extra.heraldtribune.com Open in urlscan Pro
35.202.203.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://extra.heraldtribune.com/
Submission: On October 30 via manual (October 30th 2023, 2:07:08 am UTC) from AU — Scanned from AU

Summary HTTP 66 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 16 domains to perform 66 HTTP transactions. The main IP is 35.202.203.217, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is extra.heraldtribune.com.

This is the only time extra.heraldtribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	35.202.203.217 35.202.203.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	142.250.66.202 142.250.66.202	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
4	172.217.167.74 172.217.167.74	15169 (GOOGLE) (GOOGLE)
1 2	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
1	103.224.182.246 103.224.182.246	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
1	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
7	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
1	18.67.111.105 18.67.111.105	16509 (AMAZON-02) (AMAZON-02)
4	74.125.130.154 74.125.130.154	15169 (GOOGLE) (GOOGLE)
2	172.217.167.104 172.217.167.104	15169 (GOOGLE) (GOOGLE)
1	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.71.66 142.250.71.66	15169 (GOOGLE) (GOOGLE)
2	142.251.221.68 142.251.221.68	15169 (GOOGLE) (GOOGLE)
1	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
1	142.250.204.1 142.250.204.1	15169 (GOOGLE) (GOOGLE)
4	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
3	142.251.221.65 142.251.221.65	15169 (GOOGLE) (GOOGLE)
66	21

16 35.202.203.217 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.203.202.35.bc.googleusercontent.com

extra.heraldtribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

htmulti.wpenginepowered.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.167.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.226 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.182.246 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com

platform.tout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.111.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-105.syd62.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.104 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.71.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.68 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net

866e87498e1c9ed421056b3ade676fa9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	heraldtribune.com extra.heraldtribune.com	2 MB
11	wpenginepowered.com htmulti.wpenginepowered.com	53 KB
8	googlesyndication.com 866e87498e1c9ed421056b3ade676fa9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	42 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	133 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 maps.googleapis.com — Cisco Umbrella Rank: 393	191 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	162 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	googletagservices.com 1 redirects www.googletagservices.com — Cisco Umbrella Rank: 212	29 KB
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 28394	408 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 13699
1	gstatic.com fonts.gstatic.com	48 KB
1	tout.com platform.tout.com
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	6 KB
66	16

	Domain	Requested by
16	extra.heraldtribune.com	extra.heraldtribune.com
11	htmulti.wpenginepowered.com	extra.heraldtribune.com
7	www.google-analytics.com	extra.heraldtribune.com www.google-analytics.com www.googletagmanager.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	stats.g.doubleclick.net	www.google-analytics.com
4	maps.googleapis.com	extra.heraldtribune.com maps.googleapis.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google.com	extra.heraldtribune.com tpc.googlesyndication.com
2	www.googletagmanager.com	www.google-analytics.com
2	connect.facebook.net	extra.heraldtribune.com connect.facebook.net
2	www.googletagservices.com	1 redirects extra.heraldtribune.com
1	866e87498e1c9ed421056b3ade676fa9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.com.au	extra.heraldtribune.com
1	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	cdn.viafoura.net	extra.heraldtribune.com
1	fonts.gstatic.com	fonts.googleapis.com
1	platform.tout.com	extra.heraldtribune.com
1	code.jquery.com	extra.heraldtribune.com
1	fonts.googleapis.com	extra.heraldtribune.com
66	20

This site contains links to these domains. Also see Links.

Domain
www.heraldtribune.com
projects.heraldtribune.com
www.unravel.us
medicaid.heraldtribune.com
watchdogsarasota.heraldtribune.com
watchdogsarasota.wp.htcreative.com
guardianship.heraldtribune.com
transsarasota.heraldtribune.com
andre.heraldtribune.com
marijuana.heraldtribune.com
havana.heraldtribune.com
newtown100.heraldtribune.com
costoflife.heraldtribune.com
finaljourney.heraldtribune.com
thestolenones.heraldtribune.com
htcreative.com
faceingmentalillness.heraldtribune.com
expulsions.heraldtribune.com
heraldtribune.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-08` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://extra.heraldtribune.com/
Frame ID: 66B750C51B82820CA50F06034187A470
Requests: 60 HTTP requests in this frame

Frame: https://866e87498e1c9ed421056b3ade676fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 59B0244A43975CD27E3AA5291156D68D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65CB198CFA0C79D3441CE7676C08FE75
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBCB87144F69DE5975373396F53BD4EA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Extra

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

66
Requests

42 %
HTTPS

0 %
IPv6

16
Domains

20
Subdomains

21
IPs

2
Countries

2514 kB
Transfer

4117 kB
Size

9
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: http://www.heraldtribune.com/
Title: HT.com

Search URL Search Domain Scan URL

URL: http://projects.heraldtribune.com/florida-mental-health-hospitals/
Title: INSANE. INVISIBLE. IN DANGER

Search URL Search Domain Scan URL

URL: http://projects.heraldtribune.com/insurancerisk/insuranceriskhome.html
Title: FLORIDIANS AT RISK

Search URL Search Domain Scan URL

URL: http://projects.heraldtribune.com/bias/
Title: BIAS ON THE BENCH

Search URL Search Domain Scan URL

URL: http://projects.heraldtribune.com/mason/
Title: WHAT HAPPENED TO MASON

Search URL Search Domain Scan URL

URL: http://www.unravel.us/housingsrq/
Title: CAN YOU AFFORD TO LIVE IN PARADISE?

Search URL Search Domain Scan URL

URL: http://medicaid.heraldtribune.com/
Title: 2 MILLION KIDS. $24 BILLION BATTLE.

