4acf9ccb79cc4a9644b406a438211f7b2724b60897a6eb50ad94e5330f18
89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de
8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337
8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2
8cfe0731466619f9a97479157471a72c4f2e0f9d668d0bf424972f2a7c7816bc
8d3336501c36830245727d0dede9e8b445a8959df4706d3673e4ab83b486e935
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
923969486b2242bb7449b16b467caeab3779a575b5df2cc5649a5c7a0c0d6968
9310328a2452fb4b9e16e3d9d93ea6c7cb9dc794372c30cad57e71ae2dcae031
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2257ab0c877ef811c0dde48d17bfb2cf1f1a5bd5bc6a9e9a7f4a114f4df3c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535
9cd51cb19dee8df06a1f5a96da2d69d2c3f3d878bff0cd60075a276b808471cf
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a032fb39d04535c6f67ed428a79dfa403214d9127a22f47c45430001bb8bca3d
a111fa94efec09bb5ab257e3f8bd5d3224cdd0b4a1a6ff05afa99f7bf36cfc5c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a23ad54e71ea0576077799daf152f096364edbafab22410e5180d28d2a82f2b3
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
a36aa89f339f6b9852d95c3b2c794d4afaf198215e2346c572afad1ec1695feb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63c645e04eecf22b163125848297bd35ed2a5905c9e203c6adc9c90617a9080
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
ae0ca5dc76185170f5f9406731b202a567c1e95bcf23de95b0f1671b47bad1ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b580a3edf95098323b88af12179875d5a66ca6a5601f98219fdec26dcd76daf0
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b72aeddf6a255cc03d3df245b94e4ef343cf9ef0aa8c890bd0ae34c1632d5529
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa
bd4024805e2b933b59f91c8c38dcf2a7e52131b9893efd22688fa822669ae953
bd7ac641ed5df476805a5422302c937ce46c19a2a9885083f5e69782dd2aca61
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db
d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dbee11a8d6310b0858a2ed0ba5063f056dcc41309b38b752d0ec96cc7f50e03a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e37ae5d102b6a2a59335bdb9e89df1c3f60ed83f2153dbc5a4bf0b62467f6742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058b846286433d019ff33bb22b2eca434c9d36249df436d5a3c623825674d0
e9984a87719f16bd8d776cdd24a5047dbd98549c078752e1c58ffa57fabd563e
e9e164c0f56f9e065122733c07acc0e4d8e2ed04059a4795f4b597dafe04186a
eb1d8f7db5e659f42403a2560471c3939b0d1cec0ec9c09a13bcbb27cec271f3
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6
ee351314b28100da6fd03df3517b21920c13b1df4daa651b1ae2031b332333e4
ee431f6264a014d21c070d93b3a430932b180c36a588e5683f78a315788c4152
ee96728875ed264612b6b54b664b86ac398d4fc816394d8b2a5d12e6912c22a7
eee1807b6aa60fabd89cb374b26a21ec5f56d4281c183b6c56c6a72a85ddbc7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f409cfdd3e7f1f2fca32014f725291a5f2420388e3944811cc8c1508664cd526
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f60ef9cc9b3157523ad9600ff55fc8f73edb1c7060e3d0546143a73445e1cab0
fafb414e3dc805097e97f7104088988032dd306bcbcb79b1a355356fbc53a40a
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43
fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2
fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.heraldnet.com Open in urlscan Pro 104.198.41.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

216 Requests

92 %HTTPS

34 %IPv6

43 Domains

71 Subdomains

55 IPs

9 Countries

2839 kBTransfer

7729 kBSize

44 Cookies

23 Outgoing links

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldnet.com Open in urlscan Pro
104.198.41.198 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

92 %
HTTPS

34 %
IPv6

43
Domains

71
Subdomains

55
IPs

9
Countries

2839 kB
Transfer

7729 kB
Size

44
Cookies

216 HTTP transactions
1 data transactions