www.reporterherald.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reporterherald.com/
Effective URL:
https://www.reporterherald.com/
Submission Tags: tranco_l324
Submission: On November 05 via api (November 5th 2021, 9:10:33 am UTC) from DE — Scanned from DE

Summary HTTP 224 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 60 IPs in 5 countries across 47 domains to perform 224 HTTP transactions. The main IP is 192.0.66.2, located in United States and belongs to AUTOMATTIC, US. The main domain is www.reporterherald.com.
TLS certificate: Issued by R3 on September 21st 2021. Valid for: 3 months.

This is the only time www.reporterherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 40	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.66.241.177 18.66.241.177	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.106 18.66.248.106	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.245.48 18.66.245.48	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.14 18.66.248.14	16509 (AMAZON-02) (AMAZON-02)
9	18.66.248.49 18.66.248.49	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:224a:9400:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.82.152.48 13.82.152.48	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.245.59 18.66.245.59	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
16	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
2	34.192.61.210 34.192.61.210	14618 (AMAZON-AES) (AMAZON-AES)
2	52.29.191.52 52.29.191.52	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.248.66 18.66.248.66	16509 (AMAZON-02) (AMAZON-02)
3	199.88.148.106 199.88.148.106	14913 (MEDIA-NEW...) (MEDIA-NEWS-GROUP)
1	18.66.248.110 18.66.248.110	16509 (AMAZON-02) (AMAZON-02)
7	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.216.83.80 52.216.83.80	16509 (AMAZON-02) (AMAZON-02)
7	104.111.239.167 104.111.239.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:224... 2600:9000:224a:ea00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.28.103.21 52.28.103.21	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	178.250.2.80 178.250.2.80	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
19	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	104.26.4.15 104.26.4.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6ea4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	44.195.4.65 44.195.4.65	14618 (AMAZON-AES) (AMAZON-AES)
17	20.60.80.2 20.60.80.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	2600:9000:224... 2600:9000:224a:d600:8:aaff:ad40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.248.105 18.66.248.105	16509 (AMAZON-02) (AMAZON-02)
1	54.214.242.183 54.214.242.183	16509 (AMAZON-02) (AMAZON-02)
1	34.98.126.214 34.98.126.214	15169 (GOOGLE) (GOOGLE)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2010	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	13.69.106.217 13.69.106.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
224	60

40 192.0.66.2 (United States) 2 redirects

ASN2635 (AUTOMATTIC, US)

reporterherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.reporterherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.241.177 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.106 (United States)

ASN16509 (AMAZON-02, US)

mng-reporterherald.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.245.48 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.14 (United States)

ASN16509 (AMAZON-02, US)

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.248.49 (United States)

ASN16509 (AMAZON-02, US)

v476.reporterherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:9400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.82.152.48 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prodmg2.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.245.59 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ayc0zsm69431gfebd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.61.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-61-210.compute-1.amazonaws.com

medianewsgroup.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.191.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-191-52.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.66 (United States)

ASN16509 (AMAZON-02, US)

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.88.148.106 (United States)

ASN14913 (MEDIA-NEWS-GROUP, US)

extras.prairiemountainmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
extras.dailycamera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.110 (United States)

ASN16509 (AMAZON-02, US)

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.83.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.239.167 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-167.deploy.static.akamaitechnologies.com

digitalservices.ap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pro32.ap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:ea00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.103.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-103-21.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.80 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

3pd.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

85ca0df38d9d74fd4cf4bd6fbbd49470.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
92a83ab950e32d2e24f6a3175aa0e002.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f15ee346f134532fadd4ecdfdc21f076.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcc390d9da7f1730fc089ebabefdaea4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.15 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.4.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-4-65.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 20.60.80.2 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

citysparkstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:224a:d600:8:aaff:ad40:93a1 (United States)

ASN16509 (AMAZON-02, US)

mapi.associatedpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.105 (United States)

ASN16509 (AMAZON-02, US)

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.214.242.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-242-183.us-west-2.compute.amazonaws.com

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.126.214 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 214.126.98.34.bc.googleusercontent.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

lanista-bidder-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	reporterherald.com 2 redirects reporterherald.com www.reporterherald.com v476.reporterherald.com	954 KB
25	googlesyndication.com pagead2.googlesyndication.com 85ca0df38d9d74fd4cf4bd6fbbd49470.safeframe.googlesyndication.com tpc.googlesyndication.com 92a83ab950e32d2e24f6a3175aa0e002.safeframe.googlesyndication.com f15ee346f134532fadd4ecdfdc21f076.safeframe.googlesyndication.com bcc390d9da7f1730fc089ebabefdaea4.safeframe.googlesyndication.com	448 KB
18	windows.net prodmg2.blob.core.windows.net citysparkstorage.blob.core.windows.net	912 KB
10	ayc0zsm69431gfebd.xyz cdn.ayc0zsm69431gfebd.xyz	205 KB
7	associatedpress.com mapi.associatedpress.com	91 KB
7	ap.org digitalservices.ap.org pro32.ap.org	109 KB
7	doubleclick.net securepubads.g.doubleclick.net	519 KB
6	googletagservices.com www.googletagservices.com	202 KB
5	amazon-adsystem.com c.amazon-adsystem.com	76 KB
4	google-analytics.com www.google-analytics.com ssl.google-analytics.com	60 KB
4	criteo.com bidder.criteo.com 3pd.criteo.com gum.criteo.com	2 KB
4	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net	107 KB
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com	8 KB
4	azureedge.net loader-cdn.azureedge.net fp-cdn.azureedge.net g2insights-cdn.azureedge.net csp.azureedge.net	298 KB
4	p-n.io cdn.p-n.io k.p-n.io	59 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com storage.googleapis.com	425 KB
3	openx.net lanista-bidder-d.openx.net eu-u.openx.net	58 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	114 KB
2	visualstudio.com dc.services.visualstudio.com	665 B
2	gweini.com s.gweini.com fs.gweini.com	17 KB
2	cityspark.com cdn.cityspark.com p.cityspark.com	18 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	898 B
2	googletagmanager.com www.googletagmanager.com	142 KB
2	prairiemountainmedia.com extras.prairiemountainmedia.com	11 KB
2	blueconic.net medianewsgroup.blueconic.net	1 KB
2	msecnd.net az416426.vo.msecnd.net	44 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	osano.com cmp.osano.com	98 KB
2	zeustechnology.com mng-reporterherald.zeustechnology.com	99 KB
2	jsdelivr.net cdn.jsdelivr.net	98 KB
1	lanistaads.com api.lanistaads.com
1	mthsense.com ads3.mthsense.com	8 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	db-ip.com api-mg2.db-ip.com	904 B
1	3lift.com tlx.3lift.com	269 B
1	rubiconproject.com fastlane.rubiconproject.com	3 KB
1	casalemedia.com htlb.casalemedia.com	400 B
1	adnxs.com ib.adnxs.com	1 KB
1	liadm.com b-code.liadm.com	10 KB
1	amazonaws.com paywall-ad-bucket.s3.amazonaws.com	1 KB
1	privacymanager.io geo.privacymanager.io	594 B
1	dailycamera.com extras.dailycamera.com	869 B
1	rlcdn.com ats.rlcdn.com	57 KB
1	criteo.net static.criteo.net	38 KB
1	polyfill.io polyfill.io	589 B
1	parsely.com cdn.parsely.com	19 KB
1	auth0.com cdn.auth0.com	38 KB
224	47

	Domain	Requested by
38	www.reporterherald.com	www.reporterherald.com www.gstatic.com cmp.osano.com
19	pagead2.googlesyndication.com	az416426.vo.msecnd.net www.reporterherald.com securepubads.g.doubleclick.net www.googletagservices.com pagead2.googlesyndication.com
17	citysparkstorage.blob.core.windows.net	extras.prairiemountainmedia.com
10	cdn.ayc0zsm69431gfebd.xyz	cmp.osano.com
9	v476.reporterherald.com	www.reporterherald.com v476.reporterherald.com cmp.osano.com az416426.vo.msecnd.net
7	mapi.associatedpress.com	extras.dailycamera.com
7	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net www.googletagservices.com
6	www.googletagservices.com	securepubads.g.doubleclick.net pro32.ap.org www.reporterherald.com
6	pro32.ap.org	extras.dailycamera.com pro32.ap.org ajax.googleapis.com
5	c.amazon-adsystem.com	www.reporterherald.com c.amazon-adsystem.com az416426.vo.msecnd.net
4	prod-dfm-proxy-connext.azurewebsites.net	cdn.ayc0zsm69431gfebd.xyz
3	www.google-analytics.com	cmp.osano.com www.reporterherald.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	lanista-bidder-d.openx.net	www.reporterherald.com lanista-bidder-d.openx.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	bidder.criteo.com	az416426.vo.msecnd.net static.criteo.net
2	sb.scorecardresearch.com	1 redirects www.reporterherald.com
2	www.googletagmanager.com	cmp.osano.com
2	ads.pubmatic.com	cmp.osano.com
2	extras.prairiemountainmedia.com	www.reporterherald.com extras.prairiemountainmedia.com
2	k.p-n.io	cdn.p-n.io
2	medianewsgroup.blueconic.net	v476.reporterherald.com cmp.osano.com
2	az416426.vo.msecnd.net	www.reporterherald.com cmp.osano.com
2	cmp.osano.com	www.reporterherald.com cmp.osano.com
2	cdn.p-n.io	www.reporterherald.com cmp.osano.com
2	www.gstatic.com	www.reporterherald.com
2	ajax.googleapis.com	www.reporterherald.com pro32.ap.org
2	mng-reporterherald.zeustechnology.com	www.reporterherald.com
2	cdn.jsdelivr.net	www.reporterherald.com cdn.jsdelivr.net
2	reporterherald.com	2 redirects
1	bcc390d9da7f1730fc089ebabefdaea4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f15ee346f134532fadd4ecdfdc21f076.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	eu-u.openx.net	lanista-bidder-d.openx.net
1	gum.criteo.com	cmp.osano.com
1	storage.googleapis.com	ads3.mthsense.com
1	92a83ab950e32d2e24f6a3175aa0e002.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	api.lanistaads.com	extras.prairiemountainmedia.com
1	ads3.mthsense.com	fs.gweini.com
1	fs.gweini.com	s.gweini.com
1	ssl.google-analytics.com	pro32.ap.org
1	fonts.gstatic.com	fonts.googleapis.com
1	s.gweini.com	csp.azureedge.net
1	fonts.googleapis.com	client
1	csp.azureedge.net	cdn.cityspark.com
1	cdnjs.cloudflare.com	cdn.cityspark.com
1	api-mg2.db-ip.com	cdn.ayc0zsm69431gfebd.xyz
1	85ca0df38d9d74fd4cf4bd6fbbd49470.safeframe.googlesyndication.com	cmp.osano.com
1	3pd.criteo.com	az416426.vo.msecnd.net
1	p.cityspark.com	cdn.cityspark.com
1	image6.pubmatic.com	ads.pubmatic.com
1	tlx.3lift.com	az416426.vo.msecnd.net
1	fastlane.rubiconproject.com	az416426.vo.msecnd.net
1	hbopenbid.pubmatic.com	az416426.vo.msecnd.net
1	htlb.casalemedia.com	az416426.vo.msecnd.net
1	ib.adnxs.com	az416426.vo.msecnd.net
1	cdn.cityspark.com	extras.prairiemountainmedia.com
1	b-code.liadm.com	cmp.osano.com
1	digitalservices.ap.org	extras.dailycamera.com
1	paywall-ad-bucket.s3.amazonaws.com	www.reporterherald.com
1	geo.privacymanager.io	ats.rlcdn.com
1	pixel.wp.com	www.reporterherald.com
1	extras.dailycamera.com	www.reporterherald.com
1	g2insights-cdn.azureedge.net	cmp.osano.com
1	fp-cdn.azureedge.net	cmp.osano.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	ats.rlcdn.com	cmp.osano.com
1	static.criteo.net	cmp.osano.com
1	polyfill.io	ajax.googleapis.com
1	stats.wp.com	www.reporterherald.com
1	cdn.parsely.com	www.reporterherald.com
1	prodmg2.blob.core.windows.net	www.reporterherald.com
1	cdn.auth0.com	www.reporterherald.com
224	72

This site contains links to these domains. Also see Links.

Domain
www.medianewsgroup.com
www.accuweather.com
www.buffzone.com
www.lovelandmag.com
www.legacy.com
www.frontrangeclassifieds.com
athomecolorado.com
www.coloradojobsource.com
mylocal.reporterherald.com
nococouponbook.com
northerncoloradolife.com
www.prairiemountainmedia.com
lovelandreporterherald-co.newsmemory.com
checkout.reporterherald.com
mng-prod.auth0.com
enewspaper.reporterherald.com
myaccount.reporterherald.com
facebook.com
twitter.com
www.coloradobusinessprofiles.com
www.adtaxi.com
reporterherald.newsbank.com
dailycamera.smugmug.com
nieonline.com
www.longmontmagazine.com
www.raisedintherockies.com
www.mytowncolorado.com
www.timescall.com
www.eptrail.com
www.coloradoboxoffice.com
www.greeleytribune.com
vip.wordpress.com

Subject Issuer	Validity	Valid
reporterherald.com R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.zeustechnology.com Amazon	`2021-05-15` - `2022-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.auth0.com Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
i953.greeleytribune.com Amazon	`2021-09-15` - `2022-10-14`	a year	crt.sh
cmp.osano.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-08-15` - `2022-08-15`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
*.p-n.io Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
sni22a5dgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-08` - `2022-10-09`	a year	crt.sh
sni1ad09gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-01` - `2022-11-01`	a year	crt.sh
sni1ad03gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-01` - `2022-11-01`	a year	crt.sh
sni9642gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-20` - `2022-03-22`	a year	crt.sh
postnewsads.com Go Daddy Secure Certificate Authority - G2	`2020-05-20` - `2022-01-04`	2 years	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
ap.org GeoTrust RSA CA 2018	`2021-10-14` - `2022-10-04`	a year	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-23` - `2022-10-24`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.cityspark.com Go Daddy Secure Certificate Authority - G2	`2020-02-13` - `2022-04-13`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
gweini.com Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
*.associatedpress.com Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
*.mthsense.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
api.lanistaads.com GTS CA 1D4	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.reporterherald.com/
Frame ID: 42E1AD37349B3C946524FB74A228173E
Requests: 131 HTTP requests in this frame

Frame: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Frame ID: DDA6E48AC54EEB184FDAA6F797FA5ECB
Requests: 30 HTTP requests in this frame

Frame: https://extras.dailycamera.com/widgets/RH-APWidget.html
Frame ID: A97EEC928387AC3F61D1C4F1E694239B
Requests: 2 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 7E00A6176F59CC7148EB2E25301424BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPPMZImPPMZImEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Frame ID: 2B998E5CF39EFBB28030AEDE45950BF3
Requests: 2 HTTP requests in this frame

Frame: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0
Frame ID: F2438C300A2A51CE581690838CFCA957
Requests: 14 HTTP requests in this frame

Frame: https://85ca0df38d9d74fd4cf4bd6fbbd49470.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC6A61D6B8BA411344D0DF8AD9CB1AB4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuxKcio0XCmmR42jkGRzBwJNUSUFYmyOQRWkhfWTNltXwSHNK3js76e8S7E-_PvEvEqPGUOtBEf5Vk0HRoOw9O6CZ1_ACFUGCu6Nzl6bj_eK0y3oI3r-vmFJpw9o35iN8lpQujNS7ieaWazFCTc2VceRDTt06r9kTrmy7DwjrGRloYI83SavORYNFTcP-lWxCexB4cPTusfE_3DAmuwL9ppGgOBrRRzFeXgDuSW42tBh2gcbiTBT1ej2QxMyyBdP92-nslmT_nElBxCrtYiuH_PQyxfUhUtXIqBiN2T51lQVITB0OcM-5--ubWgZOlkYeh6i0IgkC1yPH0CXUTHSWGb3jPBIQ&sig=Cg0ArKJSzE12m5u6ehLoEAE&uach_m=[UACH]&adurl=
Frame ID: FD03F7EF0F544BC92C9491E897CC308C
Requests: 8 HTTP requests in this frame

Frame: https://pro32.ap.org/reporterherald/ap_widgets/widget/ad/latest_news
Frame ID: A146284096872501EF25C6CE558AA679
Requests: 4 HTTP requests in this frame

Frame: https://ads3.mthsense.com/RenderAd.aspx?id=14806&width=300&height=250
Frame ID: 2B6DDB4D67554A74EB781FE4D47452AA
Requests: 1 HTTP requests in this frame

Frame: https://92a83ab950e32d2e24f6a3175aa0e002.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 2B5F449970B6734E66D391A9850785FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstaUuCG4yOnRfFSQRbTyb8BrKdTb6VFIiOj1zBs0zL2XHieASrkKUzigrZzf3XtQEjUJ7LJWCH8n2W9apzuwgDnagNl6Hocv-swg8hGs2zxlNvUXRaFgABt4IYA_9afXTGoWeUxwYDYCDeRByTow0Hb4y1C6ZS8o9JA0rO9zJIqrN9Tjt1PB1li2cym0BvFJmA_QWRU-nvggqEpajeWv3zNcVWhcPBv0DM_0z7z2UllLdEx_cLnSSxnKpUadO1BhpMEvLRjB6E2y2lwnvZCP1XxrWClJz2hAQg2X5DqgwcxY47UuAOLIpe1VrSGnxv3wRqGMCwMEruYmWE&sig=Cg0ArKJSzN_axxc8mj7AEAE&uach_m=[UACH]&adurl=
Frame ID: 0DE9E5D90CF0BBAE0E838128A1113A83
Requests: 7 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 6C6D845A75EE528C6D7D0C30318F6A04
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.reporterherald.com&gdpr=1&gdpr_consent=CPPMZIePPMZIeEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA
Frame ID: AB4A434ED746C2FF90F000E47493E3B5
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=true&gdpr_consent=CPPMZI_PPMZI_EXABBDEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA
Frame ID: F7FE5D1DBEC02AE351D7FBD437FF59EB
Requests: 1 HTTP requests in this frame