Search URL Search Domain Scan URL

URL: http://projects.heraldtribune.com/investigateflip/investigateflip.html
Title: FLIPPING FRAUD

Search URL Search Domain Scan URL

URL: http://watchdogsarasota.heraldtribune.com/scarred/
Title: SCARRED

Search URL Search Domain Scan URL

URL: http://watchdogsarasota.wp.htcreative.com/?p=434
Title: SETTLING FOR SQUALOR

Search URL Search Domain Scan URL

URL: http://guardianship.heraldtribune.com/
Title: THE KINDNESS OF STRANGERS: FLORIDA'S ELDER GUARDIANSHIP SYSTEM

Search URL Search Domain Scan URL

URL: http://transsarasota.heraldtribune.com/
Title: TRANSSARASOTA

Search URL Search Domain Scan URL

URL: http://andre.heraldtribune.com/
Title: ANDRE BRYANT: AN INNOCENT MAN?

Search URL Search Domain Scan URL

URL: http://marijuana.heraldtribune.com/
Title: MEDICAL MARIJUANA IN FLORIDA

Search URL Search Domain Scan URL

URL: http://havana.heraldtribune.com/
Title: HOME TO HAVANA

Search URL Search Domain Scan URL

URL: http://newtown100.heraldtribune.com/
Title: NEWTOWN 100

Search URL Search Domain Scan URL

URL: http://costoflife.heraldtribune.com/
Title: COST OF LIFE

Search URL Search Domain Scan URL

URL: http://www.heraldtribune.com/article/20111204/article/111139979
Title: UNFIT FOR DUTY

Search URL Search Domain Scan URL

URL: http://finaljourney.heraldtribune.com/
Title: FINAL JOURNEY

Search URL Search Domain Scan URL

URL: http://thestolenones.heraldtribune.com/
Title: THE STOLEN ONES

Search URL Search Domain Scan URL

URL: http://htcreative.com/bankProject/banks.aspx
Title: BREAKING THE BANKS

Search URL Search Domain Scan URL

URL: http://faceingmentalillness.heraldtribune.com/
Title: FACEING MENTAL ILLNESS

Search URL Search Domain Scan URL

URL: http://expulsions.heraldtribune.com/
Title: EXPELLED

Search URL Search Domain Scan URL

URL: http://heraldtribune.com/
Title: Herald-Tribune Media Group

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://www.googletagservices.com/tag/js/gpt.js HTTP 302
https://www.googletagservices.com/tag/js/gpt.js

Request Chain 18

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 34

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
extra.heraldtribune.com/ 56 KB
15 KB 380ms
182ms Document
text/html 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: f02d9d11d97a826ba4abceb3c6dd259645d42826e8d457de64289a787294cd54

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=600, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Oct 2023 02:07:01 GMT
Keep-Alive: timeout=20
Link: <http://extra.heraldtribune.com/wp-json/>; rel="https://api.w.org/" <http://extra.heraldtribune.com/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json" <http://extra.heraldtribune.com/>; rel=shortlink
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
X-Cache: HIT: 1
X-Cache-Group: normal
X-Cacheable: SHORT
X-Pingback: http://extra.heraldtribune.com/xmlrpc.php
X-TEC-API-ORIGIN: http://extra.heraldtribune.com
X-TEC-API-ROOT: http://extra.heraldtribune.com/wp-json/tribe/events/v1/
X-TEC-API-VERSION: v1
x-powered-by: WP Engine

GET
H/1.1 200
OK style.css
htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/ 65 KB
14 KB 32ms
17ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/style.css
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a1bbc7e6a1ffd902db1b2c6e168ad659cedb3cc4f5a1200d9c9b237fae741d2

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 12 Sep 2019 07:25:09 GMT
Server: cloudflare
Age: 367419
ETag: W/"5d79f2d5-102ec"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30af535533-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK common-skeleton.min.css
htmulti.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 26 KB
5 KB 401ms
386ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.7
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 970ccf298ad56cb8787ad1690e4f16b78f9065a475e892d7ff6f05a7002031ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 26 Aug 2020 06:13:14 GMT
Server: cloudflare
ETag: W/"5f45fd7a-67b5"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30ad7aa868-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK tooltip.min.css
htmulti.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
1 KB 399ms
385ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.7
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 26 Aug 2020 06:13:14 GMT
Server: cloudflare
ETag: W/"5f45fd7a-662"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30ad5fdfb3-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.min.css
htmulti.wpenginepowered.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 31ms
17ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Fri, 10 Mar 2023 00:22:37 GMT
Server: cloudflare
Age: 74892
ETag: W/"640a784d-17ced"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30a9b3a82b-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK classic-themes.min.css
htmulti.wpenginepowered.com/wp-includes/css/ 291 B
702 B 28ms
15ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 13 Feb 2023 20:50:19 GMT
Server: cloudflare
Age: 2649
ETag: W/"63eaa28b-123"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30af41a80d-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 217ms
106ms Stylesheet
text/css 142.250.66.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2Cregularitalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A400&ver=6.2.2

Requested by

Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f10.1e100.net

Software

ESF /

Resource Hash

a525e5273ce8c85d24a7b02fac09328d0ef18a7e046f41995117a484412061f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 02:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:07:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 02:07:01 GMT

GET
H/1.1 200
OK jquery-ui.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 31 KB
6 KB 338ms
14ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css?ver=6.2.2
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 3829421
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 6050
X-Served-By: cache-lga21969-LGA, cache-bne12525-BNE
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
X-Timer: S1698631622.544786,VS0,VE0
ETag: W/"28feccc0-7d2e"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
Accept-Ranges: bytes
X-Cache-Hits: 61, 31235

