urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldnet.com Open in urlscan Pro
104.198.41.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heraldnet.com/
Effective URL: https://www.heraldnet.com/
Submission Tags: tranco_l324
Submission: On October 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 5 countries across 33 domains to perform 223 HTTP transactions. The main IP is 104.198.41.198, located in United States and belongs to GOOGLE, US. The main domain is www.heraldnet.com.
TLS certificate: Issued by R3 on September 13th 2021. Valid for: 3 months.
This is the only time www.heraldnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 104.198.41.198 15169 (GOOGLE)
53 108.161.188.228 33438 (HIGHWINDS2)
2 142.250.185.170 15169 (GOOGLE)
1 100.24.222.120 14618 (AMAZON-AES)
1 52.222.149.52 16509 (AMAZON-02)
2 2.18.234.190 16625 (AKAMAI-AS)
1 52.222.158.105 16509 (AMAZON-02)
1 52.222.149.26 16509 (AMAZON-02)
1 1 13.229.43.140 16509 (AMAZON-02)
2 89.187.169.47 60068 (CDN77 ^_^)
8 172.217.23.104 15169 (GOOGLE)
1 104.111.214.80 16625 (AKAMAI-AS)
1 192.0.123.248 2635 (AUTOMATTIC)
3 172.217.16.130 15169 (GOOGLE)
5 52.222.158.2 16509 (AMAZON-02)
1 34.234.121.44 14618 (AMAZON-AES)
4 195.181.175.45 60068 (CDN77 ^_^)
2 104.18.225.52 13335 (CLOUDFLAR...)
1 142.250.185.202 15169 (GOOGLE)
14 18.208.243.234 14618 (AMAZON-AES)
1 2 107.178.250.234 15169 (GOOGLE)
4 157.240.20.19 32934 (FACEBOOK)
11 142.250.186.163 15169 (GOOGLE)
1 184.30.25.193 16625 (AKAMAI-AS)
20 142.250.186.66 15169 (GOOGLE)
1 52.222.149.67 16509 (AMAZON-02)
9 142.250.181.238 15169 (GOOGLE)
2 54.152.53.99 14618 (AMAZON-AES)
2 50.16.211.97 14618 (AMAZON-AES)
3 151.101.2.114 54113 (FASTLY)
6 74.125.133.154 15169 (GOOGLE)
6 142.250.185.228 15169 (GOOGLE)
3 104.16.18.94 13335 (CLOUDFLAR...)
1 152.199.22.243 15133 (EDGECAST)
2 172.217.16.138 15169 (GOOGLE)
4 52.222.163.173 16509 (AMAZON-02)
2 142.250.186.130 15169 (GOOGLE)
2 142.250.186.33 15169 (GOOGLE)
2 70.42.32.95 13789 (INTERNAP-...)
2 52.222.158.86 16509 (AMAZON-02)
1 52.222.158.81 16509 (AMAZON-02)
8 72.251.249.13 29791 (VOXEL-DOT...)
3 157.240.20.35 32934 (FACEBOOK)
2 142.250.181.230 15169 (GOOGLE)
2 44.242.84.49 16509 (AMAZON-02)
1 34.117.123.47 15169 (GOOGLE)
2 52.222.158.12 16509 (AMAZON-02)
1 72.251.249.9 29791 (VOXEL-DOT...)
1 104.111.233.227 16625 (AKAMAI-AS)
5 142.250.185.225 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
2 75.2.13.80 16509 (AMAZON-02)
223 52
4    104.198.41.198 (United States)

ASN15169 (GOOGLE, US)
PTR: 198.41.198.104.bc.googleusercontent.com
heraldnet.com
www.heraldnet.com
53    108.161.188.228 (United States)

ASN33438 (HIGHWINDS2, US)
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
2    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
ajax.googleapis.com
1    100.24.222.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-222-120.compute-1.amazonaws.com
everett-tpweb.newsengin.com
1    52.222.149.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-52.cdg52.r.cloudfront.net
cdn.blueconic.net
2    2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    52.222.158.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-105.cdg52.r.cloudfront.net
cdn.jwplayer.com
1    52.222.149.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-26.cdg52.r.cloudfront.net
get.s-onetag.com
1    13.229.43.140 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-43-140.ap-southeast-1.compute.amazonaws.com
go.automatad.com
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
b2cdn.automatad.com
8    172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f8.1e100.net
www.googletagmanager.com
1    104.111.214.80 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-80.deploy.static.akamaitechnologies.com
www.accuweather.com
1    192.0.123.248 (Los Angeles, United States)

ASN2635 (AUTOMATTIC, US)
PTR: polldaddy.com
secure.polldaddy.com
3    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googletagservices.com
5    52.222.158.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-2.cdg52.r.cloudfront.net
widgets.recruitology.com
1    34.234.121.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-121-44.compute-1.amazonaws.com
heraldnet-wa.newsmemory.com
4    195.181.175.45 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-44.cdn77.com
cdn.userway.org
2    104.18.225.52 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
14    18.208.243.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-243-234.compute-1.amazonaws.com
soundpublishing.blueconic.net
2    107.178.250.234 (United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
4    157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
11    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    184.30.25.193 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
20    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
1    52.222.149.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-67.cdg52.r.cloudfront.net
ob.cheqzone.com
9    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
2    54.152.53.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-53-99.compute-1.amazonaws.com
www.i.matheranalytics.com
2    50.16.211.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-211-97.compute-1.amazonaws.com
obs.cheqzone.com
3    151.101.2.114 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
6    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
stats.g.doubleclick.net
6    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
3    104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
imasdk.googleapis.com
4    52.222.163.173 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-163-173.cdg52.r.cloudfront.net
c.amazon-adsystem.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.com
2    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
2    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
2    52.222.158.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-86.cdg52.r.cloudfront.net
onetag-geo.s-onetag.com
1    52.222.158.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-81.cdg52.r.cloudfront.net
signal-beacon.s-onetag.com
8    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
vap2ams1.lijit.com
3    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
s0.2mdn.net
2    44.242.84.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-84-49.us-west-2.compute.amazonaws.com
api.userway.org
1    34.117.123.47 (United States)

ASN15169 (GOOGLE, US)
PTR: 47.123.117.34.bc.googleusercontent.com
api.recruitology.com
2    52.222.158.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-12.cdg52.r.cloudfront.net
plugins.blueconic.net
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
gslbeacon.lijit.com
1    104.111.233.227 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
5    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
2    75.2.13.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
53 netdna-ssl.com
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
4 MB
26 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
247 KB
17 blueconic.net
cdn.blueconic.net
soundpublishing.blueconic.net
plugins.blueconic.net
230 KB
11 gstatic.com
fonts.gstatic.com
240 KB
10 lijit.com
ap.lijit.com
gslbeacon.lijit.com
vap2ams1.lijit.com
pxdrop.lijit.com
28 KB
9 google-analytics.com
www.google-analytics.com
20 KB
8 googlesyndication.com
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com Failed
58 KB
8 google.com
www.google.com
adservice.google.com
1 KB
8 googletagmanager.com
www.googletagmanager.com
339 KB
6 userway.org
cdn.userway.org
api.userway.org
31 KB
6 recruitology.com
widgets.recruitology.com
api.recruitology.com
24 KB
6 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
22 KB
5 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
350 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
40 KB
4 facebook.net
connect.facebook.net
192 KB
4 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
41 KB
4 heraldnet.com
heraldnet.com
www.heraldnet.com
34 KB
3 facebook.com
www.facebook.com
404 B
3 cloudflare.com
cdnjs.cloudflare.com
18 KB
3 jwpcdn.com
ssl.p.jwpcdn.com
117 KB
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
3 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
1 KB
3 googletagservices.com
www.googletagservices.com
100 KB
3 automatad.com
go.automatad.com
b2cdn.automatad.com
81 KB
2 2mdn.net
s0.2mdn.net
17 KB
2 onesignal.com
cdn.onesignal.com
71 KB
2 jwplayer.com
cdn.jwplayer.com
entitlements.jwplayer.com
37 KB
2 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
65 KB
1 newsmemory.com
heraldnet-wa.newsmemory.com
40 KB
1 polldaddy.com
secure.polldaddy.com
6 KB
1 accuweather.com
www.accuweather.com
1 KB
1 newsengin.com
everett-tpweb.newsengin.com
2 KB
0 newzware.com Failed
everettweb.newzware.com Failed
everett.newzware.com Failed
223 33
Domain Requested by
53 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com www.heraldnet.com
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
20 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.heraldnet.com
14 soundpublishing.blueconic.net cdn.blueconic.net
www.heraldnet.com
11 fonts.gstatic.com fonts.googleapis.com
9 www.google-analytics.com www.googletagmanager.com
www.heraldnet.com
www.google-analytics.com
8 www.googletagmanager.com www.heraldnet.com
www.googletagmanager.com
6 ap.lijit.com get.s-onetag.com
ap.lijit.com
www.heraldnet.com
6 www.google.com www.heraldnet.com
securepubads.g.doubleclick.net
6 stats.g.doubleclick.net www.google-analytics.com
5 tpc.googlesyndication.com 3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
5 widgets.recruitology.com www.heraldnet.com
widgets.recruitology.com
4 c.amazon-adsystem.com 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
c.amazon-adsystem.com
4 connect.facebook.net www.heraldnet.com
connect.facebook.net
soundpublishing.blueconic.net
4 cdn.userway.org www.heraldnet.com
cdn.userway.org
3 www.facebook.com www.heraldnet.com
connect.facebook.net
3 cdnjs.cloudflare.com widgets.recruitology.com
go.automatad.com
soundpublishing.blueconic.net
3 ssl.p.jwpcdn.com cdn.jwplayer.com
3 www.googletagservices.com www.heraldnet.com
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 www.heraldnet.com 1 redirects soundpublishing.blueconic.net
2 vap2ams1.lijit.com www.heraldnet.com
2 plugins.blueconic.net soundpublishing.blueconic.net
plugins.blueconic.net
2 api.userway.org cdn.userway.org
2 s0.2mdn.net imasdk.googleapis.com
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 log.outbrainimg.com widgets.outbrain.com
2 3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 imasdk.googleapis.com cdn.jwplayer.com
imasdk.googleapis.com
2 obs.cheqzone.com ob.cheqzone.com
www.heraldnet.com
2 www.i.matheranalytics.com www.heraldnet.com
2 js.matheranalytics.com 1 redirects www.heraldnet.com
2 cdn.onesignal.com www.heraldnet.com
cdn.onesignal.com
2 b2cdn.automatad.com www.heraldnet.com
go.automatad.com
2 ajax.googleapis.com www.heraldnet.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 pagead2.googlesyndication.com www.googletagservices.com
1 pxdrop.lijit.com www.heraldnet.com
1 gslbeacon.lijit.com ap.lijit.com
1 api.recruitology.com widgets.recruitology.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 entitlements.jwplayer.com cdn.jwplayer.com
1 ob.cheqzone.com widgets.outbrain.com
1 widget-pixels.outbrain.com www.heraldnet.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 fonts.googleapis.com ajax.googleapis.com
1 heraldnet-wa.newsmemory.com www.heraldnet.com
1 secure.polldaddy.com www.heraldnet.com
1 www.accuweather.com www.heraldnet.com
1 go.automatad.com 1 redirects
1 get.s-onetag.com www.heraldnet.com
1 cdn.jwplayer.com www.heraldnet.com
1 widgets.outbrain.com www.heraldnet.com
1 cdn.blueconic.net www.heraldnet.com
1 everett-tpweb.newsengin.com www.heraldnet.com
1 heraldnet.com 1 redirects
0 everett.newzware.com Failed www.heraldnet.com
0 everettweb.newzware.com Failed 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
223 58