Frame: https://f15ee346f134532fadd4ecdfdc21f076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: B4970DA73F87AC022A7D10883C11AC8B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuM4eEi2f2jCkg21u9TPoSFS-FoO4MwS0Ergtg4DUmkJfPRjpw-fTSJrRaRnkuI7tguqYkrpZqGq9wNyMopUb0XSANwaO-HWYljmPXl72URlGuRv7ArtIZN6AtMJwjoyq-L1RK67c7CgFG7j-Z6VnMeWR2SxdqxDTc1CFQsqgvE3-w_35IpDWOi40zTe05kHLl-aW-3I_gMqvqLuDxgc1e9-FXOOuEVLWU1IqfiKOzgHW-cGIZOnNJRK3hOEc6RFeGhdiVn-5kCsEguqMx19qcuURdjMd0_nXTwC-3svHfsWysX2vD2AHLFiIZp6PtPsZfN75nQWTqwJM_sr4gIzyfw&sig=Cg0ArKJSzA9ieG5hqGR_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F2705F460CFF3B13BC44FD637B43AA41
Requests: 7 HTTP requests in this frame

Frame: https://bcc390d9da7f1730fc089ebabefdaea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: 4BF22E573EC7746C892A71C0010FF91D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstjbLxcZ4OiIXkgb_QTKA4GfYvaH89Cm54nJE1djv3M2qPGbmZk9R1LYZ-YdCxU3RoDK3VJFdpyyZZzbAoAyN4JGE13ddtutIV49UN85teU7sHJeywPBVBXt2zbQNpTc4cciZz099K87HPVEruGBeITBTLpq94x5mJ6cRKDdHHXuVnEX0Ju576dFRzMPTlgk7oS83Wki9O9nmao4MkFVIHApBo4gIx4xe-daBXXSHNR7CK2t6_-cXqZEK8AeU6xobRekX4cUI0vvM2rX4I3U-xDa2SfntxLOPOkj9uy-uJx0gYnzrSavP4W47XlAZGCaD2F89si2zY-jIVkojyqva0Oq0c&sig=Cg0ArKJSzLgr9Y3JkLi3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 703086911774B96E72B7A3CF2A4A8804
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loveland Reporter-Herald – Loveland, Colorado breaking news, sports, business, entertainment, real estate, jobs and classifiedsSchließen Sie die Cookie-Einstellungen

Page URL History Show full URLs

http://reporterherald.com/ HTTP 301
https://reporterherald.com/ HTTP 301
https://www.reporterherald.com/ Page URL

Page Statistics

224
Requests

92 %
HTTPS

39 %
IPv6

47
Domains

72
Subdomains

60
IPs

5
Countries

5375 kB
Transfer

13195 kB
Size

19
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Datenspeicherungsrichtlinie

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/us/loveland/80537/current-weather/332151?lang=en-us&partner=mng_45
Title: Weather

Search URL Search Domain Scan URL

URL: https://www.buffzone.com/
Title: Buffzone.com

Search URL Search Domain Scan URL

URL: https://www.lovelandmag.com/
Title: Loveland Magazine

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/reporterherald
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.frontrangeclassifieds.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://athomecolorado.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.coloradojobsource.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://mylocal.reporterherald.com/
Title: Business Directory

Search URL Search Domain Scan URL

URL: https://mylocal.reporterherald.com/AdEverywhere/SI/PR/LD/?s=reporterherald&cc=35
Title: Today’s Ads

Search URL Search Domain Scan URL

URL: https://nococouponbook.com/
Title: Coupons

Search URL Search Domain Scan URL

URL: https://northerncoloradolife.com/
Title: Northern Colorado Life

Search URL Search Domain Scan URL

URL: https://www.prairiemountainmedia.com/advertise
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://lovelandreporterherald-co.newsmemory.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://checkout.reporterherald.com/?returnUrl=https%253A%252F%252Fwww.reporterherald.com%252F
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://mng-prod.auth0.com/v2/logout?returnTo=https%3A%2F%2Fwww.reporterherald.com%2F
Title: Logout

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/loveland-co/80537/current-weather/35257_pc?lang=en-us&partner=mng_45
Title: 39°F

Search URL Search Domain Scan URL

URL: https://enewspaper.reporterherald.com/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://myaccount.reporterherald.com/
Title: Customer Care

Search URL Search Domain Scan URL

URL: https://myaccount.reporterherald.com/lrh/preference
Title: Sign Up For Newsletters

Search URL Search Domain Scan URL

URL: https://facebook.com/reporterherald
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/reporterherald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.coloradobusinessprofiles.com/superior-businesses/cold-weather-settling-in-your-guide-to-late-fall-and-early-winter-landscape-maintenance/
Title: Cold Weather Settling In: Your Guide to Late-Fall and Early-Winter Landscape Maintenance Prepare the Yard in Early Winter to Have a Spectacular Landscape in the Spring Leaves continue to fall as autumn’s...

Search URL Search Domain Scan URL

URL: https://www.coloradobusinessprofiles.com/aurora-businesses/fred-smith-hall-of-fame-member/
Title: Fred Smith, Hall of Fame Member Fred Smith, Realtor has been helping people buy and sell homes in Heather Garden—one of the most desirable age 55+...

Search URL Search Domain Scan URL

URL: https://www.coloradobusinessprofiles.com/greeley-businesses/cozy-country-care/
Title: Cozy Country Care Cozy Country Care offers trusted in-home assisted living care in Greeley. The qualified vocational nurses, CNAs and personal caregivers assist...

Search URL Search Domain Scan URL

URL: https://www.coloradobusinessprofiles.com/longmont-businesses/cant-decide-my-favorite-sandwich/
Title: Can’t Decide My Favorite Sandwich What is my favorite sandwich at Your Butcher, Frank? Po Boy? Roast Beef with Horseradish? I can’t decide! The Tuscan...

Search URL Search Domain Scan URL

URL: https://www.coloradobusinessprofiles.com/boulder-businesses/find-your-dream-home-in-boulder/
Title: Find Your Dream Home In Boulder Home is where the heart is! The Patrick Dolan Team will help you find your dream home in Boulder and...

Search URL Search Domain Scan URL

URL: https://checkout.reporterherald.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/advertise-with-us/
Title: MNG Network Advertising

Search URL Search Domain Scan URL

URL: https://www.adtaxi.com/our-approach
Title: Adtaxi Solutions

Search URL Search Domain Scan URL

URL: https://www.prairiemountainmedia.com/
Title: Prairie Mountain Media Advertising

Search URL Search Domain Scan URL

URL: https://www.frontrangeclassifieds.com/
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://reporterherald.newsbank.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://dailycamera.smugmug.com/
Title: Purchase Photos

Search URL Search Domain Scan URL

URL: https://nieonline.com/coloradonie/
Title: Newspaper in Education

Search URL Search Domain Scan URL

URL: https://www.longmontmagazine.com/
Title: Longmont Magazine

Search URL Search Domain Scan URL

URL: https://www.raisedintherockies.com/
Title: Raised in the Rockies

Search URL Search Domain Scan URL

URL: https://www.mytowncolorado.com/
Title: My Town Colorado

Search URL Search Domain Scan URL

URL: https://www.timescall.com/
Title: Longmont Times-Call

Search URL Search Domain Scan URL

URL: https://www.eptrail.com/
Title: Estes Park Trail-Gazette

Search URL Search Domain Scan URL

URL: https://www.coloradoboxoffice.com/
Title: Colorado Box Office

Search URL Search Domain Scan URL

URL: https://www.greeleytribune.com/
Title: Greeley Tribune

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/copyright
Title: Copyright ©2021 MediaNews Group, Inc.

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/accessibility-statement/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reporterherald.com/ HTTP 301
https://reporterherald.com/ HTTP 301
https://www.reporterherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1636103427741&ns_c=UTF-8&c8=Loveland%20Reporter-Herald%20%E2%80%93%20Loveland%2C%20Colorado%20breaking%20news%2C%20sports%2C%20business%2C%20entertainment%2C%20real%20estate%2C%20jobs%20and%20classifieds&c7=https%3A%2F%2Fwww.reporterherald.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1636103427741&ns_c=UTF-8&c8=Loveland%20Reporter-Herald%20%E2%80%93%20Loveland%2C%20Colorado%20breaking%20news%2C%20sports%2C%20business%2C%20entertainment%2C%20real%20estate%2C%20jobs%20and%20classifieds&c7=https%3A%2F%2Fwww.reporterherald.com%2F&c9=

224 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.reporterherald.com/
Redirect Chain

http://reporterherald.com/
https://reporterherald.com/
https://www.reporterherald.com/

247 KB
46 KB

15ms
6ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

0093a1936c66669a95040e3f5db5cb42457433fab411799e0fae6562e65a5612

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 05 Nov 2021 09:10:25 GMT
content-type: text/html; charset=UTF-8
content-length: 46710
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.reporterherald.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/aTVuP>; rel=shortlink
content-encoding: gzip
x-rq: hhn2 0 2 9980
cache-control: max-age=300, must-revalidate
age: 1066
x-cache: hit
vary: Accept-Encoding
accept-ranges: bytes
strict-transport-security: max-age=31536000;includeSubdomains

Redirect headers

server: nginx
date: Fri, 05 Nov 2021 09:10:25 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.reporterherald.com/
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
x-redirect-by: WordPress
x-rq: hhn2 0 2 9980
cache-control: max-age=300, must-revalidate
age: 1066
x-cache: hit
strict-transport-security: max-age=31536000;includeSubdomains

GET
H2 200 droid-sans-regular.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 22 KB
22 KB 7ms
5ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/droid-sans-regular.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3395ef075ee4c9d243a2b3ba591a4ec4896f0cc6add2434cb416e19a291f4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 26
x-cache: hit
content-length: 22792
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-5908"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:25 GMT

GET
H2 200 droid-sans-bold.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 22 KB
23 KB 163ms
159ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/droid-sans-bold.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8b52955ddb6d6e75624fe0c01be5d9750382b17bb089efd881e3ae65d95e5898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 22928
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-5990"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 droid-serif-regular.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 27 KB
27 KB 163ms
159ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/droid-serif-regular.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bff267b7d30ba1cc8c4388c5231cf3f5928e078c66279061dfdd07175f9eacb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 27560
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-6ba8"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 droid-serif-italic.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 24 KB
24 KB 10ms
4ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/droid-serif-italic.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9ca0fc6763a6aef9953e392c700931a95744204f09d448128381d8e0b92d6e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 26
x-cache: hit
content-length: 24900
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-6144"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:25 GMT

GET
H2 200 droid-serif-bold.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 27 KB
27 KB 168ms
163ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/droid-serif-bold.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7c51c8ca9b8579915848d0c09263e53ee8ec6f9d29d22b1c0ef8ab7f90ae080c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 27796
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-6c94"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 droid-serif-bold-italic.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 29 KB
29 KB 171ms
165ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/droid-serif-bold-italic.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3b70c60ff10623dc3165d6c7614e64543a052f0d66d42c1f1f85396110294b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 29220
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-7224"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 arvo-regular.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 17 KB
17 KB 166ms
160ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/arvo-regular.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 17300
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-4394"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 arvo-italic.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 17 KB
17 KB 173ms
167ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/arvo-italic.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 16932
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-4224"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 arvo-bold.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 17 KB
17 KB 166ms
160ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/arvo-bold.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 17300
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-4394"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 arvo-bold-italic.woff2
www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/ 17 KB
17 KB 166ms
161ms Font
font/woff2 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-psi-google-fonts/assets/dist/google-fonts/arvo-bold-italic.woff2

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b6fdfdd0279d966f322f2a5fefd4c3762d904e6f91d36f83665da91c9fe6dad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.reporterherald.com/
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
vary: X-Mobile-Class, Accept-Encoding
age: 0
x-cache: miss
content-length: 17472
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
etag: "61830d08-4440"
strict-transport-security: max-age=31536000;includeSubdomains
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 /
www.reporterherald.com/_static/ 3 KB
441 B 10ms
5ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/_static/??-eJylzFkKhDAQBNALTU8r4/ohc5ZgFho0HVJRr288g19VRcHjK9GqsbhYOG1HkAi2fqcEoaAaNke+3mADuBpWUHhFLVnFEkzEt84Pv3RcFv8OMvnUR/jvSzv8+nmc+qa7AeP+Uow=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3634a5e3902588bfb7c1d72b1de3a92838e316513597859af751d52be5f78fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 59055
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 383

GET
H2 200 /
www.reporterherald.com/_static/ 97 KB
14 KB 11ms
5ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/_static/??-eJyNUFtuwkAMvFAdU0Hzh1CPsvE6weDdjeKNUG6PeVSCFqF+WeN5aGw8jSCZdI5sSGYYxSp2WugIKt0UpgWtLspNkty44AMfHQfDxFECKyfO9QmMGhaeQHkItPzP7twjfjJRyfWiGXUeJHvRPkEuVXqhUKXke/3f27cZKQ8Q5rr33V3vx/qkF0xzfYP9ySIVH5Bm+Em1ifA7GgYzrrdaqXSiDCHu2TwLbi91Zpe2n+26XW3W7dfqDH/glZI=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2a41cb52c64a703adeb8ee6b430f8d0d6547f1e47f25680d579c8c997e411bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 59055
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 14732

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 46ms
26ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 908610
x-jsd-version: 1.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19128-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a94f2ec18b44e13-FRA

GET
H2 200 /
www.reporterherald.com/_static/ 87 KB
17 KB 12ms
7ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/_static/??-eJyNjdsKwjAQRH/IzbbUenkQvyUk2xLNZXE3FP/eBBR87NvMwDmDG4MrWSkrcqxryIJ+SWA9pOIFRa0Gh05adC+ibFLIptUD/pGpwg9+kLJ1TxgHM2FT1EiCW/ArqaAWBi6i3fuOtNvT779DZ+7pNp6m+Xq+zMPxA2GBRck=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8161fcd7164112feeacdd711539dfdc8168b37b4e68f9285c1bd95e7364b4549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 38761
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 17408

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 70ms
11ms Script
application/javascript 18.66.241.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding: gzip
etag: fc2e1be4d234471752ea2ebee7e63d1e
age: 392
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1H580C9TCVZG47ZSKMCH
date: Fri, 05 Nov 2021 09:03:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: J-aXAj3hupDZG6BB2et0JKlhFyWhE0fMDIiuqlwRCmyTyGjiHoDMFg==

GET
H2 200 zeus-adapter.js Show response
www.reporterherald.com/wp-content/plugins/dfm_zeus/assets/dist/ 17 KB
6 KB 11ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm_zeus/assets/dist/zeus-adapter.js?m=1635978504g

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 59055
etag: W/"61830d08-43df"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 5681
expires: Sat, 05 Nov 2022 09:10:25 GMT

GET
H2 200 main.js Show response
mng-reporterherald.zeustechnology.com/ 210 KB
50 KB 72ms
35ms Script
application/javascript 18.66.248.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-reporterherald.zeustechnology.com/main.js
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4d9ea6bb419e73440d55433f83323ab86c2aa82a0c5d43dcc229add90ddcad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: t4nRuLlTaFmxk4TbmMYRoBryP2278NMx
content-encoding: br
last-modified: Tue, 12 Oct 2021 14:56:56 GMT
server: AmazonS3
age: 1757
etag: W/"ef08618c45c6edb15391fa10bddf7480"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b628053fca1386b0c2ba37163842b26f.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Fri, 05 Nov 2021 08:41:10 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: sKpK-kJQXqRzXWs5PKL-UJ6NSNEZPsL2ZdGcMpGVgXrds7T0JdeH6A==

GET
H2 200 / Show response
www.reporterherald.com/_static/ 7 KB
2 KB 13ms
8ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/_static/??/wp-content/plugins/dfm_zeus/assets/dist/dfm-zeus-bundle.js,/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1635978504j

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da640ae45fbcf4fb2cb9a590a3e223ef7e61be3ce5b77eb54552f6e1d8a4d1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 59055
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 2358

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:44:13 GMT
x-content-type-options: nosniff
age: 26772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 05 Nov 2022 01:44:13 GMT

GET
H2 200 loader.min.js Show response
www.reporterherald.com/wp-content/plugins/loader-wp/static/ 16 KB
5 KB 13ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 119 85 3106
last-modified: Mon, 08 Mar 2021 11:28:45 GMT
server: nginx
age: 15826033
etag: W/"60460a6d-3e4a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 5483
expires: Sat, 05 Nov 2022 09:10:25 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.7.0/ 34 KB
34 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.7.0/firebase-app.js?ver=5.8.1

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:42:01 GMT
x-content-type-options: nosniff
age: 95304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34844
x-xss-protection: 0
last-modified: Fri, 07 Dec 2018 01:03:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Fri, 04 Nov 2022 06:42:01 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.7.0/ 35 KB
36 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.7.0/firebase-messaging.js?ver=5.8.1

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 13:24:46 GMT
x-content-type-options: nosniff
age: 71139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35848
x-xss-protection: 0
last-modified: Fri, 07 Dec 2018 01:03:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Fri, 04 Nov 2022 13:24:46 GMT

GET
H2 200 webpush.js Show response
www.reporterherald.com/wp-content/plugins/dfm-notifications/js/ 6 KB
2 KB 13ms
9ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-notifications/js/webpush.js?m=1635978504g

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7f997821db76edb6ea21b173579ac3f14292a711ffc58ebc71b1f62c576ca90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 59055
etag: W/"61830d08-16ef"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 1952
expires: Sat, 05 Nov 2022 09:10:25 GMT

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 71ms
13ms Script
application/javascript 18.66.245.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=5.8.1
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.245.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
age: 3575
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b85afd3a476827aadec8c79e8673c565.cloudfront.net (CloudFront)
cache-control: max-age=10800,public
date: Fri, 05 Nov 2021 08:11:00 GMT
x-amz-replication-status: FAILED
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: F19Eqx6x4OtDpkKyWjygxHf4cb_UkN7fu_YZy2kh1g61oL0drwBFSA==

GET
H2 200 / Show response
www.reporterherald.com/_static/ 29 KB
8 KB 13ms
10ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/_static/??-eJytzDEOgCAMBdALCdWobMbVayASLYFqpESPL04ubjr9n9/0wbEJsxJbYth8mpEiBJqFTrzkDY1mXAki5zQvFxk0khwTTd5KFwv46uVnsif/Sd6VvQ05459uwkHf2P6gfegqVauyqVVbugtiFoVC

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da38573ef3645a4b0965915e03a67ef150072596c225a2adc6903a6b8021c63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 59055
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 7848

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 307 KB
56 KB 54ms
22ms Script
application/javascript 18.66.248.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=zobsoYQrlfi9esSj45qQw4HtzSiUeTz4Hagr&ver=5.8.1
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54e3486d7713d19aad67a32fa6ba3a9bac0265798269fda9b84ea39c53c75854

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 02:50:17 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: W/"dfd7586e4b5a3d16cfc69cfbd7ae2d34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-id: NvJr0ktTtLUVVs689b4ZbTHgyfVc4PSzGz_hUuGCnFd1aQfqhQrwNw==

GET
H2 200 dfm-pushly.min.js Show response
www.reporterherald.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
207 B 13ms
10ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1635978504g