GET
H/1.1 200
OK colorbox.css
htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/js/css/ 3 KB
2 KB 26ms
14ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/js/css/colorbox.css?ver=6.2.2
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e0c219c32da41ada18d984505171d053c4808ae4492cd7d54ca1cad4828deb

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 12 Sep 2019 07:25:09 GMT
Server: cloudflare
Age: 74891
ETag: W/"5d79f2d5-b77"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30abc45744-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK rating_star.js Show response
htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/js/ 2 KB
1 KB 414ms
385ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/js/rating_star.js?ver=6.2.2
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 320c795c6f8d74cef4d10181f65be73db4ce333029c979a35816eb07f881e09e

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 12 Sep 2019 07:25:09 GMT
Server: cloudflare
ETag: W/"5d79f2d5-75d"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30cbe25744-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jquery.colorbox-min.js Show response
htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/js/ 10 KB
5 KB 431ms
402ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/js/jquery.colorbox-min.js?ver=6.2.2
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9dc6f2a031549e52b87bd31a6cf76dc0bac5ba167530df45bdf7ea9a6655399

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 12 Sep 2019 07:25:09 GMT
Server: cloudflare
ETag: W/"5d79f2d5-29f4"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a30cf53a80d-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK js Show response
maps.googleapis.com/maps/api/ 173 KB
60 KB 130ms
119ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.googleapis.com/maps/api/js?sensor=false&ver=6.2.2

Requested by

Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/

Protocol

HTTP/1.1

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

68f5dd3d027c2a0097d164b9d048f6bb434605697c22060f89d7ebf023ed2462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: scaffolding on HTTPServer2
Vary: Accept-Language, Origin, X-Origin, Referer
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 60525
X-XSS-Protection: 0

GET
H/1.1 200
OK glass.png
htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/images/ 272 B
806 B 18ms
17ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/images/glass.png
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2fda85c3efd777d1aff5ef4d1dedfe5b73c913e0efeaa782b6776e0d74e867

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
CF-Cache-Status: HIT
Age: 74890
Cf-Polished: origFmt=png, origSize=617
Content-Disposition: inline; filename="glass.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 272
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 12 Sep 2019 07:25:09 GMT
Server: cloudflare
ETag: "5d79f2d5-269"
Vary: Accept
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81e01a30c9d4a82b-SYD

GET
H/1.1 200
OK INSANE_WEB-2.jpg
extra.heraldtribune.com/files/2013/09/ 31 KB
31 KB 495ms
338ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/INSANE_WEB-2.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 778fcc6978a635e31fa7f86b23b6fa72980d23bf905707a605e62e40aca31671

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Last-Modified: Wed, 22 Mar 2017 07:11:00 GMT
Server: nginx
ETag: "c99b314756b52d79df4f9fd17d5b5d4c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 31643
Expires: Wed, 29 Nov 2023 02:07:01 GMT

GET
H2

200

gpt.js Show response
www.googletagservices.com/tag/js/
Redirect Chain

http://www.googletagservices.com/tag/js/gpt.js
https://www.googletagservices.com/tag/js/gpt.js

89 KB
29 KB

524ms
122ms

Script
text/javascript

142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/

Protocol

Server

142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

0cd78a62182d95ef6b70b971493bd841bf9212b188bc8d66e3d35223a2b18451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 02:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29154
x-xss-protection: 0
server: cafe
etag: 410 / 19660 / 31079072 / config-hash: 13942866851986637457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 02:07:02 GMT

Redirect headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location: https://www.googletagservices.com/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 30 Oct 2023 02:07:02 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
extra.heraldtribune.com/wp-includes/js/ 18 KB
5 KB 178ms
177ms Script
application/javascript 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://extra.heraldtribune.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2023 00:53:25 GMT
Server: nginx
ETag: W/"63db0985-4904"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK new-tab.js Show response
htmulti.wpenginepowered.com/wp-content/plugins/page-links-to/dist/ 24 KB
9 KB 383ms
382ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://htmulti.wpenginepowered.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.4
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 23 Jul 2020 09:31:00 GMT
Server: cloudflare
ETag: W/"5f1958d4-609e"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 81e01a319ab0a82b-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 404
Not Found sdk.js
platform.tout.com/ 0
0 799ms
167ms Script
text/html 103.224.182.246
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.tout.com/sdk.js
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 103.224.182.246 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-246.above.com
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H/1.1 200
OK gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
510 B 402ms
98ms XHR
application/json 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?sensor=false&ver=6.2.2

Protocol

HTTP/1.1

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: scaffolding on HTTPServer2
Vary: Origin, X-Origin, Referer
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://extra.heraldtribune.com
Access-Control-Expose-Headers: vary,vary,vary,content-encoding,date,server,content-length
Cache-Control: private
Content-Length: 23
X-XSS-Protection: 0

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

318ms
3ms

Script
application/x-javascript

157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/

Protocol

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

a3fdd859b77f1f21e9c0737909df4d0030a6e24e07843b81fe8cefe64d1ce46c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 02:07:02 GMT
content-md5: tlN7QEgI/IDTyykxc1U1dA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: lHF7upHnKbr727FbMkM60ZgQFuEQ7Nl+lZnOO8ZEr+4CdbXJNSV+k5dOwpfngu4Wz4DUcMmZvIVCfH8P9P6AvA==
x-fb-content-md5: d64a8af5555e33ad5b7b83df48bb2551
cross-origin-opener-policy: same-origin-allow-popups
etag: "e4b66416bdbe2a683c1913d8625bf053"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 30 Oct 2023 02:21:48 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1&appId=846021808821787
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK nav-drop-shadow.png
htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/images/ 98 B
594 B 13ms
13ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://htmulti.wpenginepowered.com/wp-content/themes/ht-niche-2012/images/nav-drop-shadow.png
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f90d093f632031c3edd51424a0fcdc20aa135ee41653c697caad946243dad4e3