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
www.heraldnet.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.newsengin.com
AlphaSSL CA - SHA256 - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
*.blueconic.net
Thawte TLS RSA CA G1		 2019-12-04 -
2022-02-01		 2 years crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
b2cdn.automatad.com
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.accuweather.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-09-16		 a year crt.sh
*.polldaddy.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.recruitology.com
Amazon		 2021-06-13 -
2022-07-12		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-31 -
2022-03-31		 2 years crt.sh
cdn.userway.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-05 -
2022-01-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.cheqzone.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
obs.cheqzone.com
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-30 -
2022-06-30		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
api.userway.org
Amazon		 2020-12-02 -
2021-12-31		 a year crt.sh
cert1.a2.atm.aqfer.net
R3		 2021-09-20 -
2021-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.heraldnet.com/
Frame ID: 829F0D560B7473B56D5F140E31D9D72B
Requests: 206 HTTP requests in this frame

Frame: https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F0235522016DEDA35D36A822B756131E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Frame ID: 2C95572D9BE06FA751E5C19AB373D706
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Frame ID: 537C47EF723D9D79B8BDFBF852203412
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=m_658444_3a5365093d1c4227ad45acf69684958f&rand=3388&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Frame ID: AB4B0C5D0197441AF91AB79291AED813
Requests: 1 HTTP requests in this frame

Frame: https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1DA6157E0CC6CEB16B52E86AF9CE587F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://heraldnet.com/ HTTP 301
    http://www.heraldnet.com/ HTTP 301
    https://www.heraldnet.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

223
Requests

98 %
HTTPS

0 %
IPv6

33
Domains

58
Subdomains

52
IPs

5
Countries

6674 kB
Transfer

12936 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heraldnet.com/ HTTP 301
    http://www.heraldnet.com/ HTTP 301
    https://www.heraldnet.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://go.automatad.com/geo/FtSDHt/afihbs.js HTTP 301
  • https://b2cdn.automatad.com/geo/FtSDHt/US-W/afihbs.js
Request Chain 59
  • https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1577 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js

223 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldnet.com/
Redirect Chain
  • http://heraldnet.com/
  • http://www.heraldnet.com/
  • https://www.heraldnet.com/
277 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.41.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
198.41.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
6949cb00596a05946a61e1fbcd19aafc6b73a067791178b36df39382b80b2df3

Request headers

:method
GET
:authority
www.heraldnet.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 27 Oct 2021 07:14:06 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link
<https://www.heraldnet.com/wp-json/>; rel="https://api.w.org/" <https://www.heraldnet.com/wp-json/wp/v2/pages/142>; rel="alternate"; type="application/json" <https://www.heraldnet.com/>; rel=shortlink
set-cookie
spi-adslots=%5B%22f4e5f220-2efc-45a1-869f-0b293f8aec73%22%2C%201036994%2C%20%5B%5B1%2C%20%22%5B970%2C%2090%5D%22%5D%2C%20%5B3%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%20%5B320%2C%2050%5D%22%5D%2C%20%5B5%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B7%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B9%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B11%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B13%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%5D%5D; expires=Thu, 28-Oct-2021 07:11:25 GMT; Max-Age=86400; path=/ spi-check=0; expires=Thu, 28-Oct-2021 07:11:25 GMT; Max-Age=86400; path=/
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 9
x-cache-group
normal
content-encoding
br

Redirect headers

Server
nginx
Date
Wed, 27 Oct 2021 07:14:06 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Keep-Alive
timeout=20
Location
https://www.heraldnet.com/
marketplace.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/css/marketplace.css?ver=5.8.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
e37ae5d102b6a2a59335bdb9e89df1c3f60ed83f2153dbc5a4bf0b62467f6742