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 59055
etag: "61830d08-a0"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160
expires: Sat, 05 Nov 2022 09:10:25 GMT

GET
H2 200 script.js Show response
v476.reporterherald.com/ 145 KB
44 KB 67ms
13ms Script
text/javascript 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://v476.reporterherald.com/script.js

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

46498c7439692cc178a39641f95069195fa6af9a59300a93c55d25e8c0475ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 554
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 44008
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Nov 2021 02:20:36 GMT
server: -
etag: 08ee2fb9b65bde582ebe8a117f70ef4c
content-type: text/javascript; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: mLg7kKScCNCZ_gG_gqDziGKP5d1xuEO92P7lGAVFzQGnWOzg8jMYzw==
expires: Fri, 05 Nov 2021 09:11:11 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 408 KB
97 KB 75ms
17ms Script
application/javascript 2600:9000:224a:9400:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:9400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

bca63524136b90b4088fbca3a3f08ad3299c1173843ebbcbd96308f961f3e893

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 10:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81655
x-cache: Hit from cloudfront
content-length: 98906
x-xss-protection: mode=block
last-modified: Tue, 12 Oct 2021 22:46:29 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "9168ae53632e9758319c6e73c0dad5a7"
strict-transport-security: max-age=2592000
content-type: application/javascript; charset=utf-8
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 3V4yK9iKp87SDcnWML-McxBOPt3TOnCShCLSqqW2UAuNT2GltZCe_A==

GET
H/1.1 200
OK mg2nw.min.js Show response
prodmg2.blob.core.windows.net/newsletterwidget/mngcep/ 143 KB
144 KB 438ms
106ms Script
application/javascript 13.82.152.48
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmg2.blob.core.windows.net/newsletterwidget/mngcep/mg2nw.min.js
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.152.48 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c6dd85371ada6a77ee2ebc51b0ae9e48aca339c4bc2587a1e8e638d2016ec185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:26 GMT
Last-Modified: Tue, 05 Oct 2021 13:00:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 6BXSWoRxA3l7LFfl6gsOWg==
ETag: 0x8D98800215AA55E
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: c168f728-901e-0027-0924-d2bc36000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 146402

GET
H2 200 hhsl-check.min.js Show response
www.reporterherald.com/wp-content/plugins/dfm-ad-mods/static/js/ 2 KB
852 B 13ms
10ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-ad-mods/static/js/hhsl-check.min.js?m=1635978504g

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bcc12496cca31bf3ce07009f2b035c7405081719cc9bcc534e1272649c6afd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:25 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 59055
etag: W/"61830d08-882"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 801
expires: Sat, 05 Nov 2022 09:10:25 GMT

GET
H2 200 LovelandRH-Logo-color-fullheader-1.svg
www.reporterherald.com/wp-content/uploads/2019/07/ 25 KB
8 KB 6ms
6ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reporterherald.com/wp-content/uploads/2019/07/LovelandRH-Logo-color-fullheader-1.svg

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c06310f651ea0d66df41834526b2293f881c2aee170b316b7316db787827efcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 109 27 443
last-modified: Fri, 26 Jul 2019 18:32:39 GMT
server: nginx
etag: W/"38b4027a53fd90db"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
expires: Fri, 05 Nov 2021 16:31:02 GMT

GET
H2 200 modernvibrant.css
www.reporterherald.com/wp-content/themes/assets/static/css/ 362 KB
57 KB 7ms
6ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/themes/assets/static/css/modernvibrant.css?ver=1635978504

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f919fb862f1b3a096da56a3afb373596453cd2021f6070c83c07d0df15c79180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 59055
etag: W/"61840b82-5a81a"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 58216
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 main.js
mng-reporterherald.zeustechnology.com/ 0
50 KB 15ms
14ms Other
application/javascript 18.66.248.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-reporterherald.zeustechnology.com/main.js
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: t4nRuLlTaFmxk4TbmMYRoBryP2278NMx
content-encoding: br
last-modified: Tue, 12 Oct 2021 14:56:56 GMT
server: AmazonS3
age: 1757
etag: W/"ef08618c45c6edb15391fa10bddf7480"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b628053fca1386b0c2ba37163842b26f.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Fri, 05 Nov 2021 08:41:10 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: wGfaUzZKolHKa_0GGHYvYahSpJk3LUOf4DAV37MZaZ6EwLs69fIRDg==

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ 0
36 KB 10ms
10ms Other
application/javascript 18.66.241.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding: gzip
etag: fc2e1be4d234471752ea2ebee7e63d1e
age: 393
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1H580C9TCVZG47ZSKMCH
date: Fri, 05 Nov 2021 09:03:55 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Mx8yLtbJAOC0-CqIFEnPnEvgcr6--H2CkRJD5JyKDKGfiwVJMUvddQ==

GET
H2 200 wp-emoji-release.min.js Show response
www.reporterherald.com/wp-includes/js/ 18 KB
5 KB 7ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Thu, 09 Sep 2021 02:41:32 GMT
server: nginx
age: 4904406
etag: W/"6139745c-4705"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 4998
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 RH-backupimage-1000x563.jpg
www.reporterherald.com/wp-content/uploads/2019/04/ 34 KB
34 KB 7ms
7ms Image
image/jpeg 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reporterherald.com/wp-content/uploads/2019/04/RH-backupimage-1000x563.jpg

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

31679e8c27fefc5afdc0b9ebb568d54a4b6fd070b5dad030544d16f4045a823d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
x-rq: hhn2 109 32 443
last-modified: Tue, 23 Apr 2019 18:07:32 GMT
server: nginx
etag: "8732491be60df1dc"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34916
expires: Sun, 18 Sep 2022 04:48:43 GMT

GET
H2 200 / Show response
www.reporterherald.com/_static/ 18 KB
8 KB 7ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/_static/??-eJyVzU0KAjEMQOEL2Ymi489CPIoMbUZT2qQ0qWJPLyO4c+P2g8eDZ3Fe2JANSmo3YoUw52vHpjCpoilo9RA/7BZ2WYIOmXiIuoIffbmLCc+UEjyQg1Qo5K1VXOi/ME39pdTx+7vk82a/HU+H47jexTfPmkbQ

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b6314c8400868242589514cba66862e787c8ec59275942e0417a65f821a0a976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 59055
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 8024

GET
H2 200 ads.js Show response
www.reporterherald.com/wp-content/themes/wp-mason/static/js/ 87 B
137 B 6ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
x-rq: hhn2 119 85 3106
last-modified: Mon, 08 Mar 2021 11:28:45 GMT
server: nginx
age: 15826033
etag: "60460a6d-57"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 / Show response
www.reporterherald.com/_static/ 101 KB
29 KB 7ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/_static/??-eJydz9EOgjAMBdAfcgxFeTN+y9gGbK7tQovGv3dRHzAxRny9zUnv1desLKF4FC2jB8/aMHthzWIkWB1ZWwIgrOw447mCgFXkjf7BZUq3PqTEaxCQ8xNeQjcZlC+wJGCYcEETDaQCDMqITJ9oTvMQkLXrQRmnyit+4yV79lmPeVc6O09/yExSWi9hQJtmV0bGx04PnXev+wmO27Zp633THup4B6fxpN0=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79c4ce4f09886e955084040d8ac055db0cbcf7ccf7c160ba67a1e6851022e5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 56050
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 29498

GET
H2 200 p.js Show response
cdn.parsely.com/keys/reporterherald.com/ 50 KB
19 KB 49ms
17ms Script
application/javascript 18.66.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/reporterherald.com/p.js?ver=2.6.1
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f8d644992082201cd3506ef32baaac8b9cd8583115fce0f1baebd587ddf2e84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Nov 2021 21:22:12 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 18:41:07 GMT
server: nginx
age: 42494
etag: W/"610adf43-c8b2"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b85afd3a476827aadec8c79e8673c565.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Bh1YeKbfZOP27hFuyLf9h7m9VkXgcQkh63KOlQF_eUpXgM462dnDaQ==
expires: Fri, 05 Nov 2021 21:22:12 GMT

GET
H2 200 e-202144.js Show response
stats.wp.com/ 9 KB
3 KB 20ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202144.js
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 24 Oct 2022 05:44:33 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 37ms
16ms XHR
application/javascript 18.66.241.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 13610
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Fri, 05 Nov 2021 05:23:37 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: T9_njTNYQZYcm5FbayGSAFhLb1zz1UUq0bIEqQrxRWHJpIl3VYgbEQ==

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 46ms
7ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1057
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 275dd0c5-c01e-0081-7d22-d248af000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 05 Nov 2021 09:40:26 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
589 B 44ms
17ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1933999
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Wed, 13 Oct 2021 23:47:16 GMT
date: Fri, 05 Nov 2021 09:10:26 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cs Show response
medianewsgroup.blueconic.net/DG/DEFAULT/ 16 B
704 B 343ms
150ms Script
text/javascript 34.192.61.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?&callback=bc_json304

Requested by

Host: v476.reporterherald.com
URL: https://v476.reporterherald.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.61.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-61-210.compute-1.amazonaws.com

Software

- /

Resource Hash

0dffc993a35c25f5452de49acbaca53111b34c147ad26a7b5263efc19ee7300e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK ce4a6766-1651-4d59-a79f-2fcf72424137
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/ce4a6766-1651-4d59-a79f-2fcf72424137
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 26 KB
2 KB 17ms
17ms Stylesheet
text/css 18.66.248.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=zobsoYQrlfi9esSj45qQw4HtzSiUeTz4Hagr
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 15:59:32 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: W/"f78fe2b0b79df0619d393cfc42450ddf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-id: c7bvzj-HvX_cCX7c310wDR-Q_qIijR46mE9jMRXd3hrkbmJKURB0jQ==

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 33ms
7ms Fetch 52.29.191.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=zobsoYQrlfi9esSj45qQw4HtzSiUeTz4Hagr&ver=5.8.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.191.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-191-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 09:10:26 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 7ms
7ms Fetch 52.29.191.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=zobsoYQrlfi9esSj45qQw4HtzSiUeTz4Hagr&ver=5.8.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.191.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-191-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 09:10:26 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 57ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:26:01 GMT
server: nginx
etag: W/"6178c6c9-1d4e4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Nov 2021 09:10:26 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 411 B
775 B 12ms
11ms XHR
application/json 18.66.241.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3391&u=https%3A%2F%2Fwww.reporterherald.com%2F
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c973bafe1bd7e3abd300e68262ee59907889d1b69534846a9bc5aead514b90fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:23:36 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
server: Server
age: 13610
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reporterherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
content-length: 411
x-amz-cf-id: N87R72BHYDrM8qE9YC3FyZ-tJ5FO3WuTzoWQ0FVITfPRk5leFf3aTQ==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 185 KB
57 KB 43ms
11ms Script
application/x-javascript 18.66.248.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0df5e0051f8876a24ba8acfc88b22b342f973b8d99a4a6e4f44056a27e3606eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 12:09:46 GMT
content-encoding: br
age: 75641
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:090ae9e8-7ac3-433c-8ec2-f349b4be1ca8
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: c7596538e50ec386eab0a9d11c4631ed84d0958b9ab2973aac550585dbc5605e
x-amz-meta-codebuild-content-md5: 27d22d295041d6c325e884c8023cfee0
last-modified: Thu, 04 Nov 2021 12:09:35 GMT
server: AmazonS3
etag: W/"4b00a9026d35270085cd0ae19b388f4d"
vary: Accept-Encoding
x-amz-version-id: N3dnEheLpsLanR61OP0_WlZaqO7iPjO_
via: 1.1 5b9a6276a0cfe21df57da85d975de2dd.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
content-type: application/x-javascript
x-amz-cf-id: vgo1jrxq38R1sWCX1Yubga7YnBSRxYiEQs8-gPgQ-tJxeAb_s4DDmw==

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 1011 B
842 B 65ms
7ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1636103426011
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD5) /
Resource Hash: 96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd

Request headers

Accept: */*
Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
content-md5: i1fC4Ue5p2n4u48t1IbEIQ==
age: 706
x-cache: HIT
content-length: 465
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 10:13:01 GMT
server: ECAcc (frc/8FD5)
etag: 0x8D905773626BB80
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 70829e72-701e-004b-2d23-d217e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 59 KB
20 KB 56ms
9ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F4C) /
Resource Hash: 9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
content-md5: I+TRQO5bVyRNfhz04pv14Q==
age: 429
x-cache: HIT
content-length: 19745
x-ms-lease-status: unlocked
last-modified: Thu, 24 Dec 2020 08:54:59 GMT
server: ECAcc (frc/8F4C)
etag: 0x8D8A7E997F32F60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 20281a17-d01e-0106-3623-d29752000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 1 MB
217 KB 67ms
10ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F49) /
Resource Hash: a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
content-md5: MEV0XK+iSrlNTVyliS0EpQ==
age: 324
x-cache: HIT
content-length: 221901
x-ms-lease-status: unlocked
last-modified: Tue, 29 Dec 2020 13:55:30 GMT
server: ECAcc (frc/8F49)
etag: 0x8D8AC0167971F78
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b7769062-301e-010c-7624-d28edb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 559 KB
118 KB 73ms
10ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC9) /
Resource Hash: ea5d2befb0a4e0ce54a1e5014b440dcbec8a981df5921805bef7c080647dab6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
content-md5: qVIPcM+g3AcDoTOKAhEK0A==
age: 42523
x-cache: HIT
content-length: 119973
x-ms-lease-status: unlocked
last-modified: Wed, 11 Aug 2021 20:38:31 GMT
server: ECAcc (frc/8FC9)
etag: 0x8D95D07FB91B69A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 91b88e7c-e01e-0067-70c1-d195d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 cs Show response
medianewsgroup.blueconic.net/DG/DEFAULT/ 16 B
701 B 364ms
267ms Script
text/javascript 34.192.61.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?&callback=bc_json305

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.61.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-61-210.compute-1.amazonaws.com

Software

- /

Resource Hash

6c44882a94fdac30f4aa6b38a58a558fd7a34559a15f96b1b0ecf890fad1cdbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 41ms
27ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 633053
x-jsd-version: 1.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 90528
x-served-by: cache-fra19170-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6a94f2f14ca90eb7-FRA

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H/1.1 200
OK RH-RightRail.html Show response
extras.prairiemountainmedia.com/widgets/ Frame DDA6 1 KB
1 KB 644ms
154ms Document
text/html 199.88.148.106
MEDIA-NEWS-GROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 199.88.148.106 , United States, ASN14913 (MEDIA-NEWS-GROUP, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 993d0eaa1eff99ff8a184c9658d4bc053b8881c67b9ec7ece9ba4ebe4bf4b528

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/

Response headers

Content-Type: text/html
Last-Modified: Mon, 30 Aug 2021 17:46:07 GMT
ETag: "fcab50e9c69dd71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 05 Nov 2021 09:10:27 GMT
Content-Length: 1154
Age: 0
Via: AX-CACHE-4.1:141

GET
H/1.1 200
OK RH-APWidget.html Show response
extras.dailycamera.com/widgets/ Frame A97E 604 B
869 B 571ms
140ms Document
text/html 199.88.148.106
MEDIA-NEWS-GROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://extras.dailycamera.com/widgets/RH-APWidget.html
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 199.88.148.106 , United States, ASN14913 (MEDIA-NEWS-GROUP, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d187bb6117829b0682955b83244f8f99238f0aa97ec6d34950a2659638d28299

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/

Response headers

Content-Type: text/html
Last-Modified: Wed, 13 Nov 2019 20:12:06 GMT
ETag: "539e129f5e9ad51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Fri, 05 Nov 2021 09:10:27 GMT
Content-Length: 604
Age: 0
Via: AX-CACHE-4.1:141

GET
BLOB 200
OK 12543799-c0eb-40f0-9113-06633843e831
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/12543799-c0eb-40f0-9113-06633843e831
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ce6b4002-87cf-49df-bdbc-d74eb0161d3d
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/ce6b4002-87cf-49df-bdbc-d74eb0161d3d
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 24b75dbb-1eed-4a32-a814-7c058076b488
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/24b75dbb-1eed-4a32-a814-7c058076b488
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 48709cbe-ee01-4295-a4bb-749d5b8382e9
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/48709cbe-ee01-4295-a4bb-749d5b8382e9
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 1d2c1c3d-df64-41f3-83d1-c5719b953d5d
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/1d2c1c3d-df64-41f3-83d1-c5719b953d5d
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 5c73ebac-aca1-49a3-96b2-7f4c9a38a7ed
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/5c73ebac-aca1-49a3-96b2-7f4c9a38a7ed
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 manifest.json Show response
www.reporterherald.com/wp-content/plugins/dfm-notifications/js/ 37 B
138 B 169ms
169ms Fetch
application/json 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/plugins/dfm-notifications/js/manifest.json

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/5.7.0/firebase-messaging.js?ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ee3d6b75d0990392b763fa2f38a19436d2219cfd39d452502278300d2dd6d917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
x-rq: hhn2 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 0
etag: "61830d08-25"
vary: X-Mobile-Class, Accept-Encoding
x-cache: miss
content-type: application/json
cache-control: max-age=300, must-revalidate
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 37

GET
H2 200 common.chunk.min.js Show response
www.reporterherald.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 7ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 119 85 3106
last-modified: Wed, 14 Apr 2021 18:17:38 GMT
server: nginx
age: 15826033
etag: W/"607731c2-a62f"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 10587
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 common-async.chunk.min.js Show response
www.reporterherald.com/wp-content/themes/assets/static/js/ 56 KB
8 KB 7ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 118 215 3280
last-modified: Wed, 14 Apr 2021 18:17:29 GMT
server: nginx
age: 15826033
etag: W/"607731b9-e145"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 8564
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 modernvibrant-async.chunk.min.js Show response
www.reporterherald.com/wp-content/themes/assets/static/js/ 5 KB
2 KB 6ms
6ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/themes/assets/static/js/modernvibrant-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

93b37688297714b5edb70011df2031dd62ca45cfc489e10ea980ea287588fc87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:26 GMT
content-encoding: gzip
x-rq: hhn2 118 215 3280
last-modified: Wed, 14 Apr 2021 18:17:29 GMT
server: nginx
age: 15826033
etag: W/"607731b9-133d"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 1494
expires: Sat, 05 Nov 2022 09:10:26 GMT

GET
H2 200 / Show response
cmp.osano.com/ Frame 7E00 4 KB
1 KB 9ms
9ms Document
text/html 2600:9000:224a:9400:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.osano.com/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:9400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/

Response headers

content-type: text/html
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
server: AmazonS3
content-encoding: gzip
date: Thu, 04 Nov 2021 13:21:51 GMT
etag: W/"287b497c992487af362d33204f87d28f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: WmzkmRDcggyRw5AISSoISRVKA-iQcWi-B-U4ftaeFLdpaljYTVt6wg==
age: 71316