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:01 GMT
CF-Cache-Status: HIT
Age: 144892
Cf-Polished: origSize=146, status=webp_bigger
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 98
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 12 Sep 2019 07:25:09 GMT
Server: cloudflare
ETag: "5d79f2d5-92"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 81e01a33baafa80d-SYD

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 427ms
3ms Font
font/woff2 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300italic%2C400%2Cregularitalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A400&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://extra.heraldtribune.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 10:39:57 GMT
x-content-type-options: nosniff
age: 314825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 10:39:57 GMT

GET
H/1.1 200
OK INSURANCE.jpg
extra.heraldtribune.com/files/2013/09/ 119 KB
120 KB 518ms
377ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/INSURANCE.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 36b704690715b60407176cd8de66ab0119d35d05b555e41d0719ef0103e0c3d1

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:32 GMT
Server: nginx
ETag: "b9aca4552a5c2f9a06d0e7018d7d7741"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 122334
Expires: Wed, 29 Nov 2023 02:07:02 GMT

GET
H/1.1 200
OK BIAS_WEB-1.jpg
extra.heraldtribune.com/files/2013/09/ 21 KB
21 KB 472ms
310ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/BIAS_WEB-1.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e1c9026c4fcae4d18b25df175bff845893aa7547700a36d3f86df83f187a51d6

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:53 GMT
Server: nginx
ETag: "903ee9fa3a5f0e5174b61d76dfce7b4d"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 21265
Expires: Wed, 29 Nov 2023 02:07:02 GMT

GET
H/1.1 200
OK MASON.jpg
extra.heraldtribune.com/files/2013/09/ 111 KB
111 KB 568ms
391ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/MASON.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1269f9844285ccc1ff73b02f532066860a0b92014c83f9bf29b2b413198bf91c

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:27 GMT
Server: nginx
ETag: "3420548469cfc8ec4357c504bd953a98"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 113284
Expires: Wed, 29 Nov 2023 02:07:02 GMT

GET
H/1.1 200
OK HOUSING.jpg
extra.heraldtribune.com/files/2013/09/ 106 KB
107 KB 546ms
369ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/HOUSING.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e7a71b58bbeb862953f784850c19761b03627da38082864d1a7cd40f56ac9d61

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:37 GMT
Server: nginx
ETag: "c57feeca3640cbc9a4147c7577d97ac7"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 108774
Expires: Wed, 29 Nov 2023 02:07:02 GMT

GET
H/1.1 200
OK medicaid.jpg
extra.heraldtribune.com/files/2013/09/ 157 KB
157 KB 412ms
375ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/medicaid.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99835adbfb9961d55febf3e90f2acb4b669a570a3917a45d17ed8d8926e8e4e3

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Last-Modified: Wed, 22 Mar 2017 07:11:29 GMT
Server: nginx
ETag: "39418983e4912c16aaef87bde4998984"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 160302
Expires: Wed, 29 Nov 2023 02:07:02 GMT

GET
H/1.1 200
OK flip.jpg
extra.heraldtribune.com/files/2013/09/ 187 KB
187 KB 405ms
388ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/flip.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 333ffbfb4112ab9bbc6a8935302cddb39d6663bbaaf2def86501b1e215ba0a0e

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:28 GMT
Server: nginx
ETag: "20a98365960f071f2d3d5532006cfb32"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 191644
Expires: Wed, 29 Nov 2023 02:07:02 GMT

GET
H/1.1 200
OK scared.jpg
extra.heraldtribune.com/files/2013/09/ 171 KB
172 KB 356ms
356ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/scared.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b3991053ed63c1f1067866b9c3c9c52348b38c9891925e13b9520cb1547627b2

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:02 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:28 GMT
Server: nginx
ETag: "c1a8308b5cd6a0aa55e9264b1215fd70"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 175511
Expires: Wed, 29 Nov 2023 02:07:02 GMT

GET
H/1.1 200
OK settling.jpg
extra.heraldtribune.com/files/2013/09/ 153 KB
153 KB 422ms
420ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/settling.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b4acaf5e0706e3e87bf76755f411ba921c49b4dcee3eb1e91a2c9a2092a6307

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:03 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:44 GMT
Server: nginx
ETag: "e499f6e17f603ea18b8426a0207c6b8c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 156438
Expires: Wed, 29 Nov 2023 02:07:03 GMT

GET
H/1.1 200
OK guardianship.jpg
extra.heraldtribune.com/files/2013/09/ 124 KB
124 KB 366ms
364ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/guardianship.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3dde9829f3a38e0d9f8364981d479bff2d9e2d3ef43be0d0408042bd11f91958

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:03 GMT
Last-Modified: Wed, 22 Mar 2017 07:11:06 GMT
Server: nginx
ETag: "370dc7db3327b1d96b65f72fd5b91691"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 126563
Expires: Wed, 29 Nov 2023 02:07:03 GMT

GET
H/1.1 200
OK trans.jpg
extra.heraldtribune.com/files/2013/09/ 74 KB
74 KB 391ms
390ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/trans.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a88fd7c2bd0d16544142cd9edf661cda24a4c03475ef3ba8dab2a36b7f3b089c

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:03 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:36 GMT
Server: nginx
ETag: "3b798c114025603bf20022eabbee371b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 75899
Expires: Wed, 29 Nov 2023 02:07:03 GMT