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 16:21:30 GMT
server
NetDNA-cache/2.2
etag
W/"611d338a-1003"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
weather-bug.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/weather-bug/css/ 		1 KB
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/weather-bug/css/weather-bug.css?ver=5.8.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5da32ead21ee2f8124a0e0a6884c9a0b4cf31cdaecd23fde4e527a7cc01b187d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 22:59:08 GMT
server
NetDNA-cache/2.2
etag
W/"611ee23c-4a0"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.ui.all.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/jquery.ui.all.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-9420"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
epass-css.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/epass-css.css?ver=1.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-a20"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 19 Jul 2021 00:56:57 GMT
server
NetDNA-cache/2.2
etag
W/"60f4cdd9-13abe"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wpba-frontend.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/ 		852 B
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/wpba-frontend.css?ver=1.3.11
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:20:53 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2f85-354"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
foundation.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/ 		268 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8806a9f9b3bcd4a2ee2ae62e8483b6558336d9f9920770d0af93a378365d2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 16:24:02 GMT
server
NetDNA-cache/2.2
etag
W/"613a3522-42ff6"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/ 		2 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 21:00:20 GMT
server
NetDNA-cache/2.2
etag
W/"59e91264-765"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick-theme.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 21:00:20 GMT
server
NetDNA-cache/2.2
etag
W/"59e91264-d28"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
teamplayer-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/ 		191 B
358 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/teamplayer-theme.css?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 22:26:56 GMT
server
NetDNA-cache/2.2
etag
W/"59e926b0-bf"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
config.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/config.js?ver=3.5
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 16:58:59 GMT
server
NetDNA-cache/2.2
etag
W/"601ad653-70a2"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
site-min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		47 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/site-min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-bc57"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-1.7.2.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-1.7.2.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-1727a"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.ui.core.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery.ui.core.min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-1113"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-ui.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		197 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-ui.min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-31480"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nwJQuery.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		35 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/nwJQuery.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
"5e540ecf-23"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
35
e-pass-min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		82 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/e-pass-min.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 17:58:39 GMT
server
NetDNA-cache/2.2
etag
W/"5e540ecf-146bc"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js?ver=2.1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 10:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29478
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 21 Oct 2022 10:11:03 GMT
ai-jquery.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ 		18 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ai-jquery.js?ver=5.8.1+2.5.10
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Wed, 08 Jan 2020 21:04:07 GMT
server
NetDNA-cache/2.2
etag
"5e1643c7-12"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18
hb-amzn-uam.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:21:38 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2fb2-c02"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
picturefill.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/app/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/app/picturefill.min.js?ver=1630604373
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 17:39:33 GMT
server
NetDNA-cache/2.2
etag
W/"61310c55-2e37"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
slick.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/ 		86 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/slick.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 20:59:37 GMT
server
NetDNA-cache/2.2
etag
W/"59e91239-15986"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
header.js
everett-tpweb.newsengin.com/tpweb/web/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://everett-tpweb.newsengin.com/tpweb/web/js/header.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.222.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-222-120.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Aug 2015 15:13:20 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"f9e-51c7db9f7e5e0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1290
teamplayer-local.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/ 		679 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/teamplayer-local.js?ver=1.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 19 Oct 2017 22:29:27 GMT
server
NetDNA-cache/2.2
etag
W/"59e92747-2a7"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.8.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 22 Oct 2022 02:01:15 GMT
webfontloader.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 		146 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/webfontloader.js?ver=1.0.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2017 01:34:13 GMT
server
NetDNA-cache/2.2
etag
W/"598bb815-92"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
marketplace.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/js/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/js/marketplace.js?ver=5.8.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c6d562799491fcd2e98910dd06f2a665646c5279710fea428522fbc365772e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 16:21:31 GMT
server
NetDNA-cache/2.2
etag
W/"611d338b-45d"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
soundpublishing.js
cdn.blueconic.net/ 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blueconic.net/soundpublishing.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-52.cdg52.r.cloudfront.net
Software
- /
Resource Hash
a6a9995eb5a932a94ff14016526b5d5b34599b5599b576b44b7e49ace7ac0a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
462
x-cache
Hit from cloudfront
content-length
40591
x-xss-protection
1; mode=block
last-modified
Tue, 12 Oct 2021 18:57:34 GMT
server
-
etag
"21616-5ce2c6b1b2bf8-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 90f2730fcbf1dfb3e49905fd930a0264.cloudfront.net (CloudFront)
cache-control
public, max-age=600, s-maxage=500
x-amz-cf-pop
CDG52-P1
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
yvJN2vp91ORfo6Ip93JbOzS3585Srb5r5bmqpCYDKVY4ClQ4BiWrlQ==
outbrain.js
widgets.outbrain.com/ 		185 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91a04f1e5724fe7af40bd9fd17921b50149707f870cd03bd4a5e30f4a2aacafc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 06:20:36 GMT
etag
W/"2e5d4-KZgmG4iSRKg0MLfFpO248MeVelI"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
222ee856db7506d3a0716c60a11e01fd
timing-allow-origin
*, *
content-length
65881
expires
Wed, 27 Oct 2021 11:14:07 GMT
NOZVn4NA.js
cdn.jwplayer.com/libraries/ 		113 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-105.cdg52.r.cloudfront.net
Software
openresty /
Resource Hash
6a215d32cd6fa5203df0bd5210ef60b3335955d55be91f5940e9e19781a3649d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:12:34 GMT
content-encoding
gzip
server
openresty
age
93
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
CDG52-P2
content-length
37729
via
1.1 127aaaaca740f298a4c887357ec047b5.cloudfront.net (CloudFront)
x-amz-cf-id
9N7iLWAU_r3_haYKryE9KTcvRTmo3qsjgxVu2x4gTsFj6HrmUTnenw==
expires
Wed, 27 Oct 2021 07:15:04 GMT
tag.min.js
get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-26.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
xj57ez3UnPy2eN1qoVkw.LFL15QiNFIp
content-encoding
gzip
last-modified
Thu, 23 Jul 2020 20:40:43 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
etag
W/"520479fb1242c9257060bcec5558c41d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
date
Wed, 27 Oct 2021 07:14:08 GMT
x-amz-cf-id
OhFQDr7o57GpQUZmUJgDhD1MREe2eXLkKn8LIEQLjfQM54BvM2vsJA==
afihbs.js
b2cdn.automatad.com/geo/FtSDHt/US-W/
Redirect Chain
  • https://go.automatad.com/geo/FtSDHt/afihbs.js
  • https://b2cdn.automatad.com/geo/FtSDHt/US-W/afihbs.js
49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/geo/FtSDHt/US-W/afihbs.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
9cd5f69718feedbc383228bd72dda45633adaf6e325c1415a80d080dbf5a46d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
br
x-openstack-request-id
tx6ca34fc2e2224d24836d4-00616db87b
cdn-edgestorageid
756
access-control-allow-origin
*
x-iplb-instance
28796
cdn-cachedat
10/26/2021 05:45:12
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
tx6ca34fc2e2224d24836d4-00616db87b
server
BunnyCDN-DE1-756
x-timestamp
1634580496.68979
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Mon, 18 Oct 2021 18:08:17 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-iplb-request-id
B95D01F1:F515_8E2CE366:01BB_616DB87B_19F00130:078E
vary
Accept-Encoding
x-object-meta-mtime
1634580455.813459299
cdn-cache
REVALIDATED
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
0ea2e24e2929d863e726c113ee5219f2
content-type
application/javascript
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Wed, 27 Oct 2021 07:14:07 GMT
server
nginx/1.17.8
content-type
text/html; charset=utf-8
location
https://b2cdn.automatad.com/geo/FtSDHt/US-W/afihbs.js
cache-control
no-cache
x-automatad-country
US
content-length
88
expires
Wed, 27 Oct 2021 07:14:06 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52608-71
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2b4a236ad5e82be642bd0f69c4657c6413064a9732b59472b814de0d188ad77d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35741
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Oct 2021 07:14:07 GMT
38.svg
www.accuweather.com/images/weathericons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.accuweather.com/images/weathericons/38.svg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.214.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-80.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0f2254dbe33e7422e9ec9025a8babddbc6200d63b505adb33b5b849de53d9726
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
last-modified
Mon, 18 Oct 2021 14:53:33 GMT
server
Akamai Resource Optimizer
etag
"bdda8b61ac679666f37063980f350503:1634048150.526916"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
image/svg+xml
cache-control
max-age=790
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
738
expires
Wed, 27 Oct 2021 07:27:17 GMT
10950427.js
secure.polldaddy.com/p/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.polldaddy.com/p/10950427.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.123.248 Los Angeles, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
polldaddy.com
Software
nginx /
Resource Hash
782b100759cee637a831dd4ba5fb282e7b84754c34a5e8196ce975651a3ab390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
cache-control
max-age=300, s-maxage=31536000
last-modified
Tue, 26 Oct 2021 00:21:59 GMT
server
nginx
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
26765367_web1_211025-Impress-SOUND-EDH-SkagitHistoricalMuseum-ditich_1.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26765367_web1_211025-Impress-SOUND-EDH-SkagitHistoricalMuseum-ditich_1.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
747d4689b8093b6b64eca59a4b4746c7250d4975523621ecd988e848ab271c8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Mon, 25 Oct 2021 13:04:02 GMT
server
NetDNA-cache/2.2
etag
"6176ab42-3834e"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
230222
expires
Fri, 26 Nov 2021 01:54:21 GMT
26811792_web1_211025-Impress-EDH-ProvidenceHealth-telehealth_1.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26811792_web1_211025-Impress-EDH-ProvidenceHealth-telehealth_1.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2a98dd822458f5d47ed4febf322c763eafe9498dd446b853fa6904cf2f23d6ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Mon, 25 Oct 2021 13:04:40 GMT
server
NetDNA-cache/2.2
etag
"6176ab68-17690"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
95888
expires
Fri, 26 Nov 2021 01:54:21 GMT
26708267_web1_211018-Impress-EDH-QuailParkOfLynnwood-Fall_1.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		449 KB
449 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26708267_web1_211018-Impress-EDH-QuailParkOfLynnwood-Fall_1.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c2423ff67400588dc4204c553696927c05c41e069a9e1715b05fb4517b8767d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Mon, 18 Oct 2021 13:02:45 GMT
server
NetDNA-cache/2.2
etag
"616d7075-702a5"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
459429
expires
Fri, 26 Nov 2021 01:54:21 GMT
26639748_web1_211011-Impress-EDH-PeoplesBank-bank_1.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26639748_web1_211011-Impress-EDH-PeoplesBank-bank_1.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
e713e5286e1ea67b3b7efa75cab4b22fbeeac675bd41020185d2fab749c3971f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Sat, 23 Oct 2021 07:11:24 GMT
server
NetDNA-cache/2.2
etag
"3f7efac0415f84bd32df2454dbe16096"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
136240
expires
Fri, 26 Nov 2021 01:54:21 GMT
26964295_web1_TSR-EDH-20211026-Teaser.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26964295_web1_TSR-EDH-20211026-Teaser.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
10812563777eda195bb752d0eb90d5af1af38fe8eaccb94be3ff56a0e2be77e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Tue, 26 Oct 2021 22:56:05 GMT
server
NetDNA-cache/2.2
etag
"61788785-1f91d"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
129309
expires
Fri, 26 Nov 2021 01:54:21 GMT
26957406_web1_TSR-EDH-20211026-Teaser.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26957406_web1_TSR-EDH-20211026-Teaser.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
946c7755fe5a265547bb71049406fbe397d23a25ee4510b945776e6895d361a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Tue, 26 Oct 2021 19:23:40 GMT
server
NetDNA-cache/2.2
etag
"617855bc-21e28"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
138792
expires
Fri, 26 Nov 2021 01:54:21 GMT
26956921_web1_TSR-EDH-20211026-Recovering-Lost-Video-Files-2.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26956921_web1_TSR-EDH-20211026-Recovering-Lost-Video-Files-2.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5462bd716ebcf7a78d50b201e11488373aea4e1dcd80c3e47860afde2ab48023

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Tue, 26 Oct 2021 19:03:17 GMT
server
NetDNA-cache/2.2
etag
"617850f5-1a210"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
107024
expires
Fri, 26 Nov 2021 01:54:21 GMT
26965649_web1_TSR-EDH-20211026-1280-herald-psy.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26965649_web1_TSR-EDH-20211026-1280-herald-psy.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ff71581268dfd7c58f18463eab5f1426c5339c7f895c362c78b490abceadfe12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Tue, 26 Oct 2021 23:50:57 GMT
server
NetDNA-cache/2.2
etag
"61789461-28f05"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
167685
expires
Fri, 26 Nov 2021 01:54:21 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
f3732a2e63630899d49b5dfc4e8664335886400b66dba1d5fbc653dd5661d6f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1025 / 890 of 1000 / last-modified: 1635286009"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27289
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Oct 2021 07:14:07 GMT
gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
widgets.recruitology.com/scripts/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-2.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dd3e152a8ef540f0c36eefa9c190d78b6fcdf5f461ae7a05103a17330e9ad02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
last-modified
Sat, 23 Oct 2021 04:41:02 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
etag
W/"1aa327ec670fd7e00407b475c6e9771c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
q72m1l4o7moCv1wGjG52B0thiKjOHdLoB30mZddNez0PHJs5vpe3FA==
expires
Wed, 27 Oct 2021 07:11:03 GMT
0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
widgets.recruitology.com/scripts/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/scripts/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-2.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18fa372d92c3535ad1cd2f0825983bcec5a04aeee80641ee6e9b51e5b95b759a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
last-modified
Sat, 23 Oct 2021 04:41:01 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
etag
W/"bd16fb3944dfe2cb3d665972e78a603e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
LFnyjKbmzFPD0NDbdKhd5fQNSxcKlkuasXN8jNLWu4J-ljHl_WmDKQ==
expires
Wed, 27 Oct 2021 07:11:03 GMT
/
heraldnet-wa.newsmemory.com/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heraldnet-wa.newsmemory.com/?getprima
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.121.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-121-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7ec8c2fed6490bc9da90e953b5dc3e988360540f88e8ad62ca998de2e03e31b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:07 GMT
Cache-Control
max-age=900,s-maxage=900
Expires
Wed, 27 Oct 2021 07:29:07 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
image/png
widget.js
cdn.userway.org/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.45 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
cf79654605ff2f1af4cb080e2da5a23eda82fc4d9b4a72ecde8730320044f547