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 6ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=161092419&post=0&tz=-6&srv=www.reporterherald.com&host=www.reporterherald.com&ref=&fcp=959&rand=0.4499643836407936
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 09:10:26 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
BLOB 200
OK dbf19da4-9d8c-43c9-86cf-211d0306e384
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/dbf19da4-9d8c-43c9-86cf-211d0306e384
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 322d27f9-f466-4996-a1e0-9ba0b5850d29
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/322d27f9-f466-4996-a1e0-9ba0b5850d29
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK bd93971c-1655-42a6-882d-96a3b00fa2fd
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/bd93971c-1655-42a6-882d-96a3b00fa2fd
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 modernvibrant.css
www.reporterherald.com/wp-content/themes/assets/static/css/ 362 KB
57 KB 7ms
6ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reporterherald.com/wp-content/themes/assets/static/css/modernvibrant.css?ver=1635978504

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f919fb862f1b3a096da56a3afb373596453cd2021f6070c83c07d0df15c79180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-rq: hhn2 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 59055
etag: W/"61840b82-5a81a"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 58216
expires: Sat, 05 Nov 2022 09:10:27 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 41ms
9ms Fetch
application/json 18.66.248.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 14:32:38 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront), 1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
age: 67069
x-amzn-requestid: 9e382deb-d714-4420-b941-5dca3bf1adf0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6183ef06-028dedea012312801b5f7097;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, DUS51-P1
x-amz-apigw-id: ISJJBHpojoEFcTQ=
content-length: 30
x-amz-cf-id: Ora7bg4KijKravge2Ns9I7g1UFqZrXAjZjHccWG96kBUg-kPf1m7Rw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 295 KB
28 KB 9ms
9ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD7) /
Resource Hash: 70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
content-md5: qePO0yKWifmYWvQdlK/DtQ==
age: 42530
x-cache: HIT
content-length: 28321
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (frc/8FD7)
etag: 0x8D9056E3D33EB71
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: c54aca4c-f01e-0037-72c1-d18ad0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 46ms
23ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

d6d1d02238cb0b040b97cf9a0c2f0ade5af086b0fbc62f1ed796cb09915dfecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1034 / 439 of 1000 / last-modified: 1636063777"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27223
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:27 GMT

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 43ms
12ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300709-1af3-5c4c7cca9e573"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=110482
accept-ranges: bytes
content-type: text/javascript
content-length: 2267
expires: Sat, 06 Nov 2021 15:51:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 364 KB
85 KB 38ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbf41547ca457e40fa32d9c2d359fdc3c63d200e60d3fe1c5e1f939b13413a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86534
x-xss-protection: 0
expires: Fri, 05 Nov 2021 09:10:27 GMT

POST
H2 200 303 Show response
v476.reporterherald.com/DG/DEFAULT/rest/rpc/ 82 KB
13 KB 398ms
397ms XHR
application/json 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://v476.reporterherald.com/DG/DEFAULT/rest/rpc/303?referer=https%3A%2F%2Fwww.reporterherald.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-11-05T09%3A10%3A27%2B00%3A00&ts=1636103427197

Requested by

Host: v476.reporterherald.com
URL: https://v476.reporterherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

e9a5835cf2b5dbd2fc4214e2bfa405a806dc1c0113b8ca000ba4c59369114c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11738
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.reporterherald.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: a3QD2LNXN4lnfM1c_gLkClZ_COZAf0AJ6rKUiybBzSX4c3vOVVmi7Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H/1.1 200
OK PMPWPPROD
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 0
0 617ms
130ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/PMPWPPROD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.reporterherald.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Fri, 05 Nov 2021 09:10:26 GMT
Content-Length: 0

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 9ms
9ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1058
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 275dd0c5-c01e-0081-7d22-d248af000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 05 Nov 2021 09:40:27 GMT

GET
H/1.1 200
OK PMPWPPROD Show response
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 397 KB
106 KB 169ms
168ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/PMPWPPROD
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: 66ad26b2d152930f0d4f2011abf082f3dd2e735afb166354d681be6b7f4e1f21

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
Accept-Language: de-DE,de;q=0.9
settingskey: PMP,LRH
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MzYxMTc4Mjd9.5v9EJfPuJTaJCixBejIHFAXlX31YnZwF9t186tiMHsM
environment: prod
config-code: PMPWPPROD
access-control-allow-origin: *
ssid: a919fe55a3442526172a94d5d2789481
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
accept: application/json
content-type: application/json
location: undefined
attr: LRH
Referer: https://www.reporterherald.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 09:10:27 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 107289
X-Server-Time: 11/5/2021 9:10:28 AM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 419ms
117ms Image
image/jpeg 52.216.83.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.83.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: ACWZVAAKT7XEXWD8
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: 7JuRLU0DNhl/1frzBPQOuxYvkEYH7MFiF7emotSOWji3MNTMlPsYMGeTOLBXQWl0xa4IRKrC4vE=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
BLOB 200
OK c6fce83c-41d1-4cdc-a062-4b2471a0e591
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/c6fce83c-41d1-4cdc-a062-4b2471a0e591
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 303 Show response
v476.reporterherald.com/DG/DEFAULT/rest/rpc/ 115 B
1017 B 381ms
381ms XHR
application/json 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: v476.reporterherald.com
URL: https://v476.reporterherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

88eea662a99419c9ebe165b01436bf226dec260b2c054c28261f31febdb6a4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 126
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.reporterherald.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: oKZP98w1krQ-7-sTzD6cE3jyaboXHxBYZvuz-i_3hOjgqe4d7SpccQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 resizer.client.min.js Show response
digitalservices.ap.org/assets/js/ Frame A97E 13 KB
5 KB 79ms
9ms Script
application/javascript 104.111.239.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://digitalservices.ap.org/assets/js/resizer.client.min.js
Requested by: Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-167.deploy.static.akamaitechnologies.com
Software: AWS Server / AP - AK
Resource Hash: 70473c8ac1784e732b6f939aacf1b7c7247968e94408fb7d0dbba9fab15a11cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.dailycamera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 14:17:37 GMT
server: AWS Server
x-powered-by: AP - AK
etag: "6054b281-3275"
vary: Accept-Encoding
x-varnish: 165966045 951433
cache-control: max-age=0
x-cache-hits: 3710
x-age: 7271432
accept-ranges: bytes
content-type: application/javascript
content-length: 5196
expires: Fri, 05 Nov 2021 09:10:27 GMT

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin: https://www.reporterherald.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/truetype

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dc0103ebfd086504898c61aff90f6d06d6ef404f6e47e80aaf5718218097f9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl_2021110301.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
117 KB 16ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119127
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 207 B
154 B 31ms
17ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.reporterherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

60daa741732274b3877ae228f81f484b8bfc11ca6d0969331a72a461710e7035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
expires: Fri, 05 Nov 2021 09:10:27 GMT

GET
H2 200 www.a-05g4 Show response
b-code.liadm.com/ 25 KB
10 KB 44ms
12ms Script
application/javascript 2600:9000:224a:ea00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/www.a-05g4
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:ea00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: 8d92d8d0b011f054e7abcf358a9ad383c0956ffb9a59d3c1567b50adfff402cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 00:17:11 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e3.cloudfront.net (CloudFront)
server: ZIO-Http
age: 31996
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-P1
content-encoding: gzip
x-amz-cf-id: UjXtf1qndNpedzS6Q7ajsnFdii78GUJg2Qlpb0_UDs6tLA1OVFtoPw==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1636103427741&ns_c=UTF-8&c8=Loveland%20Reporter-Herald%20%E2%80%93%20Loveland%2C%20Colorado%20breaking%20news%2C%20sports%2C%20business%2C%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1636103427741&ns_c=UTF-8&c8=Loveland%20Reporter-Herald%20%E2%80%93%20Loveland%2C%20Colorado%20breaking%20news%2C%20sports%2C%20business%2C%...

64 B
331 B

9ms
8ms

Image
image/gif

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1636103427741&ns_c=UTF-8&c8=Loveland%20Reporter-Herald%20%E2%80%93%20Loveland%2C%20Colorado%20breaking%20news%2C%20sports%2C%20business%2C%20entertainment%2C%20real%20estate%2C%20jobs%20and%20classifieds&c7=https%3A%2F%2Fwww.reporterherald.com%2F&c9=
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: f43euwTOpBqRWc1OrvDyzSet8PSS-zYpDxPG8BqU5dDC010X2QZxZA==

Redirect headers

date: Fri, 05 Nov 2021 09:10:27 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1636103427741&ns_c=UTF-8&c8=Loveland%20Reporter-Herald%20%E2%80%93%20Loveland%2C%20Colorado%20breaking%20news%2C%20sports%2C%20business%2C%20entertainment%2C%20real%20estate%2C%20jobs%20and%20classifieds&c7=https%3A%2F%2Fwww.reporterherald.com%2F&c9=
content-length: 330
x-amz-cf-id: KmG2ylqhwgigrYTsFeXEV8zB9EBFAbNFYlvyqkS1gyf8V9tOdlpZCA==

GET
H/1.1 200
OK nococoupons.jpg
extras.prairiemountainmedia.com/widgets/images/ Frame DDA6 10 KB
10 KB 154ms
153ms Image
image/jpeg 199.88.148.106
MEDIA-NEWS-GROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://extras.prairiemountainmedia.com/widgets/images/nococoupons.jpg
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 199.88.148.106 , United States, ASN14913 (MEDIA-NEWS-GROUP, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 604f46b0971c456401dff0b798520d7ad8a45ff0e3ae897915167aea063a02d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 09:07:24 GMT
Via: AX-CACHE-4.1:141
Last-Modified: Mon, 30 Nov 2020 17:16:37 GMT
Server: Microsoft-IIS/8.5
Age: 183
X-Powered-By: ASP.NET
ETag: "4763c28f3cc7d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 9894

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ Frame DDA6 2 KB
1 KB 96ms
12ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF7) /
Resource Hash: 948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
content-md5: DgH26NwpVpUJ7mY3mCxUbA==
age: 287980
x-cache: HIT
content-length: 919
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 May 2020 14:25:32 GMT
server: ECAcc (frc/8FF7)
etag: "0x8D7F2927FD84964+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 09cffe28-201e-00a8-2786-cf66a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 RHC-L-EagleVista-js.jpg
www.reporterherald.com/wp-content/uploads/2021/11/ 119 KB
119 KB 7ms
6ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reporterherald.com/wp-content/uploads/2021/11/RHC-L-EagleVista-js.jpg?w=495

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c08c4dfde93d8222b491f23fcaf9302da264f07fb6adf8dea65a7a79856eadd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
x-rq: hhn2 109 32 443
last-modified: Fri, 05 Nov 2021 05:23:36 GMT
server: nginx
etag: "e380c79f0d3afefe"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 122002
expires: Sat, 05 Nov 2022 05:23:36 GMT

GET
H2 200 COVID-19-Entering-a-Cell-3-1.jpg
www.reporterherald.com/wp-content/uploads/2020/05/ 23 KB
23 KB 181ms
180ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reporterherald.com/wp-content/uploads/2020/05/COVID-19-Entering-a-Cell-3-1.jpg?w=380

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2dbb3d44eba910b97b8db091c9867a0c92ef3adcfac1c796e30a7571e0f8d1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
x-rq: hhn2 109 200 443
last-modified: Fri, 05 Nov 2021 09:10:27 GMT
server: nginx
etag: "94c06f6a13adde40"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 23438
expires: Sat, 05 Nov 2022 09:10:27 GMT

GET
H2 200 20190204_05RHATSDw-1.jpg
www.reporterherald.com/wp-content/uploads/migration/2019/0204/ 11 KB
12 KB 11ms
11ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reporterherald.com/wp-content/uploads/migration/2019/0204/20190204_05RHATSDw-1.jpg?w=329

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c9da5835fd13a32fd4e7ff5e9386526260a21e25996d97ccb4e866d7d936c39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
x-rq: hhn2 109 196 443
last-modified: Fri, 05 Nov 2021 01:20:21 GMT
server: nginx
etag: "119cf718b29cd67a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 11698
expires: Sat, 05 Nov 2022 01:20:21 GMT

GET
H2 200 655fc44da6a5d4e3a0a0ec1f7681bb83 Show response
v476.reporterherald.com/plugin/plugin/ 196 KB
47 KB 11ms
10ms Script
text/javascript 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://v476.reporterherald.com/plugin/plugin/655fc44da6a5d4e3a0a0ec1f7681bb83

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

a52f7164b4d4d6ab2ca3327379012c92d8e5ba0c1fde94d9089c4c62a1805f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 174325
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 47931
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 08:45:02 GMT
server: -
etag: 655fc44da6a5d4e3a0a0ec1f7681bb83
content-type: text/javascript; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: HVg6npzwtTEsp3oBYyfe1Zb9vYOAguIyZRZqEMwPDZg95NFFRAce1Q==
expires: Thu, 03 Nov 2022 08:45:02 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2B99 14 KB
5 KB 7ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPPMZImPPMZImEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=30981
expires: Fri, 05 Nov 2021 17:46:48 GMT
date: Fri, 05 Nov 2021 09:10:27 GMT
vary: Accept-Encoding

GET
BLOB 200
OK 851c9ed1-2c47-48c9-bfa6-3c07d1ccc22c
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/851c9ed1-2c47-48c9-bfa6-3c07d1ccc22c
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 5855d5ab5866fabff4aa305776d559a0 Show response
pro32.ap.org/iframe/widgets/content/ Frame F243 19 KB
5 KB 485ms
460ms Document
text/html 104.111.239.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0
Requested by: Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-167.deploy.static.akamaitechnologies.com
Software: AWS Server / AP - AK
Resource Hash: 5ca1815833b286822efaa886205c51003aad2f82f5e478e15e9106b65d789ac9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://extras.dailycamera.com/

Response headers

content-type: text/html; charset=UTF-8
x-varnish: 35220295 37060743
x-age: 10
x-cache-hits: 1
server: AWS Server
x-powered-by: AP - AK
accept-ranges: bytes
content-encoding: gzip
content-length: 4820
date: Fri, 05 Nov 2021 09:10:28 GMT
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
57 KB 326ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a461deb4ba9175a0af65f2451e3c13be1ea963abf0a39f3ebb31b8babef88ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58002
x-xss-protection: 0
expires: Fri, 05 Nov 2021 09:10:28 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 424 B
1 KB 101ms
23ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f091e25991cd1a425484fb7928c86e511b6fc2d7340896ed2d810eb8d712a050

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 09:10:27 GMT
X-Proxy-Origin: 91.199.118.155; 91.199.118.155; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a7e10f6b-2059-47fb-98b9-41772f82007f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.reporterherald.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 424
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 507 B
540 B 91ms
49ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=115&profileId=184&cb=98892576940
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 5b5e7d91ce0e11e1d90e7fad0aaebc900d3714f923606fdbf60c9e944b031ae4

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reporterherald.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 292

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 46 B
400 B 156ms
131ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?ac=j&s=212590&v=7.2&sd=1&r=%7B%22id%22%3A%22035af655-1356-487e-bfb6-85014c7e16c5%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22dba039df-a6c0-4472-a245-2745679ef4d6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A50%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653214%22%2C%22gpid%22%3A%228013%2Fzeus_Sponsorship_1%22%7D%7D%2C%7B%22id%22%3A%22c7aa9c25-121e-48b2-9071-f93687618a11%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653215%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%22fe0c19cd-6cb7-4a40-b41d-ca32352f1efa%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653215%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%22232cfb10-9ff0-4ace-8e74-f7e146d8351e%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653215%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%2204357b8c-0ef2-45fc-aa53-abecf44a5c16%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653216%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%223a66a53d-8fc6-40ee-8053-206593ce668c%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653216%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%229fefef60-e9ef-493c-9a50-4a37aed0b62c%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653216%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%22789776d7-6fe6-4d79-a351-6aec9ba932e1%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22653216%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.reporterherald.com%2F%22%2C%22ref%22%3A%22%22%7D%7D
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ac0286497bef16ca0c9b4b7ec0639458a04e7e44e17f1d834a7853afd28caf69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.155], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.reporterherald.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 66
x-ak-client-geo: 12
expires: Fri, 05 Nov 2021 09:10:28 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
121 B 55ms
12ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.reporterherald.com
date: Fri, 05 Nov 2021 09:10:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
3 KB 405ms
310ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=368550&tk_flint=custom&slots=3&size_id=44%3B2%3B15&alt_size_ids=%3B55%2C57%3B9%2C10%2C54&zone_id=2007666%3B2007658%3B2007680&rp_floor=0.01&us_privacy=1---
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: adf083923e0e7c99e000361e2aa0e56c98592be2cbdeeec270be9c3264a0eb02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 09:10:28 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.reporterherald.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 472
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
269 B 88ms
64ms XHR
application/json 52.28.103.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.reporterherald.com&debug=false&us_privacy=1---

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.103.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-103-21.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 09:10:27 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reporterherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
539 B 108ms
108ms XHR
text/javascript 18.66.241.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.reporterherald.com%2F&pid=j1yqpeXMNgG2j&cb=0&ws=1600x1200&v=7.70.0&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_Sponsorship_1%22%2C%22s%22%3A%5B%22300x50%22%5D%2C%22sn%22%3A%22%2F8013%2Freporterherald.com%2Fhome%2FSponsorship_1%22%7D%2C%7B%22sd%22%3A%22zeus_interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F8013%2Freporterherald.com%2Fhome%2Finterstitial%22%7D%2C%7B%22sd%22%3A%22zeus_top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8013%2Freporterherald.com%2Fhome%2Ftop_leaderboard%22%7D%2C%7B%22sd%22%3A%22zeus_Cube1_RRail_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8013%2Freporterherald.com%2Fhome%2FCube1_RRail_ATF%22%7D%5D&gdpre=1&gdprc=CPPMZInPPMZInEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.241.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687767.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P1
x-amz-rid: DVM4QDVD55GA71MGB2NP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.reporterherald.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: CFBY7ayH5_dNxwO_DSvBymyAlxi0nHGxuP4hJXjXE_mQRfw5da3XbQ==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2B99 0
42 B 59ms
15ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=631194&p=160200&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPPMZImPPMZImEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPPMZImPPMZImEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-length: 0

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ Frame DDA6 47 KB
16 KB 705ms
159ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=8211&callback=jsonp1636103820091
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2f6e4bf24e75395feb75c3d172e55c0e5ad6ba381892d5dcd2d3d90f0d0510fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 09:10:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H2 200 ccdc7fde61811f42630f9df8a57a77a5 Show response
v476.reporterherald.com/plugin/library/ 318 KB
100 KB 10ms
10ms Script
text/javascript 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://v476.reporterherald.com/plugin/library/ccdc7fde61811f42630f9df8a57a77a5