GET
H/1.1 200
OK andre.jpg
extra.heraldtribune.com/files/2013/09/ 149 KB
149 KB 407ms
405ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/andre.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 395ae8a203ebc7cf462e3cff69af68c6703ef94b62d18599bfd6b30b1f932665

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:03 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:37 GMT
Server: nginx
ETag: "b6270d5642135a49af351b39e887678b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 152215
Expires: Wed, 29 Nov 2023 02:07:03 GMT

GET
H/1.1 200
OK medical.jpg
extra.heraldtribune.com/files/2013/09/ 157 KB
157 KB 384ms
384ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/medical.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d806e21d9bfabddb90a7b0364af0e8e9ef170df687b17c8ea6df308e76c12bbd

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:03 GMT
Last-Modified: Wed, 22 Mar 2017 07:11:18 GMT
Server: nginx
ETag: "1ce7ca251fc327ff46eb1cce387fb5fe"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 160497
Expires: Wed, 29 Nov 2023 02:07:03 GMT

GET
H/1.1 200
OK cuba.jpg
extra.heraldtribune.com/files/2013/09/ 152 KB
152 KB 381ms
380ms Image
image/jpeg 35.202.203.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://extra.heraldtribune.com/files/2013/09/cuba.jpg
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 35.202.203.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 217.203.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 522f52a20800337c183c0d71c2429d32ad3caa3e67075034ac37ee4dfcd2a673

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Mon, 30 Oct 2023 02:07:03 GMT
Last-Modified: Wed, 22 Mar 2017 07:10:37 GMT
Server: nginx
ETag: "d6be3c4c687c3cb0c25d5de9d05774cf"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 155267
Expires: Wed, 29 Nov 2023 02:07:03 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

403ms
2ms

Script
text/javascript

216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/

Protocol

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 00:12:03 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6899
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 30 Oct 2023 02:12:03 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 403
Forbidden vf.js
cdn.viafoura.net/ 0
0 1185ms
823ms Script
application/xml 18.67.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viafoura.net/vf.js
Requested by: Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/
Protocol: HTTP/1.1
Server: 18.67.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-111-105.syd62.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 313ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=96b83c2d1d5fcbc7e2bac8c0d35967f1

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

a864c643dc73b5c589f0b8910b99f33c2665860d7b84c07b37a7f481afb9bdf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://extra.heraldtribune.com/
Origin: http://extra.heraldtribune.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Oct 2023 02:07:02 GMT
content-md5: jsTSC2/C/h9QWCsahzJIVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87777
reporting-endpoints
x-fb-debug: mrwv5rTgpv4vIu8mZ0eWTTFhC3kIJZWG9usE1Vj48g4hbeiPxB8IA4QT96xULYfKau/BJqlpza5ljTT7q5hpyA==
x-fb-content-md5: 77d22387763cedb8e1e7e58a7e197dde
cross-origin-opener-policy: same-origin-allow-popups
etag: "9fbeff61546bf5b44ac35a70cae69f7f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 29 Oct 2024 01:30:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 100ms
99ms XHR
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=628143947&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAiEABBAAAACAAI~&jid=407018626&gjid=1546439080&cid=1205842206.1698631622&tid=UA-62553486-3&_gid=1204974090.1698631622&_slc=1&z=1043678448

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
358 B 670ms
175ms XHR
text/plain 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62553486-3&cid=1205842206.1698631622&jid=407018626&gjid=1546439080&_gid=1204974090.1698631622&_u=IGBAiEABBAAAAGAAI~&z=922129637

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 99ms
98ms XHR
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=628143947&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAGAAI~&jid=1913383959&gjid=1857186853&cid=1205842206.1698631622&tid=UA-51861146-1&_gid=1204974090.1698631622&_slc=1&z=1256671800

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 671ms
179ms XHR
text/plain 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51861146-1&cid=1205842206.1698631622&jid=1913383959&gjid=1857186853&_gid=1204974090.1698631622&_u=IGDAiEABBAAAAGAAI~&z=1753956328

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 98ms
98ms XHR
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=628143947&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAGAAI~&jid=1459577742&gjid=753233391&cid=1205842206.1698631622&tid=UA-62553486-1&_gid=1204974090.1698631622&_slc=1&z=1985246861

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e774edd6eae8c823ee24c2af01c63b01a6decf545d15db15f5b42571ef761288

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 667ms
177ms XHR
text/plain 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62553486-1&cid=1205842206.1698631622&jid=1459577742&gjid=753233391&_gid=1204974090.1698631622&_u=IGDAiEABBAAAAGAAI~&z=93540351

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 99ms
99ms XHR
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=628143947&t=pageview&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAiEABBAAAAGAAI~&jid=616864288&gjid=94757011&cid=1205842206.1698631622&tid=UA-62598409-14&_gid=1204974090.1698631622&_slc=1&z=1621894644

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c97c7877f80d6a393c7baf69cb57f8e880e14c7349f99fd63ef6c29a1947c4b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 668ms
181ms XHR
text/plain 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62598409-14&cid=1205842206.1698631622&jid=616864288&gjid=94757011&_gid=1204974090.1698631622&_u=IGDAiEABBAAAAGAAI~&z=2066985396

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://extra.heraldtribune.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Oct 2023 02:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 222ms
117ms Script
application/javascript 172.217.167.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BPP2GKV9MH&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

74137d64dfe7b69db33d509fc39ff5743bd0b736ad5c4bdefb47023add9c84c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 02:07:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 02:07:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 313ms
210ms Script
application/javascript 172.217.167.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RX6RQ262YP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