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 27 Oct 2021 07:14:07 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-77-nzt-ray
sARlEn9a54U=
age
125
x-77-cache
HIT
x-cache
HIT
x-age
285
content-encoding
br
x-77-nzt
AcO1ryxW7KXvHQEAAA==
x-accel-expires
@1635322162
last-modified
Mon, 25 Oct 2021 22:05:20 GMT
server
CDN77-Turbo
etag
W/"2646c1a742927844b0b8aa1b1be0b7c9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Obv6NhJNPvrq38QSA8-0pmnaAl6xuujMjXUZEXAWEYnZZLcwjCoE-w==
marketplace-dofollow.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 		206 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/marketplace-dofollow.min.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7505468536f0cc99279960b2e9380a1da3b766dbe27440f3562be6e974512e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 17:23:34 GMT
server
NetDNA-cache/2.2
etag
W/"60c8e216-ce"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
epass.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/epass.js?ver=2.5
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Wed, 26 Aug 2020 22:10:31 GMT
server
NetDNA-cache/2.2
etag
W/"5f46ddd7-dda"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
foundation.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 		963 KB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/foundation.js?ver=2.9.0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2017 04:14:29 GMT
server
NetDNA-cache/2.2
etag
W/"59cc7725-f0b74"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.sonar.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:22:17 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2fd9-580"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
lazy-load.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/ 		902 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Thu, 28 Mar 2019 02:22:17 GMT
server
NetDNA-cache/2.2
etag
W/"5c9c2fd9-386"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/ 		1 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
NetDNA-cache/2.2
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
331
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a4a202d891c278c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 30 Oct 2021 07:14:07 GMT
css
fonts.googleapis.com/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
b2664176f0e1e0763fb3767d9e0576b9883f6c1623c0d28f4d9be7b40a600081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 07:14:07 GMT
server
ESF
date
Wed, 27 Oct 2021 07:14:07 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 27 Oct 2021 07:14:07 GMT
gtm.js
www.googletagmanager.com/ 		80 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b3dafed8f0df0a8d79a88ebdd5e0351dc6ed6dde6f73711125c14822a9e0d61a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
32031
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Oct 2021 07:14:07 GMT
gtm.js
www.googletagmanager.com/ 		123 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBNW4C
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
31005eda0dd0a4be23208105e45c84d562d9ec599941d8103fe65586a6f2bcdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
45892
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Oct 2021 07:14:07 GMT
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		68 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A07%2B00%3A00&ts=1635318847529
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
8ba91d81ec22c189f381e611af66a6862c9dba43632fc19af7a12ac44f1a742b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
11871
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma13246/715673500/2/
Redirect Chain
  • https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1577
  • https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
140 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 05:51:26 GMT
content-encoding
br
last-modified
Fri, 12 Mar 2021 20:56:34 GMT
server
nginx
age
4961
etag
"a1715eaf03a833c065ff7e0c37e0c3ec"
vary
Accept-Encoding
x-cache
HIT Mon, 15 Mar 2021 15:20:27 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
41569

Redirect headers

date
Wed, 27 Oct 2021 07:14:07 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
6-gc-euw1-10925
gtm.js
www.googletagmanager.com/ 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWBBMFL
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f705100b4cb858cef5721752ea8901dd84d7b109fcb6f5b08ca6f82dbcb91500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38980
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Oct 2021 07:14:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
EoI0hzO4sycNMSHOvACsfGUHiM3QUd4YQLmBDja+ilOSR9vCglNzPNjr1yXUNrwSfDXWh04B+6MlWXtXjmOHFQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 27 Oct 2021 07:14:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jquery.ui.all.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/ 		0
0
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 16:07:23 GMT
x-content-type-options
nosniff
age
486404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 16:07:23 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:40:24 GMT
x-content-type-options
nosniff
age
534823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19728
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 02:40:24 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:43:17 GMT
x-content-type-options
nosniff
age
545450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19696
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 23:43:17 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c5cee7e6aa64088bf3e1569168fb295c8cb286855328b0d1e2a213465a9e182f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:21:28 GMT
x-content-type-options
nosniff
age
442359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19904
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 04:21:28 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 04:48:55 GMT
x-content-type-options
nosniff
age
527112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 04:48:55 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:40:52 GMT
x-content-type-options
nosniff
age
534795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 02:40:52 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:50:41 GMT
x-content-type-options
nosniff
age
465806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19824
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 21:50:41 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 01:25:05 GMT
x-content-type-options
nosniff
age
20942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 01:25:05 GMT
JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 03:43:19 GMT
x-content-type-options
nosniff
age
12648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 03:43:19 GMT
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:38:58 GMT
x-content-type-options
nosniff
age
448509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19672
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 02:38:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options
nosniff
age
478073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 18:26:14 GMT
d3d3LmhlcmFsZG5ldC5jb20=
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmhlcmFsZG5ldC5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.193 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:07 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=19090
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
7d12ecbf7a8d87a3cbc5bccee8b95658
Content-Length
15
Expires
Wed, 27 Oct 2021 12:32:17 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=0.7477508827503392
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Fri, 26 Nov 2021 07:14:07 GMT
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Oct 2021 07:14:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		185 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldnet.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6fee4f0d21404d7ce3b0e3e1759c965f33fd9d870f07510d519bdca98b1d02c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122
x-xss-protection
0
expires
Wed, 27 Oct 2021 07:14:07 GMT
placement_invocation
ob.cheqzone.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-67.cdg52.r.cloudfront.net
Software
/
Resource Hash
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 21:11:19 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
36168
etag
"c6e6-H+PLdQz0EEd97ZlT78HNXlxTPcM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 12106f573f4d659c0533de0d7a9042c1.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
CDG52-P1
content-length
19276
x-amz-cf-id
DOsUMcGK7NH5bMsmkuo9HmG2fSlk8jJxIP7Pz_9Wvvdraci0gGhy6Q==
expires
Wed, 27 Oct 2021 09:11:19 GMT
869459273124027
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/869459273124027?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
8e79f49a59b2da417dbc275440bb0e2ff2276e8398e85ca60c038da1cc6eb45e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
g4gsDbXoWJoAyDPuXTrXA8fVC/8CBbKQWecXSEOx0DP6At5q2eYl90VbWcJw3hMNmd8ymN+P9Q5pOzvtGfep+w==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 27 Oct 2021 07:14:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2WM1N458VT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0a73d05531962fcbd61b2bc88c80a2f6c9b3afcf7c0151b1fbe19ea789eb8a70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
61132
x-xss-protection
0
expires
Wed, 27 Oct 2021 07:14:07 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109002081-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a172937d6387b1be47457ff490efa1fb5c1cd27d277caba6efe89e7387ef897e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35770
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Oct 2021 07:14:07 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109002081-7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
982bd5811cd3e8f4f066715d657d3d0aad1ee32008b92d815f9be6cde2933c79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35771
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 Oct 2021 07:14:07 GMT
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BHJYZD7VVN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0edfb5568fc61262f6c27ddf7ef69a312f41daa8f897bcca41368a375301bc64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60962
x-xss-protection
0
expires
Wed, 27 Oct 2021 07:14:07 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBNW4C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4413
date
Wed, 27 Oct 2021 06:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19747
expires
Wed, 27 Oct 2021 08:00:34 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&tid=13b9fa46-91d6-49a1-9f48-f060bbe8f8e0&pid=eee9bb90-43a1-4c43-8b22-e4d5812dab0d&dtm=1635318847782&qnm=_matherq&visible=1&tabid=ac7ec07e-c080-4d1e-87c8-49dd5a605ba6&url=https%3A%2F%2Fwww.heraldnet.com%2F&vp=1600x1200&ds=1600x1200&tofa=1635318848&vid=1&lvidt=1635318848&duid=250a8d04d6665f23&fp=560948675&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYzNTMxODg0NTQxOSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMS45bWIiLCJoZWFwVCI6IjE0LjNtYiIsImZldGNoUyI6IjExNDEiLCJkb21haW5TIjoiMTE0MiIsImRvbWFpbkUiOiIxMTQyIiwiY29ublMiOiIxMTQyIiwiY29ubkUiOiIxNDc0Iiwic3NsUyI6IjEyNTEiLCJyZXF1UyI6IjE0NzQiLCJyZXNwUyI6IjE2MjciLCJyZXNwRSI6IjE3MzYiLCJkb21Mb2FkIjoiMTYzMCJ9LCJrZXl3b3JkcyI6WyJoZWFkbGluZXMiXX0
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.53.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-53-99.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:08 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
show_pla
obs.cheqzone.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.heraldnet.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=13652255850217261589292105052515240858397967165469177681722584791802&nc=0&tsf=0&tsfmi=&pv=0&cb=1635318847849&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=220482090&at=&bid=e30%3D&di=W1siZWYiLDYzMDldLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjExMTM2%0D%0AMTUxMixcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkg%0D%0Ae1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAg%0D%0AICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAg%0D%0AICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAg%0D%0AICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxl%0D%0AOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9%0D%0AKVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9%0D%0AXSJdLFstMSwiLSJdLFstMiwiOCxlWVhWWDFQcngyTytlMmFabk1wQmRJQVJLS1ZFRVFJZ0tDZEpY%0D%0AZUJCRVFSSXFpSUMxOHFEUkZrTjVDQzRyU2ZpSlNwQW9JUk9tUVFoSlNTTTlNWmpKenl5bDc3N1cv%0D%0AWjUxN3o4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFl%0D%0Ab2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxb%0D%0ALTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0x%0D%0AMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm5ld3Nfa2V5d29yZHNcIixc%0D%0AIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwi%0D%0AdHdpdHRlcjp0aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjow%0D%0AfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTks%0D%0AIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAw%0D%0ALDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxbLTIxLCJQaHRlRTly%0D%0AZCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0s%0D%0AWy0yNiwie1widGpoc1wiOjE0MzAwMDAwLFwidWpoc1wiOjExOTAwMDAwLFwiamhzbFwiOjM3NjAw%0D%0AMDAwMDB9Il0sWy0yNywiWzAsOS45LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxb%0D%0ALTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFst%0D%0AMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCIt%0D%0AIl0sWy0zNSwiWzE2MzUzMTg4NDc4MzUsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFst%0D%0AMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImwsLTEsLTEsMTE0MSwwLDEsMCwwLDMzMiwyNjIsLTE2%0D%0AMzUzMTg4NDcxNTUsMCwsLDI0MTcsMjQxOCJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tv%0D%0AXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwz%0D%0AXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAw%0D%0AMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCIwLDAsMCwwLDAsMCww%0D%0ALDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2%0D%0ALCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0s%0D%0AWy00OSwiLSJdLFsiYm5jaCIsNDZdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A0%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=vSA56E4RO6&sdd=%7B%7D&pto=2432
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
24726fad4c60cfc6357b6a47ef513babd44468c36f2f3649df09488c91fcf3b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1346
expires
Fri, 01 Jan 1990 00:00:00 GMT
googima.js
ssl.p.jwpcdn.com/player/plugins/googima/v/8.9.1/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/plugins/googima/v/8.9.1/googima.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f39f5a2b61aea2db3244384a3f02be6830fb34b924538452856aa6c53b7ae5bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
age
1754235
x-cache
HIT
content-length
21956
via
1.1 varnish
x-served-by
cache-hhn4055-HHN
last-modified
Mon, 20 Sep 2021 22:12:43 GMT
server
AmazonS3
x-timer
S1635318848.890549,VS0,VE0
etag
"0aaf301da263af13475737da5a07d610"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
384131
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.23.1/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
age
398
x-cache
HIT
content-length
17499
via
1.1 varnish
x-served-by
cache-hhn4055-HHN
last-modified
Fri, 08 Oct 2021 21:48:29 GMT
server
AmazonS3
x-timer
S1635318848.890632,VS0,VE0
etag
"fd28c0166cd7029ddfb10e5953b3f7f2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
1208
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.23.1/ 		305 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b372ba82431aa0eff7d94071558ba1bf9386a7193632cf501e98812904e5f598