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

af0b286f639fb86837f9c1d54cb2cc84a212af9f67e65c560c4cfd5b4257941d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 174324
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 101239
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Nov 2021 08:45:03 GMT
server: -
etag: ccdc7fde61811f42630f9df8a57a77a5
content-type: text/javascript; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: ZD74uymYyArugIdgbKWoS7FGeQUXJU_7mwJ4o9qugpqSPq0hyMP9Ow==
expires: Thu, 03 Nov 2022 08:45:03 GMT

POST
H2 200 LB-Zone-3 Show response
v476.reporterherald.com/DG/DEFAULT/rest/rpc/303/ 94 B
675 B 384ms
384ms XHR
application/json 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://v476.reporterherald.com/DG/DEFAULT/rest/rpc/303/LB-Zone-3?referer=https%3A%2F%2Fwww.reporterherald.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-11-05T09%3A10%3A27%2B00%3A00&ts=1636103427950

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

522e7091d66d82877dae0f846b69af1cbd79f2be5280ead1a8216d4fcc5b1920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 109
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.reporterherald.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Zs_Op-FrgVBxekTPmN_VgBjlswbwQVC66Zol0svn6UtDKxe1f1qDAg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 4161
date: Fri, 05 Nov 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 05 Nov 2021 10:01:06 GMT

GET
H2 200 pixels Show response
3pd.criteo.com/user-sync/ 13 B
288 B 51ms
12ms XHR
application/json 178.250.2.80
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://3pd.criteo.com/user-sync/pixels?gdpr=CPPMZIePPMZIeEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdprapplies=true&ccpa=1---&countrycode=DE
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.80 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:27 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reporterherald.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
195 B 15ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.reporterherald.com
date: Fri, 05 Nov 2021 09:10:27 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 RHC-L-Library-avp1.jpg
www.reporterherald.com/wp-content/uploads/2021/11/ 23 KB
23 KB 179ms
178ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reporterherald.com/wp-content/uploads/2021/11/RHC-L-Library-avp1.jpg?w=323

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e91de2ed48111ba7673e3f696a17468938e08c3615514036250bac604a40bd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
x-rq: hhn2 109 196 443
last-modified: Fri, 05 Nov 2021 09:10:28 GMT
server: nginx
etag: "4cc8b41fd449afc6"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 23076
expires: Sat, 05 Nov 2022 09:10:28 GMT

GET
H2 200 RHC-L-LPDBadge-js.jpg
www.reporterherald.com/wp-content/uploads/2021/10/ 26 KB
26 KB 7ms
7ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reporterherald.com/wp-content/uploads/2021/10/RHC-L-LPDBadge-js.jpg?w=311

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6f3377cd9e831a0f6007b276a26e0471ef3879d4f8b1e7c90d423cb7a6f700e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
x-rq: hhn2 109 83 443
last-modified: Tue, 02 Nov 2021 11:33:42 GMT
server: nginx
etag: "2526fa1fe6a3a69f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 26556
expires: Wed, 02 Nov 2022 11:33:42 GMT

GET
BLOB 200
OK 3ef49657-ab40-485e-8a33-014eec8db057
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/3ef49657-ab40-485e-8a33-014eec8db057
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Nov 2021 09:43:01 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 42 KB
16 KB 191ms
168ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=2553149703938498&correlator=2085376892514528&output=ldjh&impl=fifs&eid=31063135%2C31063280%2C31063415%2C31063183&vrg=2021110301&ptt=17&gdpr_consent=CPPMZIrPPMZIrEXABBDEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211105&iu_parts=8013%2Creporterherald.com%2Chome%2CSponsorship_1%2Cinterstitial%2Ctop_leaderboard%2CCube1_RRail_ATF&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=300x50%2C1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600&prev_scp=POS%3DSponsorship_1%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Sponsorship_1.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dinterstitial%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_interstitial.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_top_leaderboard.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Cube1_RRail_ATF.init.dsk%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=zeus%3Dapplied%26zeus_8013%3Dwww.reporterherald.com%26kv%3Dhome%26page%3Dhome%26content%3D%26RPN%3D12434005566%26rurl%3D%26articleid%3D&bc=31&abxe=1&lmt=1636103428&dt=1636103428341&dlt=1636103425893&idt=1994&frm=20&biw=1600&bih=1200&oid=2&adxs=1290%2C160%2C800%2C1287&adys=53%2C213%2C339%2C496&adks=1319012258%2C2441540608%2C2410163177%2C675226903&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reporterherald.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x50%7C1x1%7C1280x250%7C304x600&msz=1x0%7C1x0%7C1x0%7C1x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f3dd302b5ad86a8bec9a9660ce3a156277ff51177dea855060aa758b251c097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15502
x-xss-protection: 0
google-lineitem-id: 5578841887,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138335781299,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reporterherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
85ca0df38d9d74fd4cf4bd6fbbd49470.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC6A 6 KB
4 KB 65ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85ca0df38d9d74fd4cf4bd6fbbd49470.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 09:10:28 GMT
expires: Sat, 05 Nov 2022 09:10:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 303 Show response
v476.reporterherald.com/DG/DEFAULT/rest/rpc/ 339 B
1 KB 442ms
442ms XHR
application/json 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

019d546f13b7befd1f6b3c4f6d3e119ea77dfef152cc136f286606561de45230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 175
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.reporterherald.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: YuQJsjUZJaVpktBuWtF9QuxH9eU-QRJEWNnUqtNm0_ZTN-VaNYkTxw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 303 Show response
v476.reporterherald.com/DG/DEFAULT/rest/rpc/ 170 B
1 KB 442ms
442ms XHR
application/json 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

bebb94b67da91b3e208ed423b4caf46daecbbd1794e989d15876661127ca3448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 164
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.reporterherald.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: XScIXRBR209LSAePrQ8ev0Z_gX47eZSqrLbmXLV_TvcSkhxizymU9g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 resizer.content.min.js Show response
pro32.ap.org/assets/js/ Frame F243 13 KB
5 KB 9ms
9ms Script
application/javascript 104.111.239.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro32.ap.org/assets/js/resizer.content.min.js
Requested by: Host: pro32.ap.org
URL: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-167.deploy.static.akamaitechnologies.com
Software: AWS Server / AP - AK
Resource Hash: 21a956bcf5c00db6c1347feed2290e4e1f3290cab567a1b8548c870f4f821441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 09:44:03 GMT
server: AWS Server
x-powered-by: AP - AK
etag: "60bf3be3-34d7"
vary: Accept-Encoding
x-varnish: 179875578 219097898
cache-control: max-age=15572
x-cache-hits: 34
x-age: 9504
accept-ranges: bytes
content-type: application/javascript
content-length: 5078
expires: Fri, 05 Nov 2021 13:30:00 GMT

POST
H2 200 303 Show response
v476.reporterherald.com/DG/DEFAULT/rest/rpc/ 4 KB
3 KB 428ms
428ms XHR
application/json 18.66.248.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

fb7314c4e4816de06bc3eadf750ee4598456f1d2eac077b2d7ac2bbe263c372f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1808
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.reporterherald.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: QjB5ZkrWnrLjTa6Kv_rAXN3kogzht-QonFC4r6V6mZfSmeaflWIlNw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame F243 94 KB
33 KB 308ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: pro32.ap.org
URL: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 20:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 02 Nov 2022 20:52:54 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 568 B
904 B 244ms
218ms Fetch
application/json 104.26.4.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1636103428557
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c204edd7cb275599bbac8ccca346c5f9d1fac4cf44c9579c71d2870c8e6efc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 09:10:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbyzg3kRgb7eXD0zLtjDnpQpUInp901x9ho29PHYCqb%2FBGrBYt6du9p6FuDLdLBtmt2HrQ8lHQD%2BuOhHcqNaAhdfKwf3OEo5tB4mjpgWtCvMzNlgL6qhOMGodXMVldQeeWIG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a94f2fca8eb6922-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame FD03 0
0 65ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuxKcio0XCmmR42jkGRzBwJNUSUFYmyOQRWkhfWTNltXwSHNK3js76e8S7E-_PvEvEqPGUOtBEf5Vk0HRoOw9O6CZ1_ACFUGCu6Nzl6bj_eK0y3oI3r-vmFJpw9o35iN8lpQujNS7ieaWazFCTc2VceRDTt06r9kTrmy7DwjrGRloYI83SavORYNFTcP-lWxCexB4cPTusfE_3DAmuwL9ppGgOBrRRzFeXgDuSW42tBh2gcbiTBT1ej2QxMyyBdP92-nslmT_nElBxCrtYiuH_PQyxfUhUtXIqBiN2T51lQVITB0OcM-5--ubWgZOlkYeh6i0IgkC1yPH0CXUTHSWGb3jPBIQ&sig=Cg0ArKJSzE12m5u6ehLoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame FD03 19 KB
8 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 09:06:30 GMT

GET
H2 200 window_focus_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FD03 3 KB
2 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 08:00:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD03 120 KB
37 KB 117ms
95ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 09:10:28 GMT

GET
H2 200 7769799501025276571
tpc.googlesyndication.com/simgad/ Frame FD03 170 KB
171 KB 31ms
9ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7769799501025276571

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cbbf351f2b256a08cd663f542d2cad65292237980e18c2fef0bb0a2f7f01064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:58:56 GMT
x-content-type-options: nosniff
age: 407492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174236
x-xss-protection: 0
last-modified: Tue, 30 Apr 2019 18:06:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 31 Oct 2022 15:58:56 GMT

GET
H2 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ Frame DDA6 2 KB
1 KB 31ms
15ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2481400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 573
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=As2YyMZcoLM5YDRH2A5SVTTWDHRFnPjIgv9CZCTDDoUW7I8wJUlEtkyAjZ2UEHjcqcxkm3WhrFHtBCgNqbdI9Piv5ypQcWurBPTW6ibz6EbkveTqZcgTOd0F1RNN4Ld5Tw%2FECHSZWwuzL6C9v7A5tsRI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a94f2fd28a92c0d-FRA
expires: Wed, 26 Oct 2022 09:10:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame DDA6 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 4162
date: Fri, 05 Nov 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 05 Nov 2021 10:01:06 GMT

GET
H2 200 one.js Show response
csp.azureedge.net/cdn/OneCol/ Frame DDA6 138 KB
61 KB 58ms
8ms Script
application/javascript 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 15:51:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d799c9204961e2"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 61870

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame FD03 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsshgMCT3pUbYrQjdKjVgeisH6IexI30P0xReNioV9qbik6gRZrvuk8c-eHcEX1QdGffW7K9uEEY-o5qILfZTm3pMmNW0gL-UzbTp-XVcwv_143boPef-mNmGC2xdXPztyATT4Cb5SIXzwvyr602S074aJn7xUvQNPc9CLJEAYN1z2oE92TzWJ1oRQANSp7SxHai1dZLjznI3uS80sMpTWCuz86f0A9SQ7fBszc025LyoFbFLMIfPpaoXuLF7oJVyCaUi_B6MhBj86o69_gfgoWeHqHYuzEQehVHufcVhZQPFzYNtgVMin2LbaZYtcFWHqem1ss5AEZqVkJx20pOCXRn64QoB0C4&sig=Cg0ArKJSzBBcppDZApLmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame FD03 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d00ed6baa9240d631603d14fe9ea6ec59c21167845a1be03c01891e26cf05922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame DDA6 5 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 08:44:28 GMT
server: ESF
date: Fri, 05 Nov 2021 09:10:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Fri, 05 Nov 2021 09:10:28 GMT

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ Frame DDA6 5 KB
1 KB 460ms
130ms Script
text/html 44.195.4.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPrairieMountain
Requested by: Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/OneCol/one.js?v=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.4.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-4-65.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ebbf5440291dcbb8e8699a5bc29006b86a0341d17a0bf429cf4804dec9202f12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 09:10:29 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 1018
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 4df70941-f7bd-48c4-8f73-d02783bfa0ce.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 35 KB
36 KB 719ms
166ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4df70941-f7bd-48c4-8f73-d02783bfa0ce.medium.png
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0cc22416e19015af4332ff3a83c045a6de7da24536d553179877d8447e0024c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Sat, 19 Dec 2015 07:31:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: b8N/e5WrODzbliYy20+Zjg==
ETag: 0x8D3084662749221
Content-Type: image/png
x-ms-request-id: c42eec3d-401e-0011-4324-d28296000000
x-ms-version: 2009-09-19
Content-Length: 36335

GET
H/1.1 200
OK d3c8c27c-0405-45e4-a2a3-de89af57879d.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 146 KB
146 KB 720ms
167ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d3c8c27c-0405-45e4-a2a3-de89af57879d.medium.png
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 483d19db22d6b6cea51ca96ff3ad1186bdefb073291ad69287b6c2ca41d6a611

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Sun, 11 May 2014 20:48:10 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 5+/mUj819w3/T+rDwIDzJw==
ETag: 0x8D13B71748BEA01
Content-Type: image/png
x-ms-request-id: e25413fc-001e-002f-1024-d215e9000000
x-ms-version: 2009-09-19
Content-Length: 149593

GET
DATA 200
OK truncated
/ Frame DDA6 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK 8e398b32-996c-410c-985d-fa8b1840f0d9.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 3 KB
4 KB 719ms
164ms Image
image/jpeg 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/8e398b32-996c-410c-985d-fa8b1840f0d9.medium.JPG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 32559c6db2d802b43293f83e68affb09c990419874a915606ff92e4c7fa47364

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Thu, 02 Sep 2021 17:03:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 5k7lay/k1P+eF10bupYW3g==
ETag: 0x8D96E339C3CA68D
Content-Type: image/jpeg
x-ms-request-id: 839f4e32-e01e-0037-1d24-d2ca8e000000
x-ms-version: 2009-09-19
Content-Length: 3387

GET
H/1.1 200
OK AtMsDxhC_kaliKY-XT1dPQ.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 19 KB
19 KB 725ms
168ms Image
application/octet-stream 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/AtMsDxhC_kaliKY-XT1dPQ.medium.jpg
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7fd0b23092ef7fdf83b7f8d23b531e3c80c1aeff694afe4aee4f42b8b854bd48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Sat, 03 Jul 2021 06:19:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 5g/I/Va8gJb7YGmfedycMg==
ETag: 0x8D93DEA7B80F739
Content-Type: application/octet-stream
x-ms-request-id: 44f57e5d-b01e-0005-1d24-d2caf9000000
x-ms-version: 2009-09-19
Content-Length: 19135

GET
H/1.1 200
OK KDE0ZqjdFEa6D8ryBv1ieg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 70 KB
70 KB 867ms
163ms Image
application/octet-stream 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/KDE0ZqjdFEa6D8ryBv1ieg.medium.jpg
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 346e8ee7e9759718dc12cf8676083506d415a3c7f4ad7d019878da84d32555aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Tue, 03 Aug 2021 03:01:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Umd/XMyj/CsD14EZkjKmxg==
ETag: 0x8D9562AFE6E7AAC
Content-Type: application/octet-stream
x-ms-request-id: 3c5100a2-301e-0056-3324-d2e9cd000000
x-ms-version: 2009-09-19
Content-Length: 71281

GET
H/1.1 200
OK 2eccf364-d689-4016-8f6b-32cb0adeef5a.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 20 KB
21 KB 870ms
163ms Image
image/jpeg 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2eccf364-d689-4016-8f6b-32cb0adeef5a.medium.JPG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ceedb9cc51b39a9bd891831f5bcdd7f089832a556b54b4f0c9e573ce0023551a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Sun, 20 Sep 2020 19:35:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: bnU5n797oI4Vs80jB/vAmg==
ETag: 0x8D85D9C53C08721
Content-Type: image/jpeg
x-ms-request-id: 93c6223e-101e-000c-3524-d28f2a000000
x-ms-version: 2009-09-19
Content-Length: 20683

GET
H/1.1 200
OK 0b982309-b11a-4897-8764-e4f786d9aa9d.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 9 KB
9 KB 685ms
161ms Image
image/jpeg 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/0b982309-b11a-4897-8764-e4f786d9aa9d.medium.JPG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0f3dd28586b3ec411701919a7be10eee46b9e0dafaae3caf39abe66321e2db1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Sun, 24 Jan 2021 00:46:24 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: PrEy7tBnhMS/B1HKYxx/ww==
ETag: 0x8D8C00179E1ECF1
Content-Type: image/jpeg
x-ms-request-id: 3c510087-301e-0056-1b24-d2e9cd000000
x-ms-version: 2009-09-19
Content-Length: 8827

GET
H/1.1 200
OK OidyGlbU7Ui6yf6euc9uoA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 11 KB
12 KB 689ms
162ms Image
application/octet-stream 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/OidyGlbU7Ui6yf6euc9uoA.medium.jpg
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 32a9d85d0c6b7385b4cb82c699013acdb2adc2d8b402a0ba049d195871680511

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Sun, 18 Jul 2021 07:00:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 7b4c22tsFu/knB/bFbYTrQ==
ETag: 0x8D949B9BC63FC48
Content-Type: application/octet-stream
x-ms-request-id: 93c62218-101e-000c-1324-d28f2a000000
x-ms-version: 2009-09-19
Content-Length: 11770

GET
H/1.1 200
OK 1fc389b1-4ab7-4ca4-b23a-e87645af703f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 116 KB
116 KB 168ms
168ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1fc389b1-4ab7-4ca4-b23a-e87645af703f.medium.png
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 523d35a6f9bd8072a3cdb44a7693e816f94670c2189f1856e5bdb74bdb584b0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Wed, 17 Aug 2016 21:04:40 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rKZoPTcn9HAXBugnymfQgg==
ETag: 0x8D3C6E21AFA8090
Content-Type: image/png
x-ms-request-id: 839f4e7e-e01e-0037-6924-d2ca8e000000
x-ms-version: 2009-09-19
Content-Length: 118422

GET
H/1.1 200
OK 041cfdc7-e4d9-4f10-9e3f-45e960bc6780.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 16 KB
17 KB 168ms
168ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/041cfdc7-e4d9-4f10-9e3f-45e960bc6780.medium.PNG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: dff0d95b954b92ff0b4dbad1c3cd8fa2b1fe201e79a584d89df442ddd28c078b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Thu, 21 Jan 2021 16:29:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: guBCvK7+4sLnlI5YnITTWw==
ETag: 0x8D8BE29BCDBF1F0
Content-Type: image/png
x-ms-request-id: 44f57e8c-b01e-0005-4a24-d2caf9000000
x-ms-version: 2009-09-19
Content-Length: 16887