90dfa711656c3d67df49da14d164bd4245309f2d685bfacbbea44e2fdcc30ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 02:07:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Oct 2023 02:07:02 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 779ms
222ms Fetch
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=846021808821787&input_token&origin=1&redirect_uri=http%3A%2F%2Fextra.heraldtribune.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=96b83c2d1d5fcbc7e2bac8c0d35967f1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Mon, 30 Oct 2023 02:07:03 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: SV3pbiGY4DY5MBSYokjzFuZKet159TUAYyO8y2qfsSA+91a2Lm+V7FMfqNShyflGFesp3O8V6hRrLo/wHJ+1vg==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://extra.heraldtribune.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 422 KB
133 KB 602ms
2ms Script
text/javascript 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9894
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 28 Oct 2024 23:22:09 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 151ms
151ms Ping
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BPP2GKV9MH&gtm=45je3ap0v9125658284&_p=628143947&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1205842206.1698631622&_eu=ABAI&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F&dt=Home%20-%20Extra&sid=1698631622&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPP2GKV9MH&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 599ms
100ms Image
image/gif 142.251.221.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-62553486-3&cid=1205842206.1698631622&jid=407018626&_u=IGBAiEABBAAAAGAAI~&z=332271602

Requested by

Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 510ms
103ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-62553486-3&cid=1205842206.1698631622&jid=407018626&_u=IGBAiEABBAAAAGAAI~&z=332271602

Requested by

Host: extra.heraldtribune.com
URL: http://extra.heraldtribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 100ms
100ms Ping
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RX6RQ262YP&gtm=45je3ap0v9125541649&_p=628143947&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1205842206.1698631622&_eu=ABAI&_s=1&dl=http%3A%2F%2Fextra.heraldtribune.com%2F&dt=Home%20-%20Extra&sid=1698631622&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RX6RQ262YP&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Oct 2023 02:07:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://extra.heraldtribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H2 200 container.html Show response
866e87498e1c9ed421056b3ade676fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 59B0 6 KB
3 KB 825ms
100ms Document
text/html 142.250.204.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://866e87498e1c9ed421056b3ade676fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://extra.heraldtribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 02:07:04 GMT
expires: Tue, 29 Oct 2024 02:07:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 627ms
130ms XHR
application/json 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

e467d09635ef9fa06bd9ca25b2941c35d87057c1ebb7dbc22805bb38fbaadf5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 02:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12310
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 753ms
344ms Script
text/javascript 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 02:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Oct 2023 02:07:05 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 65CB 13 KB
5 KB 3ms
2ms Document
text/html 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://extra.heraldtribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 17744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 29 Oct 2023 21:11:21 GMT
expires: Mon, 28 Oct 2024 21:11:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBCB 829 B
999 B 100ms
99ms Document
text/html 142.251.221.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f4.1e100.net

Software

GSE /

Resource Hash

1e34f0481110d08cee87ab7237c097ae5187cee8797972866e61c64d2ea99cd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TbpKnOhEX0ZUkjFCTTC0tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://extra.heraldtribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TbpKnOhEX0ZUkjFCTTC0tQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Oct 2023 02:07:05 GMT
expires: Mon, 30 Oct 2023 02:07:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 65CB 38 KB
15 KB 401ms
3ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 21:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 21:11:26 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBCB 0
0 441ms
139ms Image
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=1461215267965303&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 65CB 0
40 B 2ms
2ms Image
text/plain 142.251.221.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?InW3rw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 02:07:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 140ms
139ms Image
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=1461215267965303&bg=!BgWlBUrNAAbo5yKYyOc7ADQBe5WfOLbPwe76uJXJT_SNLMJtKQEsmQYeZ5NOBvE_QBRSMdGYyTHF9xiTilhgXG1cXMcgAgAAAEBSAAAAA2gBBwoAjVoH90T8WI6WjJcSos7voH74NU12312d3g921-m9jq6qh9fqUos9zywgWIh46dOMAhOY4oerimdwaV3A3hBAOV4tnsq2AE8rfKbeBrNCDswACxkh2dcQXUp2xHUA1gvCInbKDMC7WYH0EfwT9flL7qeIWiXWLWq6CnmgKpON19tjy7gy1m4VYwiKIHgAxpkCw74spXrCI29Wa0uO7wOaEjoGDSUD6S7-9RVjbKyJyCbIcFdlC4mZoOXAaA9op9uEn_Tvht404ErZJud9fqoLzqk69FfrULdR5TTSABrI3pSfez3DuKgxQm_R7pw7GYTO9Ynbnw-IFWK4NESORLCLfnaUAy7UjD6mbZSVW3129SGzfBVhqOOjhzWdR0jeUGaSS_PrtcVoTcKM-P_revgR3ADpz3FByDlUkOcZmI0FJsjn_Jc0PVTrAHiFPOEB_thgSadDhkbl38Adgwm5fwz9dKd7v43KcAy7p-YwaF0idHb2bHGA1WNLBIYmqrC7YO37DyEREEhdKV5JtdvsX2uZPfDVdysdtMOIwC3Z6vEdhIe5zZywEjOx3Qdq5rndXx6-Si7UWCUthnxs3YrahoqkGwGVRuebragDzs7NWz0BANHZEfPxnc3cx5RWuzeb-I6WTXdCvivwvG4Prj3vIX95m95BBTMSfncqOU46L2-Lb3hOISA7MkqbAyFWz_YLg3A46xIUI6uxRr0niemJdYMubKz2W1zwlA1zWdjzwhrT9jrCW5pcv8wRgICch--G_XLqswnedIqAKzRrRXeYsr9ZoaQcwgenZrHz1I1GsDfYzs6GygN6ahu9_sP3FWjH4LIqigw-2bg57Ds1XU9bmbHTyLCsTbvZ8Hm4zYK30xunKM7qEVs5TXj_1tk2KsEFcDb8mQX0Em_WrJDrko6gU4pqyzXkaPWLYmUMcjgxdqNvXsEsecqoN2eZHSs-AeJn7bl-6uvkc0GUrO8ZITr0AAodww1HzjO2iqF_zyBxsOspaV94tMpPIjB9g6dm9Cr16DYjQgOjOkWE4FB3e0ooB1RA1KaZrTEWd9nt__l5V_Rqx_ESgiegYwStyEq-HCpMyweWupEFdtH694w49GbKRuU_XHiIAIbYi7K0rJ7TIR4p8_wI4hfm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H/1.1 200
OK common.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/11/intl/en_au/ 254 KB
72 KB 5ms
5ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.googleapis.com/maps-api-v3/api/js/54/11/intl/en_au/common.js