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:07 GMT
content-encoding
gzip
age
1264100
x-cache
HIT
content-length
79802
via
1.1 varnish
x-served-by
cache-hhn4055-HHN
last-modified
Fri, 08 Oct 2021 21:48:22 GMT
server
AmazonS3
x-timer
S1635318848.890705,VS0,VE0
etag
"168485c84f61f3dce164a7df3f4e091a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
530410
collect
stats.g.doubleclick.net/j/ 		2 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-52608-71&cid=906521392.1635318848&jid=58627192&gjid=31769212&_gid=55066865.1635318848&_u=YGBAgAABAAAAAE~&z=532123194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Oct 2021 07:14:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-52608-48&cid=906521392.1635318848&jid=1716036339&gjid=1502342015&_gid=55066865.1635318848&_u=YGDAgAABAAAAAE~&z=305056860
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Oct 2021 07:14:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1065126420&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=58627192&gjid=31769212&cid=906521392.1635318848&tid=UA-52608-71&_gid=55066865.1635318848&gtm=2wgak0NBNW4C&z=2105854056
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 10:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73459
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1065126420&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAABAAAAAE~&jid=1716036339&gjid=1502342015&cid=906521392.1635318848&tid=UA-52608-48&_gid=55066865.1635318848&gtm=2wgak0NBNW4C&z=1250564924
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 10:49:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73459
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2WM1N458VT&gtm=2oeak0&_p=1065126420&sr=1600x1200&ul=en-us&cid=906521392.1635318848&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sid=1635318847&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WM1N458VT&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1065126420&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAG~&jid=1587954702&gjid=414528992&cid=906521392.1635318848&tid=UA-52608-71&_gid=55066865.1635318848&_r=1&gtm=2ouak0&z=2121744817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1065126420&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAG~&jid=29686395&gjid=970450030&cid=906521392.1635318848&tid=UA-109002081-1&_gid=55066865.1635318848&_r=1&gtm=2ouak0&z=624873773
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1065126420&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAG~&jid=888846440&gjid=390755290&cid=906521392.1635318848&tid=UA-109002081-7&_gid=55066865.1635318848&_r=1&gtm=2ouak0&z=1502237658
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-52608-71&cid=906521392.1635318848&jid=58627192&_u=YGBAgAABAAAAAE~&z=29245
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BHJYZD7VVN&gtm=2oeak0&_p=1065126420&sr=1600x1200&ul=en-us&cid=906521392.1635318848&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sid=1635318847&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.account_status=null
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BHJYZD7VVN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
80a90f1dee3a14f7d8777c10f4ebc5e2
soundpublishing.blueconic.net/plugin/plugin/ 		178 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/plugin/plugin/80a90f1dee3a14f7d8777c10f4ebc5e2
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
650e56e74a47d42a27b8430049800ed60ccc19efe63cfe1905a55a8a1b153e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 07:14:08 GMT
server
-
etag
80a90f1dee3a14f7d8777c10f4ebc5e2
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
43258
x-xss-protection
1; mode=block
expires
Thu, 27 Oct 2022 07:14:08 GMT
cleanslate.min.css
cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cleanslate/0.10.1/cleanslate.min.css
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7909475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2379
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e28-38a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIPGWV4FPhrnvx%2BxuEQhaXHAL4A7sQplUGLxDcmESXbeklD7agTuoyLFFzm7lIMsYS7iP%2FIe9mGPjbAgwWFkLNoQSjEp7g3rUMoBXy3pjEfIeLeBqMrLloD%2BzFm6TSrcOIdIa%2Fd%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4a20306e41411f-PRG
expires
Mon, 17 Oct 2022 07:14:08 GMT
vanilla-js-carousel.css
widgets.recruitology.com/lib/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/lib/vanilla-js-carousel.css
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-2.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2bcbd6f6d23664abb09edc9db55802300eee4bf73fcbff4da59e4e55dca4a9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Fri, 06 Apr 2018 20:15:27 GMT
date
Wed, 27 Oct 2021 06:33:10 GMT
content-encoding
gzip
last-modified
Fri, 06 Apr 2018 21:01:13 GMT
server
AmazonS3
age
2459
etag
W/"6b96e2688c941559fa06c6d8f3206640"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
hrIS4uqFUvoGE8T-puz6XPg3DVA_ZTdykdK-znxn4cDm_--ycJk5Ew==
gy88xrwMrIzl7H1x2CES5jeDBMxej3.json
widgets.recruitology.com/data/ 		2 B
452 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/data/gy88xrwMrIzl7H1x2CES5jeDBMxej3.json
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/gy88xrwMrIzl7H1x2CES5jeDBMxej3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-2.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
x-cache
RefreshHit from cloudfront
content-length
2
last-modified
Sat, 23 Oct 2021 06:35:13 GMT
server
AmazonS3
etag
"d751713988987e9331980363e24189ce"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60, public
accept-ranges
bytes
x-amz-cf-id
Mm2QSEaVkQGfahK_bt1o2jxazlJvnw98nejJkFiXE2HZEwKlXZyJ0A==
expires
Wed, 27 Oct 2021 07:11:03 GMT
0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.json
widgets.recruitology.com/data/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.recruitology.com/data/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.json
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-2.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db41fa827b42b71615db50bab8259690ed3281ebd0f96c8a0af349fbbe6c3c15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
CDG52-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 27 Oct 2021 07:09:04 GMT
server
AmazonS3
etag
W/"82b973b05123bddb3fd831f84f62e4dd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 db3ff52243ec9e51c6891c82cf157770.cloudfront.net (CloudFront)
cache-control
max-age=60, public
x-amz-cf-id
zlmCVAcUf4bKuzcGFoExtJmJwXOjIR2P-z0M8pAI_SkDMcIdCYhfMA==
expires
Wed, 27 Oct 2021 07:11:03 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-52608-71&cid=906521392.1635318848&jid=1587954702&gjid=414528992&_gid=55066865.1635318848&_u=aGDAAUABAAAAAG~&z=855673322
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Oct 2021 07:14:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-109002081-1&cid=906521392.1635318848&jid=29686395&gjid=970450030&_gid=55066865.1635318848&_u=aGDAAUABAAAAAG~&z=1312583404
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Oct 2021 07:14:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-109002081-7&cid=906521392.1635318848&jid=888846440&gjid=390755290&_gid=55066865.1635318848&_u=aGDAAUABAAAAAG~&z=1713287051
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Oct 2021 07:14:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
CA8VODPCEeqrlkJwNtssXA.json
entitlements.jwplayer.com/ 		69 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/CA8VODPCEeqrlkJwNtssXA.json
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2A4) /
Resource Hash
6c25b5c0ed51665f0003fc29d4a4f1b4cc2210b67d564ba6ac9451fe38ee6e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 04:08:38 GMT
server
ECAcc (frd/E2A4)
age
11130
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=12660
accept-ranges
bytes
content-length
74
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		370 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
sffe /
Resource Hash
c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125402
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Wed, 27 Oct 2021 07:14:08 GMT
widget_app_base_1635199435031.js
cdn.userway.org/widgetapp/2021-10-25/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2021-10-25/widget_app_base_1635199435031.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.45 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2a0503318465483e29f86fcfb1d88621db8cd62bf36f3c78ee115827675e0008