GET
H/1.1 200
OK 304903c9-0b49-4287-a4cb-6f0faeaa8f65.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 45 KB
46 KB 162ms
162ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/304903c9-0b49-4287-a4cb-6f0faeaa8f65.medium.png
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8c59ea50e99f6c3d9c2688f8d5cb6fe29e5998ef2efdd58d6bccd5b7515ac745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Thu, 01 May 2014 10:24:26 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: cHzr2kO03GQo5Z2ha//vSA==
ETag: 0x8D1333EA9D1C031
Content-Type: image/png
x-ms-request-id: 93c62265-101e-000c-5724-d28f2a000000
x-ms-version: 2009-09-19
Content-Length: 46483

GET
H/1.1 200
OK d4c080e1-a5e3-4730-bf4f-0d17eade4d0a.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 11 KB
11 KB 165ms
164ms Image
image/jpeg 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d4c080e1-a5e3-4730-bf4f-0d17eade4d0a.medium.JPG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f0acf8e67f758651cf553398ed75f867e9216f316a84f327bfbc7deac9502a57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:28 GMT
Last-Modified: Fri, 30 Apr 2021 18:17:30 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 8r1gvlFf7lNKpC1FfHktgQ==
ETag: 0x8D90C0437B9F369
Content-Type: image/jpeg
x-ms-request-id: c42eec74-401e-0011-7724-d28296000000
x-ms-version: 2009-09-19
Content-Length: 10795

GET
H/1.1 200
OK faa3b588-54ec-446e-bf86-d223c7d82d24.medium.JPG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 11 KB
11 KB 168ms
167ms Image
image/jpeg 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/faa3b588-54ec-446e-bf86-d223c7d82d24.medium.JPG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cc342294bc11d8d68d10bd98a7a23b0a47c98a4f1880dd835fef9e08ed719699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Mon, 13 Sep 2021 21:09:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 56QDmIXxlGqU+3TpIAlKXQ==
ETag: 0x8D976FAC6BA26D5
Content-Type: image/jpeg
x-ms-request-id: 44f57ecb-b01e-0005-0524-d2caf9000000
x-ms-version: 2009-09-19
Content-Length: 11146

GET
H/1.1 200
OK 90554c9b-e4e9-4ddd-baa0-4b4ee7f02adc.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 113 KB
114 KB 162ms
162ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/90554c9b-e4e9-4ddd-baa0-4b4ee7f02adc.medium.png
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f296f1a7e88dba58270f701249f9dc4f3a315b4aa438e9987aee039bbf80fe31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Thu, 01 May 2014 11:50:46 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: HJmAFEXRT5SR9vykVN4WEQ==
ETag: 0x8D1334AB94BB941
Content-Type: image/png
x-ms-request-id: 3c5100f3-301e-0056-0124-d2e9cd000000
x-ms-version: 2009-09-19
Content-Length: 116212

GET
H/1.1 200
OK 3e6da750-dfe2-473e-a2b5-5e2fe631e3e0.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 12 KB
13 KB 167ms
167ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/3e6da750-dfe2-473e-a2b5-5e2fe631e3e0.medium.PNG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2ea4a223682ea3bcac45877e1631c2e36002e8e965bbeed8dbc4804d618e3219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Fri, 22 Oct 2021 18:37:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: hnv5heVqyrM5OR7whDl4aw==
ETag: 0x8D9958B079AFC15
Content-Type: image/png
x-ms-request-id: c42eec8a-401e-0011-0b24-d28296000000
x-ms-version: 2009-09-19
Content-Length: 12559

GET
H/1.1 200
OK d378446d-a0c0-42b1-aaa9-4c9f204fb9c2.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 111 KB
111 KB 169ms
169ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d378446d-a0c0-42b1-aaa9-4c9f204fb9c2.medium.png
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6c498370006682d6f7e15a30b8197e4e06c7dca37859aa7505876388cfbcc964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Sat, 10 May 2014 22:11:01 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zqkcOVnWEgVdzyWFf24IIw==
ETag: 0x8D13AB3DCF04DD1
Content-Type: image/png
x-ms-request-id: 44f57efb-b01e-0005-3124-d2caf9000000
x-ms-version: 2009-09-19
Content-Length: 113338

GET
H/1.1 200
OK e64299e9-659e-4b51-bb56-b4621e84e2f0.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame DDA6 12 KB
13 KB 161ms
161ms Image
image/png 20.60.80.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e64299e9-659e-4b51-bb56-b4621e84e2f0.medium.PNG
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.80.2 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fb73ce2d8760c73b989cd7e3f084751dc09b1129197704bdc2597e13d9835b2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 05 Nov 2021 09:10:29 GMT
Last-Modified: Mon, 18 Oct 2021 20:45:43 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: LCDvGrK1+rPhck7VJ7zcbA==
ETag: 0x8D9927841325881
Content-Type: image/png
x-ms-request-id: 93c622c1-101e-000c-2c24-d28f2a000000
x-ms-version: 2009-09-19
Content-Length: 12576

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame DDA6 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://extras.prairiemountainmedia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 302311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

GET
H2 200 vendors~Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 143 KB
42 KB 7ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC7) /
Resource Hash: 6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
content-md5: o/3Cfwyx2Hdo/xXi+KtqIw==
age: 42505
x-cache: HIT
content-length: 43195
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (frc/8FC7)
etag: 0x8D9056E3D50F079
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 765cd1e2-301e-0003-7bc2-d12578000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 11 KB
3 KB 13ms
12ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F80) /
Resource Hash: dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
content-md5: E5fyjsIr92YKgvTS5SE4ZA==
age: 42505
x-cache: HIT
content-length: 3400
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F80)
etag: 0x8D9056E339D05A5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 409e17e8-101e-0132-27c2-d138fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 7 KB
2 KB 13ms
12ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
content-md5: jBig/iW/Mpw+sfYWVt9mLw==
age: 42505
x-cache: HIT
content-length: 2320
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:31 GMT
server: ECAcc (frc/8E9E)
etag: 0x8D9056E3391B836
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4b548996-701e-00ae-22c2-d10512000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 CustomAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 6 KB
2 KB 14ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F12) /
Resource Hash: 80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
content-md5: WtHQ46VooZh5jhibUEIm/g==
age: 42502
x-cache: HIT
content-length: 2146
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F12)
etag: 0x8D9056E33BE9F96
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 195f139d-a01e-000d-17c2-d1c973000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 JanrainAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 15ms
13ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F95) /
Resource Hash: 1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
content-md5: 3loC7XOiphfHLLmAxSEZ5g==
age: 42501
x-cache: HIT
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F95)
etag: 0x8D9056E33C99EC8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 391d98fa-901e-00af-6cc2-d104ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 MG2AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 11ms
9ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAB) /
Resource Hash: 8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
content-md5: 53DSePPJylXjWw4MlYhYcA==
age: 42505
x-cache: HIT
content-length: 2456
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8FAB)
etag: 0x8D9056E33DFC44A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 27346eef-601e-0010-11c2-d11099000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 NewzwareAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 13 KB
4 KB 15ms
14ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8E) /
Resource Hash: 2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
content-md5: XXTxgTgPuF9lg38Cul1d8Q==
age: 42502
x-cache: HIT
content-length: 4009
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F8E)
etag: 0x8D9056E33EAC378
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 226370ca-901e-00e0-12c2-d1c0f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 LikeButtons4.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 114 B
242 B 15ms
14ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) /
Resource Hash: 64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Nov 2021 09:10:28 GMT
content-md5: 0is0k5hNwCAMRJ10IGm41w==
age: 42505
x-cache: HIT
content-length: 114
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (frc/8F1E)
etag: 0x8D9056E33D49E04
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 172c7b80-801e-0077-64c2-d1a33e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ap_widgets.css
pro32.ap.org/profiles/verticals/themes/ap_pro32/widgets/css/ Frame F243 15 KB
2 KB 11ms
11ms Stylesheet
text/css 104.111.239.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro32.ap.org/profiles/verticals/themes/ap_pro32/widgets/css/ap_widgets.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-167.deploy.static.akamaitechnologies.com
Software: AWS Server / AP - AK
Resource Hash: 4682cfa69e456053a45347ead261cde489c3d91657e19bf6887b4fef3b6a0327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 12:22:39 GMT
server: AWS Server
x-powered-by: AP - AK
etag: "6115128f-3bce"
vary: Accept-Encoding
x-varnish: 219098657 216666754
cache-control: max-age=14927
x-cache-hits: 44
x-age: 3560
accept-ranges: bytes
content-type: text/css
content-length: 2174
expires: Fri, 05 Nov 2021 13:19:15 GMT

GET
H2 200 latest_news Show response
pro32.ap.org/reporterherald/ap_widgets/widget/ad/ Frame A146 1 KB
707 B 129ms
129ms Document
text/html 104.111.239.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro32.ap.org/reporterherald/ap_widgets/widget/ad/latest_news
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-167.deploy.static.akamaitechnologies.com
Software: AWS Server / AP - AK
Resource Hash: cede4b59c0ca18f5cbe1d32471b26f3600a6347dbc85489f39d058caf7c98999

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0

Response headers

content-type: text/html; charset=UTF-8
x-varnish: 70285392 70961936
x-age: 106
x-cache-hits: 1
server: AWS Server
x-powered-by: AP - AK
accept-ranges: bytes
content-encoding: gzip
content-length: 523
date: Fri, 05 Nov 2021 09:10:29 GMT
vary: Accept-Encoding

GET
H2 200 v2.js Show response
pro32.ap.org/profiles/verticals/modules/custom/ap_widgets/src/js/ Frame F243 4 KB
1 KB 17ms
17ms XHR
application/javascript 104.111.239.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro32.ap.org/profiles/verticals/modules/custom/ap_widgets/src/js/v2.js?_=1636103428906
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-167.deploy.static.akamaitechnologies.com
Software: AWS Server / AP - AK
Resource Hash: caf523362238fb40fef75372c56e8354af12ad15c8fa7ec2107afe0af532a92d

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 09:44:04 GMT
server: AWS Server
x-powered-by: AP - AK
etag: "60bf3be4-104b"
vary: Accept-Encoding
x-varnish: 220139571 219422437
cache-control: max-age=20722
x-cache-hits: 7
x-age: 46285
accept-ranges: bytes
content-type: application/javascript
content-length: 903
expires: Fri, 05 Nov 2021 14:55:50 GMT

GET
H2 200 analytics.js Show response
ssl.google-analytics.com/ Frame F243 48 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/analytics.js

Requested by

Host: pro32.ap.org
URL: https://pro32.ap.org/iframe/widgets/content/5855d5ab5866fabff4aa305776d559a0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6746
date: Fri, 05 Nov 2021 07:18:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 05 Nov 2021 09:18:02 GMT

GET
H/1.1 200
OK preview.jpg
mapi.associatedpress.com/v1/items/8a7cf85c06044be183960f4ad77a277e/preview/ Frame F243 25 KB
25 KB 94ms
14ms Image
image/jpeg 2600:9000:224a:d600:8:aaff:ad40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mapi.associatedpress.com/v1/items/8a7cf85c06044be183960f4ad77a277e/preview/preview.jpg?s=250x250

Requested by

Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:d600:8:aaff:ad40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c4068b18459c9ff05d9e4ba9510da16003d183ff8d84a24b809db4d317795724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 04 Nov 2021 17:41:45 GMT
Via: 1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 55724
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 25224
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 31 Oct 2021 23:52:37 GMT
ETag: "d7f34f8239d09b197debf01bca48ad36"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: sqg3MwM2C2USgnuaXD9OS8tVCKhlPKT8VhSjiIgV-iaxFbqgaCNy4Q==

GET
H/1.1 200
OK preview.jpg
mapi.associatedpress.com/v1/items/b0b3bdd3558b43d18c4547b232fa8805/preview/ Frame F243 10 KB
11 KB 93ms
14ms Image
image/jpeg 2600:9000:224a:d600:8:aaff:ad40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mapi.associatedpress.com/v1/items/b0b3bdd3558b43d18c4547b232fa8805/preview/preview.jpg?s=100x100

Requested by

Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:d600:8:aaff:ad40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

81879099211682074afcd165f8b82a6529f477e1cc789d620801c2dbd75f922c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:07:56 GMT
Via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 10953
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10671
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 24 Oct 2021 20:49:42 GMT
ETag: "f64867db068b27f596d6e9cafbd63462"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: VXarzbOwHpHeQ5xjqF8NNzsNZTbilcUk0PpkSWtSStNIUyk_L880Gg==

GET
H/1.1 200
OK preview.jpg
mapi.associatedpress.com/v1/items/c379973d12be4b86883b0757d77c3ad1/preview/ Frame F243 11 KB
12 KB 94ms
15ms Image
image/jpeg 2600:9000:224a:d600:8:aaff:ad40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mapi.associatedpress.com/v1/items/c379973d12be4b86883b0757d77c3ad1/preview/preview.jpg?s=100x100

Requested by

Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:d600:8:aaff:ad40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

81abf2c957e2a534c52faeb7a425456cb8f863ab416280b9ad9c394a3e21324c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 06:07:56 GMT
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 10953
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11363
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 05 Nov 2021 01:34:09 GMT
ETag: "b76deaaed9a4de6eabb43140783bf61f"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: YKd4m__mucl-m_ieN5GNocQysBuVd5VRkjV6cK_zmZKJUa463Ql9vQ==

GET
H/1.1 200
OK preview.jpg
mapi.associatedpress.com/v1/items/197af4c646084e029363381c52113485/preview/ Frame F243 11 KB
11 KB 94ms
14ms Image
image/jpeg 2600:9000:224a:d600:8:aaff:ad40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mapi.associatedpress.com/v1/items/197af4c646084e029363381c52113485/preview/preview.jpg?s=100x100

Requested by

Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:d600:8:aaff:ad40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

62ec5c7aca8fd82693b743ef51ddd396f5ebeb891624bfcec8da77a5b511864e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 05:38:50 GMT
Via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 12699
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10877
X-XSS-Protection: 1; mode=block
Last-Modified: Sun, 31 Oct 2021 19:26:13 GMT
ETag: "988cafc685eeea95891e1b053a9e285a"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: fQTN4qkzT4Iu09-vsj2RAUaK7g-11_C1NwR_yn-72RmyLrkxW7EYmg==

GET
H/1.1 200
OK preview.jpg
mapi.associatedpress.com/v1/items/ed2ac21422ec43419c0df1dd6e0ade02/preview/ Frame F243 10 KB
10 KB 94ms
15ms Image
image/jpeg 2600:9000:224a:d600:8:aaff:ad40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mapi.associatedpress.com/v1/items/ed2ac21422ec43419c0df1dd6e0ade02/preview/preview.jpg?s=100x100

Requested by

Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:d600:8:aaff:ad40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fabc386d5c732ceea8584bbb614b07620e5bc9cba0595bb93742f9d951581961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 05:13:42 GMT
Via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 14207
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9818
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 04 Nov 2021 23:53:43 GMT
ETag: "fc3860b601102246ec863971ad1b5d82"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: LeLxnlg9YlI8Of1VXhOttK2ObhYduSnwF5Y4BTTIubBvA74gr0K_XQ==

GET
H/1.1 200
OK preview.jpg
mapi.associatedpress.com/v1/items/a6ef55fe6f314fb2b4a019d0f6fa0a23/preview/ Frame F243 10 KB
11 KB 109ms
14ms Image
image/jpeg 2600:9000:224a:d600:8:aaff:ad40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mapi.associatedpress.com/v1/items/a6ef55fe6f314fb2b4a019d0f6fa0a23/preview/preview.jpg?s=100x100

Requested by

Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:d600:8:aaff:ad40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0a1749c369ad6d3581b9d606c05c54fce9981e5a5019d2f687d30afd2cb48711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 03:57:34 GMT
Via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 18775
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10228
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 05 Nov 2021 01:21:26 GMT
ETag: "68b0c3da49b6197e619b83d2ddb6be45"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: m-tdCAfTfxzEG0uGEjhbCsX1grdaXPcQ1U3vr01HG5xA9Z2QzD4JRA==

GET
H/1.1 200
OK preview.jpg
mapi.associatedpress.com/v1/items/c29cbe180f73427ab95140e5e838e339/preview/ Frame F243 10 KB
11 KB 32ms
16ms Image
image/jpeg 2600:9000:224a:d600:8:aaff:ad40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mapi.associatedpress.com/v1/items/c29cbe180f73427ab95140e5e838e339/preview/preview.jpg?s=100x100

Requested by

Host: extras.dailycamera.com
URL: https://extras.dailycamera.com/widgets/RH-APWidget.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:d600:8:aaff:ad40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8cdce346463e4704b464d68aa573ec5dc61d56961c28f4969278ddfea308d14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 01:36:39 GMT
Via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 27230
X-DNS-Prefetch-Control: off
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10670
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 04 Nov 2021 16:59:42 GMT
ETag: "71c5ec15e08002a3f42900d9b4e1bf39"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: xA_TIJfhMXHMlaJD0aJaw7KXXHpi8jyy9wa3n8kKB-a8oVOcOkSKRQ==

GET
H2 200 Good-W05-News.woff
pro32.ap.org/profiles/verticals/themes/ap_pro32/widgets/css/fonts/goodot/ Frame F243 89 KB
89 KB 9ms
9ms Font
font/woff 104.111.239.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro32.ap.org/profiles/verticals/themes/ap_pro32/widgets/css/fonts/goodot/Good-W05-News.woff
Requested by: Host: pro32.ap.org
URL: https://pro32.ap.org/profiles/verticals/themes/ap_pro32/widgets/css/ap_widgets.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-167.deploy.static.akamaitechnologies.com
Software: AWS Server / AP - AK
Resource Hash: 560200d3df1251de2e33e73b5dc39c2d39227c9ec21528d3246428078cda9053

Request headers

Referer: https://pro32.ap.org/profiles/verticals/themes/ap_pro32/widgets/css/ap_widgets.css
Origin: https://pro32.ap.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:28 GMT
etag: "6115128f-162da"
last-modified: Thu, 12 Aug 2021 12:22:39 GMT
server: AWS Server
x-powered-by: AP - AK
x-varnish: 216666711 217324561
cache-control: max-age=92
x-cache-hits: 1
x-age: 0
accept-ranges: bytes
content-type: font/woff
content-length: 90842
expires: Fri, 05 Nov 2021 09:12:00 GMT