Requested by

Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?sensor=false&ver=6.2.2

Protocol

HTTP/1.1

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

sffe /

Resource Hash

7d072dd3dc92fea1c44275670306c15ddcd9c3aa68c80f6eb3a552b6bebeb2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 20:04:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 453786
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 73091
X-XSS-Protection: 0
Last-Modified: Tue, 24 Oct 2023 04:24:46 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="maps-api-js"
Vary: Accept-Encoding, Origin
Report-To: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 23 Oct 2024 20:04:00 GMT

GET
H/1.1 200
OK util.js Show response
maps.googleapis.com/maps-api-v3/api/js/54/11/intl/en_au/ 155 KB
58 KB 12ms
3ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://maps.googleapis.com/maps-api-v3/api/js/54/11/intl/en_au/util.js

Requested by

Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?sensor=false&ver=6.2.2

Protocol

HTTP/1.1

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

sffe /

Resource Hash

2d319ebade90c08799ca2dea1a783cf0b28d53633406628eee146fc2f36fb812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://extra.heraldtribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 24 Oct 2023 20:03:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 453791
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 58388
X-XSS-Protection: 0
Last-Modified: Tue, 24 Oct 2023 04:24:46 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="maps-api-js"
Vary: Accept-Encoding, Origin
Report-To: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 23 Oct 2024 20:03:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1461215267965303&correlator=1900845389660518&eid=31079072%2C31079234%2C44777900&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&iu_parts=11564835%2Cheraldtribune.com%2CExtra&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C728x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1698631623345&lmt=1698602823&adxs=-9%2C310%2C-9%2C-9%2C-9&adys=-9%2C7179%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&bc=23&nvt=1&url=http%3A%2F%2Fextra.heraldtribune.com%2F&vis=1&psz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&fws=2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1205842206.1698631622&ga_sid=1698631623&ga_hid=628143947&ga_fc=true&dlt=1698631621205&idt=2111&prev_scp=slot%3DBase%2520Leaderboard%7Cslot%3DView%2520Plus%2520Leaderboard%7Cslot%3DBase%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec&adks=1763901911%2C2628459104%2C2133351017%2C2133351014%2C2133351015&frm=20

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heraldtribune.com/	1970-01-21 01:26:31	Name: _ga Value: GA1.2.1205842206.1698631622
.heraldtribune.com/	1970-01-20 15:51:58	Name: _gid Value: GA1.2.1204974090.1698631622
.heraldtribune.com/	1970-01-20 15:50:31	Name: _gat Value: 1
.heraldtribune.com/	1970-01-20 15:50:31	Name: _gat_rollup1 Value: 1
.heraldtribune.com/	1970-01-20 15:50:31	Name: _gat_rollup2 Value: 1
.heraldtribune.com/	1970-01-20 15:50:31	Name: _gat_rollup3 Value: 1
.heraldtribune.com/	1970-01-21 01:26:31	Name: _ga_BPP2GKV9MH Value: GS1.2.1698631622.1.0.1698631622.0.0.0
.heraldtribune.com/	1970-01-21 01:26:31	Name: _ga_RX6RQ262YP Value: GS1.2.1698631622.1.0.1698631622.0.0.0
.doubleclick.net/	1970-01-20 15:50:32	Name: test_cookie Value: CheckForPermission

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://platform.tout.com/sdk.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://cdn.viafoura.net/vf.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: http://extra.heraldtribune.com/ Message: Access to fetch at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1461215267965303&correlator=1900845389660518&eid=31079072%2C31079234%2C44777900&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&iu_parts=11564835%2Cheraldtribune.com%2CExtra&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C728x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1698631623345&lmt=1698602823&adxs=-9%2C310%2C-9%2C-9%2C-9&adys=-9%2C7179%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&bc=23&nvt=1&url=http%3A%2F%2Fextra.heraldtribune.com%2F&vis=1&psz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&fws=2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1205842206.1698631622&ga_sid=1698631623&ga_hid=628143947&ga_fc=true&dlt=1698631621205&idt=2111&prev_scp=slot%3DBase%2520Leaderboard%7Cslot%3DView%2520Plus%2520Leaderboard%7Cslot%3DBase%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec&adks=1763901911%2C2628459104%2C2133351017%2C2133351014%2C2133351015&frm=20' from origin 'http://extra.heraldtribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1461215267965303&correlator=1900845389660518&eid=31079072%2C31079234%2C44777900&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&iu_parts=11564835%2Cheraldtribune.com%2CExtra&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C728x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1698631623345&lmt=1698602823&adxs=-9%2C310%2C-9%2C-9%2C-9&adys=-9%2C7179%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&bc=23&nvt=1&url=http%3A%2F%2Fextra.heraldtribune.com%2F&vis=1&psz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C980x0%7C0x-1%7C0x-1%7C0x-1&fws=2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1205842206.1698631622&ga_sid=1698631623&ga_hid=628143947&ga_fc=true&dlt=1698631621205&idt=2111&prev_scp=slot%3DBase%2520Leaderboard%7Cslot%3DView%2520Plus%2520Leaderboard%7Cslot%3DBase%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec%7Cslot%3DView%2520Plus%2520Med%2520Rec&adks=1763901911%2C2628459104%2C2133351017%2C2133351014%2C2133351015&frm=20 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