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 27 Oct 2021 07:14:08 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-77-nzt-ray
OZMcIPw/DHI=
age
81
x-77-cache
HIT
x-cache
HIT
x-age
119123
content-encoding
br
x-77-nzt
AcO1rywPKXzvU9EBAA==
x-accel-expires
@1661119725
last-modified
Mon, 25 Oct 2021 22:05:18 GMT
server
CDN77-Turbo
etag
W/"6d3ee332bda54cdc67bc8892186c11b6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
XaTx90H3tyu9idR5aeAgk_LGPShXfX8zIIj_bhAONCOzcukIdtLkdA==
fontawesome-webfont.woff2
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 19 Sep 2017 19:17:53 GMT
server
NetDNA-cache/2.2
etag
"59c16d61-12d68"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
77160
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-173.cdg52.r.cloudfront.net
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
PBfT87Jypy1l_3XKxwEwol.gybzOM7El
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
400
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0M67JEF8PW0ARFTCMKHE
date
Wed, 27 Oct 2021 07:07:29 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a1e152cd91a0e624aecabbad581ffcb3.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7yO2ENajl2XNvnnKyvLXwQjB8dn3cW81kwcBaJmfjALClxHGDFpQuQ==
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldnet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=1900037293447235&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CBranded-Series-Sponsor-Custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=150x35%7C320x50&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1635318848&dt=1635318848299&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adks=309399660&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0253ce040e77b6f4a11d3902274e823840a6bf9266499269e8bc765d319d7a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15711
x-xss-protection
0
google-lineitem-id
5720081679
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138353446981
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F023 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 27 Oct 2021 07:14:08 GMT
expires
Thu, 27 Oct 2022 07:14:08 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
80.png
everett.newzware.com/newzlib/images/milky-icons/48/ 		0
0
23.png
everett.newzware.com/newzlib/images/milky-icons/48/ 		0
0
84.png
everett.newzware.com/newzlib/images/milky-icons/48/ 		0
0
26701992_web1_TSR-Ev-City-Council-EDH-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26701992_web1_TSR-Ev-City-Council-EDH-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a5aa5eca408596d6816f873ca7bf2ab1cd4c44cacc4649676defe438c6fff18c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Wed, 27 Oct 2021 02:04:31 GMT
server
NetDNA-cache/2.2
etag
"6178b3af-402db"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
262875
expires
Fri, 26 Nov 2021 02:23:03 GMT
26947254_web1_TSR-Spitters-Frederick-EDH-211027-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26947254_web1_TSR-Spitters-Frederick-EDH-211027-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cdbe9b3c8c969aa6aa467eeb4301a9c0a566df11de4d4b769438c4ebe8d40a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 20:04:32 GMT
server
NetDNA-cache/2.2
etag
"61785f50-134ec"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
79084
expires
Fri, 26 Nov 2021 02:33:14 GMT
26854500_web1_TSR-whisperingpines-edh-210825-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26854500_web1_TSR-whisperingpines-edh-210825-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
dd1a7e2a5bf329678fe11e8e0c1a3a00ac3ce68f053e221376cb5b23c3224e86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 08:32:56 GMT
server
NetDNA-cache/2.2
etag
"6177bd38-2052d"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
132397
expires
Fri, 26 Nov 2021 02:33:14 GMT
26832160_web1_TSR-Jack-Murrin-KISS-edh-102121-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26832160_web1_TSR-Jack-Murrin-KISS-edh-102121-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
6a013fd3aa1ff4bf9f213303285b43e7ec61c7eecc69be09f307f329d23fecd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 08:33:06 GMT
server
NetDNA-cache/2.2
etag
"6177bd42-217ce"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
137166
expires
Fri, 26 Nov 2021 01:50:47 GMT
26700470_web1_TSR-Gregerson-Marine-EDH-211013-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26700470_web1_TSR-Gregerson-Marine-EDH-211013-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f5966e7e2f9af57e4fe2ad14ac15753fca66c65af4639ccfb8a50b39e7a4b2f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 08:33:27 GMT
server
NetDNA-cache/2.2
etag
"6177bd57-2ca9a"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
182938
expires
Fri, 26 Nov 2021 02:33:14 GMT
26946725_web1_TSR-Hayward-EDH-211027-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26946725_web1_TSR-Hayward-EDH-211027-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0fba307933e75ca5e824d3dc85ba5ec80c0207ef87f58e3c609b01ed4a7125a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Wed, 27 Oct 2021 00:14:34 GMT
server
NetDNA-cache/2.2
etag
"617899ea-21128"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
135464
expires
Fri, 26 Nov 2021 02:33:14 GMT
26941182_web1_TSR2-SNvMNfb-edh-211022-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26941182_web1_TSR2-SNvMNfb-edh-211022-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9da6e9cda652b8e4eb1c7449df52fc22580e1c4fccccaa3b2d82323c825d3f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Mon, 25 Oct 2021 22:07:36 GMT
server
NetDNA-cache/2.2
etag
"61772aa8-1368a"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
79498
expires
Fri, 26 Nov 2021 01:50:47 GMT
26948186_web1_TSR-SeahawksGrades-211026-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26948186_web1_TSR-SeahawksGrades-211026-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7fa5724005524cb3c96104af47e774f662712d93d6d0d052c040cfb46519e4e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 03:54:47 GMT
server
NetDNA-cache/2.2
etag
"61777c07-37194"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
225684
expires
Fri, 26 Nov 2021 02:33:14 GMT
26945864_web1_TSR-BriefLynnwoodStab-EDH-211010-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26945864_web1_TSR-BriefLynnwoodStab-EDH-211010-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7a47ef42df82a89ce8c9caec612959dbc901655d66312370ee6c1a4788b65a17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 00:43:25 GMT
server
NetDNA-cache/2.2
etag
"61774f2d-27087"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
159879
expires
Fri, 26 Nov 2021 02:13:07 GMT
26870629_web1_TSR-Vincent-Cavaleri-EDH-211025-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26870629_web1_TSR-Vincent-Cavaleri-EDH-211025-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
352914e806bd73df2cb65ec59e541c44dcd1e41a56a2534487c2fbe40a2650cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Mon, 25 Oct 2021 08:35:13 GMT
server
NetDNA-cache/2.2
etag
"61766c41-1d997"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
121239
expires
Fri, 26 Nov 2021 02:13:07 GMT
20763220_web1_TSR-Patient-EDH-200204-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/20763220_web1_TSR-Patient-EDH-200204-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fa6ac12608d91ecee751159d0ba7cb891d54511088b5cd45c89685c8252300c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Mon, 25 Oct 2021 07:11:28 GMT
server
NetDNA-cache/2.2
etag
"f011d376e76fb84dc7a04b4f35719075"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
198095
expires
Fri, 26 Nov 2021 02:33:14 GMT
26950593_web1_TSR-No-Jab-EDH-211027-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26950593_web1_TSR-No-Jab-EDH-211027-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a160181417d6d07acf207c9be345b02271657606b4f3291ab4a4160f1bba3bf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 14:03:29 GMT
server
NetDNA-cache/2.2
etag
"61780ab1-22fbf"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
143295
expires
Fri, 26 Nov 2021 02:33:14 GMT
26955960_web1_TSR-Community-Sports-Roundup-EDH-211027-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26955960_web1_TSR-Community-Sports-Roundup-EDH-211027-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ddac94a280772ca795c65b8bbcd9c7107e8b0b94061ba6cb2b65fe01e3ccb652