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 65 B
1 KB 185ms
185ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=ed9361ec50b7e3517dbae1f417b555b5&ConfigCode=PMPWPPROD&SiteCode=DFM&SettingsKey=PMP%2CLRH
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
Accept-Language: de-DE,de;q=0.9
settingskey: PMP,LRH
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MzYxMTc4Mjd9.5v9EJfPuJTaJCixBejIHFAXlX31YnZwF9t186tiMHsM
environment: prod
config-code: PMPWPPROD
access-control-allow-origin: *
ssid: a919fe55a3442526172a94d5d2789481
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
accept: application/json
content-type: application/json
location: System
attr: LRH
Referer: https://www.reporterherald.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Fri, 05 Nov 2021 09:10:28 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 177
X-Server-Time: 11/5/2021 9:10:29 AM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 135ms
135ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=ed9361ec50b7e3517dbae1f417b555b5&ConfigCode=PMPWPPROD&SiteCode=DFM&SettingsKey=PMP%2CLRH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.reporterherald.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Fri, 05 Nov 2021 09:10:28 GMT
Content-Length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A146 79 KB
27 KB 316ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pro32.ap.org
URL: https://pro32.ap.org/reporterherald/ap_widgets/widget/ad/latest_news

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9670b9a9716b403097c097b3cd852084cc18ca4bde9e19918bd1a687bbc0e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1034 / 748 of 1000 / last-modified: 1636063715"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27089
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:29 GMT

GET
H2 200 gweiniV1_6_1.min.js Show response
fs.gweini.com/ Frame DDA6 15 KB
16 KB 90ms
22ms Script
application/javascript 18.66.248.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: s.gweini.com
URL: https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPrairieMountain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 03:47:50 GMT
via: 1.1 5b9a6276a0cfe21df57da85d975de2dd.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jan 2020 19:47:21 GMT
server: AmazonS3
age: 19360
etag: "e7bb56484553f1223fea5d70ca7104f4"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 15682
x-amz-cf-id: S4NQrdHkaoztpyGdKvobxijVNeXL754PR7tgP6F4whROWf3nEe_7jQ==

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 2B6D 7 KB
8 KB 758ms
185ms Script
text/html 54.214.242.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.mthsense.com/RenderAd.aspx?id=14806&width=300&height=250
Requested by: Host: fs.gweini.com
URL: https://fs.gweini.com/gweiniV1_6_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.214.242.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-214-242-183.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 800e50a95a2cfa6d3ea64c9c3228f67a6921f197dca9855c10979f2717822486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 09:10:25 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 7406

GET
H2 200 ServeAd
api.lanistaads.com/ Frame DDA6 0
0 138ms
115ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010617PRAIR300W1&Zone=ATF&g=119
Requested by: Host: extras.prairiemountainmedia.com
URL: https://extras.prairiemountainmedia.com/widgets/RH-RightRail.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Nov 2021 09:10:29 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-headers: Content-Type
alt-svc: clear
content-type: image/png

GET
H3 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A146 346 KB
116 KB 16ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:29 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame A146 47 KB
17 KB 86ms
85ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=4402007676225560&correlator=3612412016051416&output=ldjh&impl=fifs&eid=31063247&vrg=2021110201&ptt=17&gdpr_consent=CPPMZI3PPMZI3EXABBDEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211105&iu_parts=15786418%2CPro32%2Creporterherald%2Clatest_news&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&cdm=pro32.ap.org&bc=31&abxe=1&lmt=1636103429&dt=1636103429485&dlt=1636103429062&idt=397&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=2&adxs=954&adys=68&adks=553351773&ucis=r8iiluo7ltkj&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fpro32.ap.org%2Freporterherald%2Fap_widgets%2Fwidget%2Fad%2Flatest_news&ref=https%3A%2F%2Fpro32.ap.org%2Fiframe%2Fwidgets%2Fcontent%2F5855d5ab5866fabff4aa305776d559a0&top=https%3A%2F%2Fextras.dailycamera.com%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x0&ga_vid=122727283.1636103429&ga_sid=1636103429&ga_hid=1106831386&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74aaba98e9f2df675a60b0ccc6b7461ca366faf578020074d0fa7d1c70337daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17239
x-xss-protection: 0
google-lineitem-id: 5746927398
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138357418517
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pro32.ap.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
92a83ab950e32d2e24f6a3175aa0e002.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B5F 6 KB
3 KB 30ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://92a83ab950e32d2e24f6a3175aa0e002.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 09:10:29 GMT
expires: Sat, 05 Nov 2022 09:10:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 0DE9 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstaUuCG4yOnRfFSQRbTyb8BrKdTb6VFIiOj1zBs0zL2XHieASrkKUzigrZzf3XtQEjUJ7LJWCH8n2W9apzuwgDnagNl6Hocv-swg8hGs2zxlNvUXRaFgABt4IYA_9afXTGoWeUxwYDYCDeRByTow0Hb4y1C6ZS8o9JA0rO9zJIqrN9Tjt1PB1li2cym0BvFJmA_QWRU-nvggqEpajeWv3zNcVWhcPBv0DM_0z7z2UllLdEx_cLnSSxnKpUadO1BhpMEvLRjB6E2y2lwnvZCP1XxrWClJz2hAQg2X5DqgwcxY47UuAOLIpe1VrSGnxv3wRqGMCwMEruYmWE&sig=Cg0ArKJSzN_axxc8mj7AEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 0DE9 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 09:06:30 GMT

GET
H2 200 window_focus_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0DE9 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 08:00:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DE9 120 KB
37 KB 316ms
315ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 09:10:29 GMT

GET
H2 200 11434876076517839042
tpc.googlesyndication.com/simgad/ Frame 0DE9 59 KB
59 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11434876076517839042

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

392fa96296c9922734ea0ecfa1fe8efdc4fa874e15c48cc3f25f05e0883634d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 05:30:52 GMT
x-content-type-options: nosniff
age: 13177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60270
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 21:44:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 05:30:52 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FD03 42 B
111 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7vpRyBo5QVDUmzwWc2a7iMHsuPC0FdYlzlu64qU0EK2pLMX1E2JGYea3JImz6a_6tqvLHrO6tdWCs9XLjre306-g-CCtS6hEXahYCy1iWp_34lTyn&sig=Cg0ArKJSzA1fq9lqELqHEAE&id=lidar2&mcvt=1001&p=53,1140,103,1440&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1319012258&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636103428588&rpt=173&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 09:10:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 0DE9 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuXysrrZB4wd1d8niUXOn4DazoRyf3B8oUwyIH-uhwqQIsAzxFbDsH8gOMdHaMwsuDd8Sn_e9nRMelfuYlZP9xdLvOnR10rRTb24dQvdfqTjuUe4AIjP0tm1XaFv2GAXRdHDdXfvTCTY8zPaHoJ1_LnQObWado2X1cYzYvKB0pvvdDVQdHfs_9rfEuwi5cgvhG_vFSw4zss5ix__ol-1XoC6PvSU1_q63eX-BTlaXIhnYwDdmY4UP-8FgDN0W15kJpRz7RjhiF0MXIt1rYfm0Ra7Cpw5AYJpwBMCtlXr6Cmjt8luub6QKONX7YDqINbEBqAGqEDjfmTfHXHMQ&sig=Cg0ArKJSzJxfNS3Q6KJFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pro32.ap.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 0DE9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a373b9742462ef5b99c7a27b33f67b1bc477b372a8fc236b3d1fb03d7ddc598d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 6C6D 168 KB
57 KB 95ms
38ms Script
text/javascript 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.reporterherald.com
URL: https://www.reporterherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 81965d27e3c02ab8e94d4fb8e9cd6192d8a2ba9e9f7c4088f54f3bd7d62e3f73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:30 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58337
expires: Fri, 05 Nov 2021 10:10:30 GMT

GET
H2 200 prebid4.7.0.js Show response
storage.googleapis.com/rs-static/ Frame 6C6D 302 KB
303 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:809::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/rs-static/prebid4.7.0.js
Requested by: Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=14806&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:16:33 GMT
age: 3237
x-guploader-uploadid: ADPycduPxduxvoenAzw2eLhaO-__UL-G-XGeHumTB8mjQaHIKx5riSEWuf2lVXgSLfXoVEzZaX_Gwor_p65_n2X_aw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 309272
last-modified: Tue, 15 Sep 2020 19:30:03 GMT
server: UploadServer
etag: "6093877422c034fe300df8ed44d1e948"
x-goog-hash: crc32c=t+/UZw==, md5=YJOHdCLANP4wDfjtRNHpSA==
x-goog-generation: 1600198203919898
cache-control: public, max-age=3600
x-goog-stored-content-length: 309272
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 05 Nov 2021 09:16:33 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AB4A 291 B
590 B 54ms
15ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.reporterherald.com&gdpr=1&gdpr_consent=CPPMZIePPMZIeEXABADEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reporterherald.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 456
date: Fri, 05 Nov 2021 09:10:29 GMT
content-length: 321

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 6C6D 263 B
435 B 24ms
24ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?ai=2cd04daf-9a11-40e4-b2da-28f8834dcd70&o=2a398e10719327&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&gdpr=true&gdpr_consent=CPPMZI_PPMZI_EXABBDEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=300x250&ifr=1&tws=300x250
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 489c77e4252dce306cc9aff28c0354348ce8320862d82fa24df8edacbb935d9b

Request headers

Referer: https://extras.prairiemountainmedia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Nov 2021 09:10:30 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://extras.prairiemountainmedia.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 223
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame F7FE 0
91 B 22ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=true&gdpr_consent=CPPMZI_PPMZI_EXABBDEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
date: Fri, 05 Nov 2021 09:10:30 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
BLOB 200
OK decdcde7-1977-493b-b326-f9c556d4249f
https://www.reporterherald.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reporterherald.com/decdcde7-1977-493b-b326-f9c556d4249f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6C6D 79 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6ad40dc05786922edaa169b1d24e6f91ba82626cc6064cb69cc59d313afad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1034 / 2 of 1000 / last-modified: 1636063715"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27082
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:30 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 224ms
24ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.reporterherald.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 09:10:30 GMT
content-length: 0

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 479 B
665 B 53ms
53ms XHR
application/json 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b82e140f1d83ec20d923395304e802c3af971c519ea3a42b0c76687d08a34280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reporterherald.com/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: D44327D2-6ACC-4E14-A267-4737D283CCAE
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 05 Nov 2021 09:10:30 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 479

GET
H3 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6C6D 346 KB
116 KB 25ms
25ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:30 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 6C6D 17 KB
8 KB 122ms
121ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=2028791831410471&correlator=2658633069398182&output=ldjh&impl=fifs&eid=31063205%2C31063406%2C31060545%2C31062323%2C31061690&vrg=2021110201&ptt=17&gdpr_consent=CPPMZJAPPMZJAEXABBDEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20211105&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010617PRAIR300W1__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-3efe90158ed448&eri=1&cdm=extras.prairiemountainmedia.com&bc=31&abxe=1&lmt=1636103430&dt=1636103430936&dlt=1636103430155&idt=269&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=2&adxs=0&adys=606&adks=1131267181&ucis=sslyl56b69xh&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fextras.prairiemountainmedia.com%2Fwidgets%2FRH-RightRail.html&top=https%3A%2F%2Fwww.reporterherald.com%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x0&ga_vid=1460530908.1636103431&ga_sid=1636103431&ga_hid=215888567&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3bf9e42c9fa0d01b0f63184d5f918db7ae39f1edaf84098fb0d06755edae00c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8133
x-xss-protection: 0
google-lineitem-id: 5219468552
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293843660
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extras.prairiemountainmedia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f15ee346f134532fadd4ecdfdc21f076.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B497 6 KB
3 KB 37ms
16ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f15ee346f134532fadd4ecdfdc21f076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 09:10:30 GMT
expires: Sat, 05 Nov 2022 09:10:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame F270 0
0 42ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuM4eEi2f2jCkg21u9TPoSFS-FoO4MwS0Ergtg4DUmkJfPRjpw-fTSJrRaRnkuI7tguqYkrpZqGq9wNyMopUb0XSANwaO-HWYljmPXl72URlGuRv7ArtIZN6AtMJwjoyq-L1RK67c7CgFG7j-Z6VnMeWR2SxdqxDTc1CFQsqgvE3-w_35IpDWOi40zTe05kHLl-aW-3I_gMqvqLuDxgc1e9-FXOOuEVLWU1IqfiKOzgHW-cGIZOnNJRK3hOEc6RFeGhdiVn-5kCsEguqMx19qcuURdjMd0_nXTwC-3svHfsWysX2vD2AHLFiIZp6PtPsZfN75nQWTqwJM_sr4gIzyfw&sig=Cg0ArKJSzA9ieG5hqGR_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F270 79 KB
26 KB 19ms
19ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

97c74d78f4f2ebb9045bd495787fcaa9ae9fd6d0d755b1a689a4e7874875e4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1034 / 940 of 1000 / last-modified: 1636063715"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27086
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F270 120 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 09:10:31 GMT

GET
H3 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F270 346 KB
116 KB 23ms
22ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Nov 2021 09:10:31 GMT

GET
DATA 200
OK truncated
/ Frame F270 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b163095c0a335314942fa4692de8b37f0e18635fd952f8ee915560c5d3d70cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame F270 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuFcA93_pKnPCxOt-H2cVy5mkGpFYNKvAABabR-3r0-1c7CsAM-2_Yy7LEPJApVHSHhty086qv0FL9dA38x-8cmLAPGT_yD78OFu7Mo1oRzj5k-DtowxZ-SG2oF8sb0jfJTAOaMAtAhLgZVR3ErmT2_nwJT-FoynPEJm1l9GiYZkm-lxyBgznj-gV0Bz4GcZGenIibwjrSDZisHlIgq9GQ21paaqwu3w7S4gClQb2LpLioEBgNNQ3A3RoYzHY8Yh6UANUyrLXWzzlbLJUdjE7KudHa0-YhLfdq5CcltKxikltS_pbnk7pImjQ-QJbGMf5PHGYqsnQQEv4J14Wa0gMhVs8w&sig=Cg0ArKJSzGOSoQJk0h-rEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame F270 17 KB
8 KB 77ms
76ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=4284038903404197&correlator=3141079630203035&output=ldjh&impl=fifs&eid=31063214&vrg=2021110201&ptt=17&gdpr_consent=CPPMZJIPPMZJIEXABBDEBgCwAAAAAH_AAAwIGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211105&iu_parts=22803534%2CHB_DEFAULT_ADUNIT_PB&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cdm=extras.prairiemountainmedia.com&bc=31&abxe=1&lmt=1636103431&dt=1636103431172&dlt=1636103431068&idt=91&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=2&adxs=0&adys=606&adks=1855475046&ucis=2qi9ht3eo42f&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&url=https%3A%2F%2Fextras.prairiemountainmedia.com%2Fwidgets%2FRH-RightRail.html&top=https%3A%2F%2Fwww.reporterherald.com%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x-1&ga_vid=960682473.1636103431&ga_sid=1636103431&ga_hid=2010301607&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0b3ac14e1f82d7748ad7d2651cd68e9685a6701a489a7d1af1253714c76df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8030
x-xss-protection: 0
google-lineitem-id: 4666443747
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232667192
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://extras.prairiemountainmedia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bcc390d9da7f1730fc089ebabefdaea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4BF2 6 KB
3 KB 30ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bcc390d9da7f1730fc089ebabefdaea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 05 Nov 2021 09:10:31 GMT
expires: Sat, 05 Nov 2022 09:10:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 7030 0
0 43ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstjbLxcZ4OiIXkgb_QTKA4GfYvaH89Cm54nJE1djv3M2qPGbmZk9R1LYZ-YdCxU3RoDK3VJFdpyyZZzbAoAyN4JGE13ddtutIV49UN85teU7sHJeywPBVBXt2zbQNpTc4cciZz099K87HPVEruGBeITBTLpq94x5mJ6cRKDdHHXuVnEX0Ju576dFRzMPTlgk7oS83Wki9O9nmao4MkFVIHApBo4gIx4xe-daBXXSHNR7CK2t6_-cXqZEK8AeU6xobRekX4cUI0vvM2rX4I3U-xDa2SfntxLOPOkj9uy-uJx0gYnzrSavP4W47XlAZGCaD2F89si2zY-jIVkojyqva0Oq0c&sig=Cg0ArKJSzLgr9Y3JkLi3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.reporterherald.com
URL: https://www.reporterherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7030 112 KB
40 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

479564f513e431c08a1cdcb45440606778d4f2f9241613a478050e573869b4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40564
x-xss-protection: 0
server: cafe
etag: 12603911027165791234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 09:10:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7030 120 KB
37 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Nov 2021 09:10:31 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111010101/ Frame 7030 271 KB
97 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9339919749774457&plah=extras.prairiemountainmedia.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4588342bba11ba153481b64739ea88d258aad20dc1f0ddd03f0aa0edaac3802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 09:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99382
x-xss-protection: 0
server: cafe
etag: 6874878588253010926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 09:10:31 GMT