866e87498e1c9ed421056b3ade676fa9.safeframe.googlesyndication.com
cdn.viafoura.net
code.jquery.com
connect.facebook.net
extra.heraldtribune.com
fonts.googleapis.com
fonts.gstatic.com
htmulti.wpenginepowered.com
maps.googleapis.com
pagead2.googlesyndication.com
platform.tout.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
securepubads.g.doubleclick.net
103.224.182.246
141.193.213.11
142.250.204.1
142.250.204.2
142.250.204.3
142.250.66.202
142.250.66.226
142.250.71.66
142.251.221.65
142.251.221.67
142.251.221.68
151.101.130.137
157.240.8.23
157.240.8.35
172.217.167.104
172.217.167.74
18.67.111.105
216.239.36.178
35.202.203.217
74.125.130.154
0cd78a62182d95ef6b70b971493bd841bf9212b188bc8d66e3d35223a2b18451
1269f9844285ccc1ff73b02f532066860a0b92014c83f9bf29b2b413198bf91c
1a1bbc7e6a1ffd902db1b2c6e168ad659cedb3cc4f5a1200d9c9b237fae741d2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e34f0481110d08cee87ab7237c097ae5187cee8797972866e61c64d2ea99cd2
2d319ebade90c08799ca2dea1a783cf0b28d53633406628eee146fc2f36fb812
320c795c6f8d74cef4d10181f65be73db4ce333029c979a35816eb07f881e09e
333ffbfb4112ab9bbc6a8935302cddb39d6663bbaaf2def86501b1e215ba0a0e
36b704690715b60407176cd8de66ab0119d35d05b555e41d0719ef0103e0c3d1
395ae8a203ebc7cf462e3cff69af68c6703ef94b62d18599bfd6b30b1f932665
3dde9829f3a38e0d9f8364981d479bff2d9e2d3ef43be0d0408042bd11f91958
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
522f52a20800337c183c0d71c2429d32ad3caa3e67075034ac37ee4dfcd2a673
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68f5dd3d027c2a0097d164b9d048f6bb434605697c22060f89d7ebf023ed2462
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73e0c219c32da41ada18d984505171d053c4808ae4492cd7d54ca1cad4828deb
74137d64dfe7b69db33d509fc39ff5743bd0b736ad5c4bdefb47023add9c84c4
778fcc6978a635e31fa7f86b23b6fa72980d23bf905707a605e62e40aca31671
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7b4acaf5e0706e3e87bf76755f411ba921c49b4dcee3eb1e91a2c9a2092a6307
7d072dd3dc92fea1c44275670306c15ddcd9c3aa68c80f6eb3a552b6bebeb2fc
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
90dfa711656c3d67df49da14d164bd4245309f2d685bfacbbea44e2fdcc30ecd
970ccf298ad56cb8787ad1690e4f16b78f9065a475e892d7ff6f05a7002031ae
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99835adbfb9961d55febf3e90f2acb4b669a570a3917a45d17ed8d8926e8e4e3
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c286c1a80773a8c752ffc323aec348776f86ab242a4e58636b87f376e0853b1
a3fdd859b77f1f21e9c0737909df4d0030a6e24e07843b81fe8cefe64d1ce46c
a525e5273ce8c85d24a7b02fac09328d0ef18a7e046f41995117a484412061f7
a864c643dc73b5c589f0b8910b99f33c2665860d7b84c07b37a7f481afb9bdf5
a88fd7c2bd0d16544142cd9edf661cda24a4c03475ef3ba8dab2a36b7f3b089c
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b3991053ed63c1f1067866b9c3c9c52348b38c9891925e13b9520cb1547627b2
b9dc6f2a031549e52b87bd31a6cf76dc0bac5ba167530df45bdf7ea9a6655399
c97c7877f80d6a393c7baf69cb57f8e880e14c7349f99fd63ef6c29a1947c4b8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d806e21d9bfabddb90a7b0364af0e8e9ef170df687b17c8ea6df308e76c12bbd
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de2fda85c3efd777d1aff5ef4d1dedfe5b73c913e0efeaa782b6776e0d74e867
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c9026c4fcae4d18b25df175bff845893aa7547700a36d3f86df83f187a51d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467d09635ef9fa06bd9ca25b2941c35d87057c1ebb7dbc22805bb38fbaadf5a
e774edd6eae8c823ee24c2af01c63b01a6decf545d15db15f5b42571ef761288
e7a71b58bbeb862953f784850c19761b03627da38082864d1a7cd40f56ac9d61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02d9d11d97a826ba4abceb3c6dd259645d42826e8d457de64289a787294cd54
f90d093f632031c3edd51424a0fcdc20aa135ee41653c697caad946243dad4e3

extra.heraldtribune.com Open in urlscan Pro 35.202.203.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

42 %HTTPS

0 %IPv6

16 Domains

20 Subdomains

21 IPs

2 Countries

2514 kBTransfer

4117 kBSize

9 Cookies

24 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

extra.heraldtribune.com Open in urlscan Pro
35.202.203.217 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

42 %
HTTPS

0 %
IPv6

16
Domains

20
Subdomains

21
IPs

2
Countries

2514 kB
Transfer

4117 kB
Size

9
Cookies

66 HTTP transactions
0 data transactions