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 22:08:44 GMT
server
NetDNA-cache/2.2
etag
"61787c6c-34541"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
214337
expires
Fri, 26 Nov 2021 02:33:14 GMT
26937237_web1_TSR-Edible-Shelf-edh-211026-1200x800.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 		189 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/26937237_web1_TSR-Edible-Shelf-edh-211026-1200x800.jpg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f3ea8a28cf1c4070dd1841d097f170ad020ce3ce498f9c611f7aeb44353a985e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Tue, 26 Oct 2021 08:31:02 GMT
server
NetDNA-cache/2.2
etag
"6177bcc6-2f4bd"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
193725
expires
Fri, 26 Nov 2021 01:50:47 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.225.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1661
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6a4a2032dbcd2784-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Sat, 30 Oct 2021 07:14:08 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1065126420&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2F&ul=en-us&de=UTF-8&dt=Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user%20status&ea=undefined&el=logged%20out&_u=aGDAAUABAAAAAG~&jid=639338625&gjid=491079951&cid=906521392.1635318848&tid=UA-52608-71&_gid=55066865.1635318848&_r=1&gtm=2wgak0NBNW4C&z=582514853
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1635318848477&sessionId=2cee3756-a046-a417-542d-a47f78b3ddf6&url=www.heraldnet.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 07:14:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c7f293c3f1ffc3a6fb78b22bb44e74db
Content-Length
4
Expires
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-52608-71&cid=906521392.1635318848&jid=1587954702&_u=aGDAAUABAAAAAG~&z=258071114
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-109002081-1&cid=906521392.1635318848&jid=29686395&_u=aGDAAUABAAAAAG~&z=1320602226
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-109002081-7&cid=906521392.1635318848&jid=888846440&_u=aGDAAUABAAAAAG~&z=733659318
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-86.cdg52.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 05:57:34 GMT
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront), 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
age
4594
x-amzn-requestid
9c325088-023a-4508-8034-2ea567970104
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, CDG52-P2
x-amz-apigw-id
H2mMUGlhiYcFseQ=
content-length
555
x-amz-cf-id
DOxTREmvt7qvG6vI7mvXWsu0IrIr_XZzK5UdkTC3YF8fIlJqyrDU9A==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-81.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
x0gR.yq1o4oS4jq28J7nG9U0MFiLgIQ.
content-encoding
gzip
etag
W/"5c1dcd62582070cb2352f625af50ce57"
last-modified
Thu, 21 Oct 2021 09:51:00 GMT
server
AmazonS3
age
76984
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 127aaaaca740f298a4c887357ec047b5.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 26 Oct 2021 09:51:04 GMT
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
m1HJf9t7nyUbL332H5kXmPK2lUqtX6Kxj4k9Fs-rMCiFRLHZ1e8-1Q==
fpi.js
ap.lijit.com/www/delivery/ Frame 2C95 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 07:14:08 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"6172624c-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap2ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-52608-71&cid=906521392.1635318848&jid=639338625&gjid=491079951&_gid=55066865.1635318848&_u=aGDAAUABAAAAAG~&z=1235596261
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 27 Oct 2021 07:14:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bb2cb2eaed230ae17e83654981387c9e
soundpublishing.blueconic.net/plugin/library/ 		322 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/plugin/library/bb2cb2eaed230ae17e83654981387c9e
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
e159c034b8ee012d4793d299da22d758b6dc98e6dbc74903958025728f4a7897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 07:14:08 GMT
server
-
etag
bb2cb2eaed230ae17e83654981387c9e
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
text/javascript; charset=utf-8
content-length
101160
x-xss-protection
1; mode=block
expires
Thu, 27 Oct 2022 07:14:08 GMT
LB-Zone-1
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423/LB-Zone-1?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=&bctempid=3881b85a-4e71-4779-b5f9-2550ff3be862&overruleReferrer=&time=2021-10-27T07%3A14%3A08%2B00%3A00&ts=1635318848558
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
8545f47cef7e0846091e60002cdbf18eadfde70979d043fe4ad638daca1f5153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
811
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=869459273124027&ev=PageView&dl=https%3A%2F%2Fwww.heraldnet.com%2F&rl=&if=false&ts=1635318848573&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1635318848572.782689251&it=1635318847653&coo=false&rqm=GET
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 27 Oct 2021 07:14:08 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1635318848594&sessionId=2cee3756-a046-a417-542d-a47f78b3ddf6&url=www.heraldnet.com&cheqSource=1&cheqEvent=2&responseTime=972
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 07:14:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8d6abda01e4f9ccdb709470ca3962cdf
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001369ebc434e24f8e959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163342775a98d5037af473abf8d3e65f53af0ccce27bb9768f3580428f175df1675ca548171b29d5493ebeb8e5aa33b03aae16a277e34f716db9dc271e62245f816e99d51ff41d2589d3f17e181d7784fd776494855f193447771713dcf6481d011bb4a61022d9bb827bc3bb046b0d5ff3e4fac9cd68b7dec05af552995f397ccbeb8ad6a762c19ebb74923009cffacf3e0404b5342eba9a0632badff2768e04fa42bb801bca4bcfc97a916c37949d23d160c3d7e9f2dee8e20b36e46af3e2ae3b5b26e8da6ac5e144e144455382545b8cd9849fc0afd6669279d3cfe0df2cba7c2b61c4366b83849f0e7f90fd66be4ded945d9579a971455d18cd3bb0409c89ee79bfc7609452a79fdbd87683550435ae105443700926feff2de5158082d675fed034aaca628bd1b8b032dbe2b411292adabf100b8ae35b144da0beb20bb828c9f856fd945ba060b2638759d508c5ed6dd51023f8bcd1337d79354159541949eeb8d23bc008f3070b1635eaf70fcd921841&cb=1635318848594&cri=vSA56E4RO6
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.16.211.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-211-97.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.486.2_en.html
imasdk.googleapis.com/js/core/ Frame 537C 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
sffe /
Resource Hash
5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.486.2_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194260
date
Fri, 22 Oct 2021 01:55:39 GMT
expires
Sat, 22 Oct 2022 01:55:39 GMT
last-modified
Wed, 20 Oct 2021 22:06:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
451109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 07:14:08 GMT
HEcDOP2vLC
api.userway.org/api/tunings/ 		721 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/HEcDOP2vLC
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-10-25/widget_app_base_1635199435031.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.84.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-84-49.us-west-2.compute.amazonaws.com
Software
_ / Express
Resource Hash
bb87d62374924dfe28b02ba1f40a403bde3cf998554147f4a98e26e91ce05f03

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
etag
W/"2d1-NWd3ICw+lBHu5EWAFaUjtFBm03A"
server
_
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
access-control-allow-headers
*
expires
Wed, 27 Oct 2021 07:14:09 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldnet.com%2F&pubid=f4e5f220-2efc-45a1-869f-0b293f8aec73
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-173.cdg52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 05:57:39 GMT
via
1.1 a1e152cd91a0e624aecabbad581ffcb3.cloudfront.net (CloudFront)
server
Server
age
4589
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldnet.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
vno_o7fzXABE0ejvM1bCVY2oO7ZeoWNmKVqeB-GRrRnzS3o6FkQZxA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heraldnet.com%2F&pid=G3nPfougEXVUR&cb=0&ws=1600x1200&v=7.69.01&t=3000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit3%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit5%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit7%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit9%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit11%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit13%22%7D%5D&pubid=f4e5f220-2efc-45a1-869f-0b293f8aec73&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-173.cdg52.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
via
1.1 a1e152cd91a0e624aecabbad581ffcb3.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CDG52-P2
x-amz-rid
MC3KHTTZJ0J2YQTZN4D0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
4vtDB2Sm_eGdgxL_kzESbTDz88XYFOKzQfuoSpYQJkAzJG3yhSKw1Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.173 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-173.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14398
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Wed, 27 Oct 2021 03:14:11 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
6KUHJwQI7SHX7yCMhDxb6qoppcKh0DqVURgYialZZw_7f4wy88bFhg==
/
api.recruitology.com/job_board/widget/impression/create/209/ 		81 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.recruitology.com/job_board/widget/impression/create/209/?beacon_hash_ids=54vp1kte5mpn583r1oe01yw8rxmbjw,7v2pu76yr9cndpkr2uhe15k6yybtp5,8y8xt7gb286ddiw12oh016mpltkcww,o0vlgfk8d9lan01fs5omw1fp4g9cgz,n0g0gqwjros6sssnsu48pcj1h97ub8,spwqvtmbso7nqwsbr5rwwj5xr3aq4m,ei47vb3zbmrd8yh03iu27ti4i1yk3o,r9nhmvy94ptffuiw914eropldpiecy,im9pfwywpwpcgvwju0ynk2nx8vp8ko,1vf13v88l48onc8qclume5rjvehd9k,uviyv1abgdfqr3e5fbicsn8xb42ph8,3g34m7go44wx3nw49y7t3ewrx3g94h&callback=onLogImpressionComplete&t=1635318848756
Requested by
Host: widgets.recruitology.com
URL: https://widgets.recruitology.com/scripts/0zg3YnoJe0vtk7T16uIOMCEVBt9MSB.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.123.47 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.123.117.34.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
273d22ce359bf67fbe85bd22bb549e162a7096f735566b62b96714afd0fca7dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
via
1.1 google
referrer-policy
same-origin
server
Apache/2.4.38 (Debian)
allow
GET, OPTIONS, POST
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
vary
Origin,Cookie
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
81
x-content-type-options
nosniff
sync
ap.lijit.com/ Frame 2C95 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
c0b12bc3340ce49b4de1dbb12a05a3b4e5c4709b60e36ce158a8a0be9e6b7680