GET
DATA 200
OK truncated
/ Frame 7030 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97adb3a51c2fc93f7757f68c3f2364334e5212ad63dab789aeec4fa3929b0adb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 7030 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssbpUXz2AAnJZWFCIi0YMg-4cCwrXRFu2yqU4MHthoZmnKXFopH3dT3ZdE70HYHdU8hL_qTHyRX9RjDRSOzIxSDEMly0bW8ndg7obzxR9zbqJYEdiDFysPE4sbJwo2pqqa_gsypIIKCxYR8cIi2etxvK5LSkIGG17aD5YAedFVulQHhdgKnDtPJHsEjeA6p-NZyHjpP0H2e8tanjNMIJMvWKWt_L1vdzPvy0dRIhVreopgv7uCZrrx6iYBW6ogSOfW4qJiBGA0YYAA8boyEJ_gxZK7x-flurNh45SdGuq3oWhiD7WKxteulF-wgmw8Kw1bFkKvv-KVV_G9IfuGaUH02az_SJA&sig=Cg0ArKJSzH4J4noosrhSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://extras.prairiemountainmedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Nov 2021 09:10:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
v476.reporterherald.com/DG/DEFAULT	1970-01-19 22:28:24	Name: BCTempID Value: 6f4007c8-c8ef-4c33-acdc-803950b9dee7
.reporterherald.com/	1970-01-20 07:13:59	Name: bc_tstgrp Value: 3
.reporterherald.com/	1970-01-29 22:26:57	Name: _pnvl Value: false
.reporterherald.com/	1970-01-29 22:26:57	Name: pushly.user_puuid Value: cXwRXCW9xTwzrQRbVWHk8g1U6sfZidC8
.reporterherald.com/	1970-01-29 22:26:57	Name: _pndnt Value:
.reporterherald.com/	1970-01-29 22:26:57	Name: _pnlspid Value: 12546
.reporterherald.com/	1970-01-29 22:26:57	Name: _pnss Value: dismissed
.reporterherald.com/	1970-01-19 22:38:28	Name: _pnpdm Value: true
medianewsgroup.blueconic.net/	1970-01-19 22:38:28	Name: AWSALBCORS Value: 4KOKPgVn7hMCd9rueT8+hvAyN5DyqxIoUTeyW4ocOA9GR3tSF3j3derVbSqTEcXV9Zy1Vf+T0W4q98JZ5bGiAhJVH8q5C2B+zycY9QECUrIUHZfNizka2pgt8W/9
www.reporterherald.com/	1970-01-19 22:29:49	Name: _lr_geo_location Value: DE
.reporterherald.com/	1970-02-25 10:28:23	Name: anonDeviceId Value: ed9361ec50b7e3517dbae1f417b555b5
.scorecardresearch.com/	1970-01-20 15:45:11	Name: UID Value: 1KMG2YLQHWGIGRYTSFEXEVg1636103428
.rubiconproject.com/	1970-01-20 07:13:59	Name: khaos Value: KVM5QKKQ-1K-BG31
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|A9CsNFoQ5K/DWCet2ogsIBP0vIhaOOWfliBRT/qkfmAh+urPaQTjRsKcZLjliObLRXOqtD6qDAuneV3IXSeRTVvE8QI6g1Y1yk4Vad3QREh28zX8YKRfI6r+JKnHMVn/BdTLwVQPPUDx
.rubiconproject.com/	1970-01-20 07:13:59	Name: audit Value: 1\|SDziDG3X/Ej7tcwvEKo+y6Q/Fn9jJ2Tlph+Ceuqbr/f24WPzaViPweU/lgWZ6CfWii3xAovbRq59ybGgU3VbTTAwPd1IZPp54WXUF1ge4XiGQhJygDjE7Q==
www.reporterherald.com/	1970-01-19 23:11:35	Name: ABTestCookie Value: B
v476.reporterherald.com/	1970-01-19 22:38:28	Name: AWSALB Value: Wd1GkX1xADhcZZF7DjGm5BjRZNtkwIMgggkaQ1RJur0EdhUFOhJxeZXNEfa6RKu/yw+ULPpUINCeAT6r3o83eRtiHhscutgrqpx0AhtJCqQa9nNhTRaxSQKW2XYC
v476.reporterherald.com/	1970-01-19 22:38:28	Name: AWSALBCORS Value: Wd1GkX1xADhcZZF7DjGm5BjRZNtkwIMgggkaQ1RJur0EdhUFOhJxeZXNEfa6RKu/yw+ULPpUINCeAT6r3o83eRtiHhscutgrqpx0AhtJCqQa9nNhTRaxSQKW2XYC
ads3.mthsense.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 79BB659508C181EEFCC9C50147BDF72F4FCB5ACD5C6E0B7DFD055440C15312A1EA53ACCB7C48386FA67A4E0FCC03EDC9ACE6BC8813E185CD514BD850A1A5FCEAB3028FC3D1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js(Line 3) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network	error	URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010617PRAIR300W1&Zone=ATF&g=119 Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
javascript	warning	URL: https://www.reporterherald.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.reporterherald.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.reporterherald.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.reporterherald.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.reporterherald.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.reporterherald.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3pd.criteo.com
85ca0df38d9d74fd4cf4bd6fbbd49470.safeframe.googlesyndication.com
92a83ab950e32d2e24f6a3175aa0e002.safeframe.googlesyndication.com
ads.pubmatic.com
ads3.mthsense.com
ajax.googleapis.com
api-mg2.db-ip.com
api.lanistaads.com
ats.rlcdn.com
az416426.vo.msecnd.net
b-code.liadm.com
bcc390d9da7f1730fc089ebabefdaea4.safeframe.googlesyndication.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.auth0.com
cdn.ayc0zsm69431gfebd.xyz
cdn.cityspark.com
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
cdnjs.cloudflare.com
citysparkstorage.blob.core.windows.net
cmp.osano.com
csp.azureedge.net
dc.services.visualstudio.com
digitalservices.ap.org
eu-u.openx.net
extras.dailycamera.com
extras.prairiemountainmedia.com
f15ee346f134532fadd4ecdfdc21f076.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
fs.gweini.com
g2insights-cdn.azureedge.net
geo.privacymanager.io
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
k.p-n.io
lanista-bidder-d.openx.net
loader-cdn.azureedge.net
mapi.associatedpress.com
medianewsgroup.blueconic.net
mng-reporterherald.zeustechnology.com
p.cityspark.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.wp.com
polyfill.io
pro32.ap.org
prod-dfm-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
reporterherald.com
s.gweini.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
stats.wp.com
storage.googleapis.com
tlx.3lift.com
tpc.googlesyndication.com
v476.reporterherald.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.reporterherald.com
104.111.239.167
104.26.4.15
13.32.99.90
13.69.106.217
13.82.152.48
13.85.16.224
172.217.18.98
178.250.0.165
178.250.2.80
18.66.241.177
18.66.245.48
18.66.245.59
18.66.248.105
18.66.248.106
18.66.248.110
18.66.248.14
18.66.248.49
18.66.248.66
185.33.221.90
185.64.189.112
192.0.66.2
192.0.76.3
198.47.127.19
199.88.148.106
2.18.233.180
20.60.80.2
23.37.38.181
2600:9000:224a:9400:3:b7e:8940:93a1
2600:9000:224a:d600:8:aaff:ad40:93a1
2600:9000:224a:ea00:8:8845:1500:93a1
2602:803:c003:200::61
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:135e
2606:4700::6810:5914
2a00:1450:4001:801::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2010
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a02:2638::1c
2a02:2638::3
2a02:26f0:1700:d::1737:6ea4
2a04:4e42:e00::282
34.192.61.210
34.98.126.214
35.244.159.8
44.195.4.65
52.160.40.218
52.216.83.80
52.28.103.21
52.29.191.52
54.214.242.183
0093a1936c66669a95040e3f5db5cb42457433fab411799e0fae6562e65a5612
019d546f13b7befd1f6b3c4f6d3e119ea77dfef152cc136f286606561de45230
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079720151f8e5a548186737593346110b3534909e074b4de98de5f1923dbb486
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0a0b3ac14e1f82d7748ad7d2651cd68e9685a6701a489a7d1af1253714c76df2
0a1749c369ad6d3581b9d606c05c54fce9981e5a5019d2f687d30afd2cb48711
0cc22416e19015af4332ff3a83c045a6de7da24536d553179877d8447e0024c7
0dc0103ebfd086504898c61aff90f6d06d6ef404f6e47e80aaf5718218097f9a
0df5e0051f8876a24ba8acfc88b22b342f973b8d99a4a6e4f44056a27e3606eb
0dffc993a35c25f5452de49acbaca53111b34c147ad26a7b5263efc19ee7300e
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f3dd28586b3ec411701919a7be10eee46b9e0dafaae3caf39abe66321e2db1b
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
21a956bcf5c00db6c1347feed2290e4e1f3290cab567a1b8548c870f4f821441
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
2a41cb52c64a703adeb8ee6b430f8d0d6547f1e47f25680d579c8c997e411bc6
2c43a3f8c9ced2758c2f7cba58401a323439120bc6e985881a1bc01475c468ab
2dbb3d44eba910b97b8db091c9867a0c92ef3adcfac1c796e30a7571e0f8d1e9
2ea4a223682ea3bcac45877e1631c2e36002e8e965bbeed8dbc4804d618e3219
2f3dd302b5ad86a8bec9a9660ce3a156277ff51177dea855060aa758b251c097
2f6e4bf24e75395feb75c3d172e55c0e5ad6ba381892d5dcd2d3d90f0d0510fd
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
31679e8c27fefc5afdc0b9ebb568d54a4b6fd070b5dad030544d16f4045a823d
32559c6db2d802b43293f83e68affb09c990419874a915606ff92e4c7fa47364
32a9d85d0c6b7385b4cb82c699013acdb2adc2d8b402a0ba049d195871680511
346e8ee7e9759718dc12cf8676083506d415a3c7f4ad7d019878da84d32555aa
3634a5e3902588bfb7c1d72b1de3a92838e316513597859af751d52be5f78fb5
392fa96296c9922734ea0ecfa1fe8efdc4fa874e15c48cc3f25f05e0883634d5
3b70c60ff10623dc3165d6c7614e64543a052f0d66d42c1f1f85396110294b46
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a
3cbbf351f2b256a08cd663f542d2cad65292237980e18c2fef0bb0a2f7f01064
40f94d4bff7ccb6896e68d0b94d486b89aa3f7a46bc753a120fab954e636a573
46498c7439692cc178a39641f95069195fa6af9a59300a93c55d25e8c0475ff0
4682cfa69e456053a45347ead261cde489c3d91657e19bf6887b4fef3b6a0327
479564f513e431c08a1cdcb45440606778d4f2f9241613a478050e573869b4e0
483d19db22d6b6cea51ca96ff3ad1186bdefb073291ad69287b6c2ca41d6a611
489c77e4252dce306cc9aff28c0354348ce8320862d82fa24df8edacbb935d9b
4a461deb4ba9175a0af65f2451e3c13be1ea963abf0a39f3ebb31b8babef88ba
4a9670b9a9716b403097c097b3cd852084cc18ca4bde9e19918bd1a687bbc0e6
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
522e7091d66d82877dae0f846b69af1cbd79f2be5280ead1a8216d4fcc5b1920
523d35a6f9bd8072a3cdb44a7693e816f94670c2189f1856e5bdb74bdb584b0f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54e3486d7713d19aad67a32fa6ba3a9bac0265798269fda9b84ea39c53c75854
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
560200d3df1251de2e33e73b5dc39c2d39227c9ec21528d3246428078cda9053
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5b163095c0a335314942fa4692de8b37f0e18635fd952f8ee915560c5d3d70cd
5b5e7d91ce0e11e1d90e7fad0aaebc900d3714f923606fdbf60c9e944b031ae4
5ca1815833b286822efaa886205c51003aad2f82f5e478e15e9106b65d789ac9
604f46b0971c456401dff0b798520d7ad8a45ff0e3ae897915167aea063a02d0
60daa741732274b3877ae228f81f484b8bfc11ca6d0969331a72a461710e7035
61c204edd7cb275599bbac8ccca346c5f9d1fac4cf44c9579c71d2870c8e6efc
62ec5c7aca8fd82693b743ef51ddd396f5ebeb891624bfcec8da77a5b511864e
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c
66ad26b2d152930f0d4f2011abf082f3dd2e735afb166354d681be6b7f4e1f21
6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415
6c44882a94fdac30f4aa6b38a58a558fd7a34559a15f96b1b0ecf890fad1cdbc
6c498370006682d6f7e15a30b8197e4e06c7dca37859aa7505876388cfbcc964
6c6ad40dc05786922edaa169b1d24e6f91ba82626cc6064cb69cc59d313afad4
6f3377cd9e831a0f6007b276a26e0471ef3879d4f8b1e7c90d423cb7a6f700e3
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70473c8ac1784e732b6f939aacf1b7c7247968e94408fb7d0dbba9fab15a11cc
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
74aaba98e9f2df675a60b0ccc6b7461ca366faf578020074d0fa7d1c70337daa
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
79c4ce4f09886e955084040d8ac055db0cbcf7ccf7c160ba67a1e6851022e5ff
7c51c8ca9b8579915848d0c09263e53ee8ec6f9d29d22b1c0ef8ab7f90ae080c
7f8d644992082201cd3506ef32baaac8b9cd8583115fce0f1baebd587ddf2e84
7f997821db76edb6ea21b173579ac3f14292a711ffc58ebc71b1f62c576ca90f
7fd0b23092ef7fdf83b7f8d23b531e3c80c1aeff694afe4aee4f42b8b854bd48
800e50a95a2cfa6d3ea64c9c3228f67a6921f197dca9855c10979f2717822486
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
8161fcd7164112feeacdd711539dfdc8168b37b4e68f9285c1bd95e7364b4549
81879099211682074afcd165f8b82a6529f477e1cc789d620801c2dbd75f922c
81965d27e3c02ab8e94d4fb8e9cd6192d8a2ba9e9f7c4088f54f3bd7d62e3f73
81abf2c957e2a534c52faeb7a425456cb8f863ab416280b9ad9c394a3e21324c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c
84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88eea662a99419c9ebe165b01436bf226dec260b2c054c28261f31febdb6a4e8
8b52955ddb6d6e75624fe0c01be5d9750382b17bb089efd881e3ae65d95e5898
8c59ea50e99f6c3d9c2688f8d5cb6fe29e5998ef2efdd58d6bccd5b7515ac745
8cdce346463e4704b464d68aa573ec5dc61d56961c28f4969278ddfea308d14e
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8d92d8d0b011f054e7abcf358a9ad383c0956ffb9a59d3c1567b50adfff402cf
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b37688297714b5edb70011df2031dd62ca45cfc489e10ea980ea287588fc87
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
97adb3a51c2fc93f7757f68c3f2364334e5212ad63dab789aeec4fa3929b0adb
97c74d78f4f2ebb9045bd495787fcaa9ae9fd6d0d755b1a689a4e7874875e4e3
993d0eaa1eff99ff8a184c9658d4bc053b8881c67b9ec7ece9ba4ebe4bf4b528
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
9ca0fc6763a6aef9953e392c700931a95744204f09d448128381d8e0b92d6e7c
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
a373b9742462ef5b99c7a27b33f67b1bc477b372a8fc236b3d1fb03d7ddc598d
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a4d9ea6bb419e73440d55433f83323ab86c2aa82a0c5d43dcc229add90ddcad7
a52f7164b4d4d6ab2ca3327379012c92d8e5ba0c1fde94d9089c4c62a1805f20
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
ac0286497bef16ca0c9b4b7ec0639458a04e7e44e17f1d834a7853afd28caf69
adf083923e0e7c99e000361e2aa0e56c98592be2cbdeeec270be9c3264a0eb02
af0b286f639fb86837f9c1d54cb2cc84a212af9f67e65c560c4cfd5b4257941d
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b6314c8400868242589514cba66862e787c8ec59275942e0417a65f821a0a976
b6fdfdd0279d966f322f2a5fefd4c3762d904e6f91d36f83665da91c9fe6dad5
b82e140f1d83ec20d923395304e802c3af971c519ea3a42b0c76687d08a34280
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bca63524136b90b4088fbca3a3f08ad3299c1173843ebbcbd96308f961f3e893
bcc12496cca31bf3ce07009f2b035c7405081719cc9bcc534e1272649c6afd9f
bebb94b67da91b3e208ed423b4caf46daecbbd1794e989d15876661127ca3448
bff267b7d30ba1cc8c4388c5231cf3f5928e078c66279061dfdd07175f9eacb5
c06310f651ea0d66df41834526b2293f881c2aee170b316b7316db787827efcc
c08c4dfde93d8222b491f23fcaf9302da264f07fb6adf8dea65a7a79856eadd7
c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21
c4068b18459c9ff05d9e4ba9510da16003d183ff8d84a24b809db4d317795724
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
c6dd85371ada6a77ee2ebc51b0ae9e48aca339c4bc2587a1e8e638d2016ec185
c973bafe1bd7e3abd300e68262ee59907889d1b69534846a9bc5aead514b90fb
c9da5835fd13a32fd4e7ff5e9386526260a21e25996d97ccb4e866d7d936c39b
caf523362238fb40fef75372c56e8354af12ad15c8fa7ec2107afe0af532a92d
cbf41547ca457e40fa32d9c2d359fdc3c63d200e60d3fe1c5e1f939b13413a94
cc342294bc11d8d68d10bd98a7a23b0a47c98a4f1880dd835fef9e08ed719699
cede4b59c0ca18f5cbe1d32471b26f3600a6347dbc85489f39d058caf7c98999
ceedb9cc51b39a9bd891831f5bcdd7f089832a556b54b4f0c9e573ce0023551a
d00ed6baa9240d631603d14fe9ea6ec59c21167845a1be03c01891e26cf05922
d187bb6117829b0682955b83244f8f99238f0aa97ec6d34950a2659638d28299
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d6d1d02238cb0b040b97cf9a0c2f0ade5af086b0fbc62f1ed796cb09915dfecc
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
da38573ef3645a4b0965915e03a67ef150072596c225a2adc6903a6b8021c63b
da640ae45fbcf4fb2cb9a590a3e223ef7e61be3ce5b77eb54552f6e1d8a4d1fa
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dff0d95b954b92ff0b4dbad1c3cd8fa2b1fe201e79a584d89df442ddd28c078b
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3395ef075ee4c9d243a2b3ba591a4ec4896f0cc6add2434cb416e19a291f4a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4588342bba11ba153481b64739ea88d258aad20dc1f0ddd03f0aa0edaac3802
e91de2ed48111ba7673e3f696a17468938e08c3615514036250bac604a40bd09
e9a5835cf2b5dbd2fc4214e2bfa405a806dc1c0113b8ca000ba4c59369114c05
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ea5d2befb0a4e0ce54a1e5014b440dcbec8a981df5921805bef7c080647dab6d
ebbf5440291dcbb8e8699a5bc29006b86a0341d17a0bf429cf4804dec9202f12
ee3d6b75d0990392b763fa2f38a19436d2219cfd39d452502278300d2dd6d917
eee64e7a420c5e70f9c636da84110997eb85bf5e55e56a003ff4b448d4889897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f091e25991cd1a425484fb7928c86e511b6fc2d7340896ed2d810eb8d712a050
f0acf8e67f758651cf553398ed75f867e9216f316a84f327bfbc7deac9502a57
f296f1a7e88dba58270f701249f9dc4f3a315b4aa438e9987aee039bbf80fe31
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3bf9e42c9fa0d01b0f63184d5f918db7ae39f1edaf84098fb0d06755edae00c
f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f919fb862f1b3a096da56a3afb373596453cd2021f6070c83c07d0df15c79180
fabc386d5c732ceea8584bbb614b07620e5bc9cba0595bb93742f9d951581961
fb7314c4e4816de06bc3eadf750ee4598456f1d2eac077b2d7ac2bbe263c372f
fb73ce2d8760c73b989cd7e3f084751dc09b1129197704bdc2597e13d9835b2f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.reporterherald.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

224 Requests

92 %HTTPS

39 %IPv6

47 Domains

72 Subdomains

60 IPs

5 Countries

5375 kBTransfer

13195 kBSize

19 Cookies

49 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.reporterherald.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

92 %
HTTPS

39 %
IPv6

47
Domains

72
Subdomains

60
IPs

5
Countries

5375 kB
Transfer

13195 kB
Size

19
Cookies

224 HTTP transactions
4 data transactions