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Oct 2021 07:04:47 GMT
Server
nginx
ETag
W/"6172628f-13713"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap2ams1
Expires
Thu, 28 Oct 2021 07:14:08 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-52608-71&cid=906521392.1635318848&jid=639338625&_u=aGDAAUABAAAAAG~&z=44291245
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid_FtSDHt.js
b2cdn.automatad.com/js/ 		189 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/js/prebid_FtSDHt.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/FtSDHt/afihbs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8e1bb1c289d14c266e529528cd6e0d5c42562d92a1b946cd45cfc9a6e1a93869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
br
x-openstack-request-id
tx9b2386b9cc54494580965-006170cda8
cdn-edgestorageid
756
access-control-allow-origin
*
x-iplb-instance
28796
cdn-cachedat
10/21/2021 16:57:02
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
tx9b2386b9cc54494580965-006170cda8
server
BunnyCDN-DE1-756
x-timestamp
1634782571.98377
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Thu, 21 Oct 2021 02:16:12 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
x-iplb-request-id
B95D01F1:7DEB_8E2CE366:01BB_6170CDA1_1B1E2E9C:078C
vary
Accept-Encoding
x-object-meta-mtime
1618859453.686346352
cdn-cache
HIT
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
d94df9ac3948030fd8cd0248520fdc91
content-type
application/javascript
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
sizzle.min.js
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js
Requested by
Host: go.automatad.com
URL: https://go.automatad.com/geo/FtSDHt/afihbs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
564443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6679
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd4-4dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P68zLTV%2Bcio9%2FujM1VxuIwUinHnMZhBupaZz99BxqYL5qZmnPFpgjG8lv1i36eilf71ztbHqcKr1aArydK4POjdRoOwlGn9fJhkgbOHfP5BbsniWUK1O4BH70K4LmyP2GOsMB64z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4a20355a3d4138-PRG
expires
Mon, 17 Oct 2022 07:14:08 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-86.cdg52.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 05:57:34 GMT
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront), 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
age
4594
x-amzn-requestid
9c325088-023a-4508-8034-2ea567970104
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, CDG52-P2
x-amz-apigw-id
H2mMUGlhiYcFseQ=
content-length
555
x-amz-cf-id
anXby5C4zs7JAmSFQ8ZjYIXUzXcBq0FU6fK88a_MKPkb0cx9fWJC0A==
cs
soundpublishing.blueconic.net/DG/DEFAULT/ 		66 B
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/cs?bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&&callback=bc_json424
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
783048db23c8424fd550465ab8f4ea3556106dbd1e2338e7a0303d7819576d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
content-type
text/javascript; charset=utf-8
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
notificationBar.css
plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/ 		2 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
Requested by
Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/plugin/80a90f1dee3a14f7d8777c10f4ebc5e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-12.cdg52.r.cloudfront.net
Software
- /
Resource Hash
d925db65ec1961756427ffaa480d32f5413d5edc49503d5ae7987aed8782e7f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 15:49:27 GMT
content-encoding
gzip
age
833082
x-cache
Hit from cloudfront
content-length
581
access-control-allow-origin
*
last-modified
Mon, 19 Jul 2021 06:37:57 GMT
server
-
etag
"7b4-5c7742d8457d8-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
x-amz-cf-id
nInz_oLbdu9dAICy1J-FqE5h6JNp2Y7isbyxbZcbvXUcfZOgKUEJMw==
expires
Tue, 16 Nov 2021 15:49:27 GMT
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		246 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A08%2B00%3A00&ts=1635318848916
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
c6cacd17c6bf8a665a018dc0eb89d4684953c4a145800b0c0756e25d6975c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
187
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A08%2B00%3A00&ts=1635318848957
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
8c23d14fe9c6f1796ac06ab13fdd2069afa881f403ce8276ddbda91adce6db74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
719
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/plugin/80a90f1dee3a14f7d8777c10f4ebc5e2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
3a89054ff8695f3eae2c3531420c1b311f21695395a4b1ede7a5639d41c60f9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fn36v8LxdyU/xO1s95W+WA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
APOKQaqLavv4UNeFpEiQEO6hVzVL5yzyzQwLrLuhCMD3P5J2YEEp4B6La8rhuBM6zTVSSDLAE8lJheaL7JY+Mw==
x-fb-content-md5
b1b779b8847b132a419476a8eb5f9366
x-frame-options
DENY
date
Wed, 27 Oct 2021 07:14:08 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"61f7f34d1775f4a7278aab067aa028f4"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Oct 2021 07:21:22 GMT
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		279 B
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A08%2B00%3A00&ts=1635318848966
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
a7844adc1f5ad550bf533fd8d78936561757277b5a251693b04a82ee4eab30b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
154
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
apple.png
soundpublishing.blueconic.net/rest/dialogues/files/fbe8d9ff-0ca0-40ef-902b-fe10b7960358/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soundpublishing.blueconic.net/rest/dialogues/files/fbe8d9ff-0ca0-40ef-902b-fe10b7960358/apple.png
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
8978af83932f00e4bbfc0178c836ae53412980ecaa342de711b23231688f247c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 07:14:09 GMT
server
-
etag
8671157980441baba019806c37204503
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
image/png
content-length
9489
x-xss-protection
1; mode=block
expires
Thu, 27 Oct 2022 07:14:09 GMT
googleplay_new.png
soundpublishing.blueconic.net/rest/dialogues/files/3bce2b30-ffd7-45d7-ae9a-1946ad9d563e/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://soundpublishing.blueconic.net/rest/dialogues/files/3bce2b30-ffd7-45d7-ae9a-1946ad9d563e/googleplay_new.png
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
02c4806479af1a141f4a5f56022dbd2d966ec657afb42987da8cb9ab6dd9a2e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 07:14:09 GMT
server
-
etag
69256e2ed8d778e2d6bc46482241c16c
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
x-permitted-cross-domain-policies
master-only
cache-control
public, no-cache="Set-Cookie", max-age=31536000
content-type
image/png
content-length
9283
x-xss-protection
1; mode=block
expires
Thu, 27 Oct 2022 07:14:09 GMT
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		140 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A08%2B00%3A00&ts=1635318848968
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
ce706c89e2e86ef54cc77afb77672f911822f73cbb9d7822415cb60873157703
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
145
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		140 B
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A08%2B00%3A00&ts=1635318848968
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
3fed279680a00e501f736327199b2f3c6c0490c8a46772f3dce46bc3ad52f6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
145
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
adcfg
ap.lijit.com/ Frame 2C95 		158 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=658444&tid=ace60b12d83847189176307c9627a891ab556a02&mode=1&dmn=www.heraldnet.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
0e06b5d278d6804234403dd065277a68bef31bb1a30fe421a9b55790f86eb3d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
145
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		35 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A08%2B00%3A00&ts=1635318848998
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
9149bab1457f6379ba9320b797c932a24b802ad44c36217d945632c33635d87a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
2067
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=869459273124027&ev=Microdata&dl=https%3A%2F%2Fwww.heraldnet.com%2F&rl=&if=false&ts=1635318849081&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com%22%2C%22meta%3Adescription%22%3A%22News%20of%20Everett%2C%20Marysville%2C%20Edmonds%2C%20Lynnwood%2C%20Lake%20Stevens%2C%20Mukilteo%2C%20Arlington%2C%20Monroe%2C%20Bothell%20and%20all%20of%20Snohomish%20County%2C%20Washington.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22The%20Daily%20Herald%22%2C%22og%3Adescription%22%3A%22Everett%20and%20Snohomish%20County%20news%20from%20The%20Herald%20%7C%20HeraldNet.com%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.heraldnet.com%2F%22%2C%22og%3Asite_name%22%3A%22HeraldNet.com%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fheraldnet.wpengine.com%2Fwp-content%2Fuploads%2F2016%2F06%2FHeraldNet.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldnet.com%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.heraldnet.com%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1635318848572.782689251&it=1635318847653&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 27 Oct 2021 07:14:09 GMT
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js
Requested by
Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/library/bb2cb2eaed230ae17e83654981387c9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3163728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6929
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5f38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oCehCUDNSjwq92nbr%2FM0i3YNzvV6Y1DKdgD8WTsSXBhp%2BIbLG84%2BJwg6WsFV2SqGTktpQoTzNO8vKRmF18adJq8dqCq%2FFIn8ffmWRwa9qYyWByk8gVwYpctkqiMQMo3raWNRIki"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a4a2036f9aff9ce-PRG
expires
Mon, 17 Oct 2022 07:14:09 GMT
form-validation.js
www.heraldnet.com/js/ 		548 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldnet.com/js/form-validation.js
Requested by
Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/library/bb2cb2eaed230ae17e83654981387c9e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.41.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
198.41.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
spi-adslots=%5B%22f4e5f220-2efc-45a1-869f-0b293f8aec73%22%2C%201036994%2C%20%5B%5B1%2C%20%22%5B970%2C%2090%5D%22%5D%2C%20%5B3%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%20%5B320%2C%2050%5D%22%5D%2C%20%5B5%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B7%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B9%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B11%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B13%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%5D%5D; spi-check=0; nwssmcookie=ssm; bc_tstgrp=2; nwcompname=77vWsWVb; _ml_id=250a8d04d6665f23.1635318848.1.1635318848.1635318848; _ml_ses=*; _gid=GA1.2.55066865.1635318848; _dc_gtm_UA-52608-71=1; _dc_gtm_UA-52608-48=1; _ga_2WM1N458VT=GS1.1.1635318847.1.0.1635318847.0; _gat_gtag_UA_52608_71=1; _gat_gtag_UA_109002081_1=1; _gat_gtag_UA_109002081_7=1; _ga_BHJYZD7VVN=GS1.1.1635318847.1.0.1635318847.0; _ga=GA1.2.906521392.1635318848; _gat_UA-52608-71=1; __gads=ID=d65f3eb2b0a90907-229b378101cb006f:T=1635318848:S=ALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q; _fbp=fb.1.1635318848572.782689251; BCSessionID=3881b85a-4e71-4779-b5f9-2550ff3be862
:path
/js/form-validation.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.heraldnet.com
referer
https://www.heraldnet.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.heraldnet.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding Accept-Encoding
content-type
text/html
CloseIconNotificationBar.png
plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/images/CloseIconNotificationBar.png
Requested by
Host: plugins.blueconic.net
URL: https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-12.cdg52.r.cloudfront.net
Software
- /
Resource Hash
c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plugins.blueconic.net/dialogue_notification_bar/1.3.3/frontend/src/css/notificationBar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:00:33 GMT
via
1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 06:37:57 GMT
server
-
age
2128416
etag
"6ed-5c7742d8401e8"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-length
1773
x-amz-cf-id
uBwbRExQPg_FTGGJRgG-aGA722JttjOfZ31YEzKHqzDlKcH9GGIY0A==
expires
Mon, 01 Nov 2021 16:00:33 GMT
addelivery
ap.lijit.com/ Frame 2C95 		261 B
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=658444&tid=m_658444_3a5365093d1c4227ad45acf69684958f&cb=undefined&mode=1&ifr=true&od=www.heraldnet.com&time=07%3A14%3A09&fd=1&be=cr&loc=https%3A%2F%2Fwww.heraldnet.com%2F&orig_loc=https%3A%2F%2Fwww.heraldnet.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=m_658444_3a5365093d1c4227ad45acf69684958f&iv=ov
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
6c3700437243f2994cfb61b6423b99d71ce8b73741d123e06cf1c675ab311e24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
212
sdk.js
connect.facebook.net/en_US/ 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4a02a461499aace860af2f7481816828
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
e085fe123de003b0fe2b4fa981ce75e81734d7f50fb8c21462420d92e89b8a7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.heraldnet.com/
Origin
https://www.heraldnet.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
58JQRMhssh8WD7N/UOaNsA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78009
x-fb-rlafr
0
x-fb-debug
C6fIngeueWEAIEQf+dww0OuFZvq5sDeSN3CkOCayqWQDrsQU+Mr1zk2I9fLbbiO1QF2IrXMZPn0/qeK2q5afAA==
x-fb-content-md5
12a38580cc7d926259626a114f52f023
x-frame-options
DENY
date
Wed, 27 Oct 2021 07:14:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c4e5f012c61534f88d8030ce72c084ad"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 27 Oct 2022 06:04:43 GMT
beacon
gslbeacon.lijit.com/ Frame AB4B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gslbeacon.lijit.com/beacon?viewId=m_658444_3a5365093d1c4227ad45acf69684958f&rand=3388&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2F&v=1.2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
gslbeacon.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.heraldnet.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/

Response headers

Server
nginx
Date
Wed, 27 Oct 2021 07:14:09 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3ams1
containertag
ap.lijit.com/ Frame 2C95 		39 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=658444&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
8ffe5386c21a1708f78f2ece358833eb88c56f96719b703ff3349e8042bdb5ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 07:14:09 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap2ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap2ams1.lijit.com/addelivery/ Frame 2C95 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap2ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=658444&tid=m_658444_3a5365093d1c4227ad45acf69684958f
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 07:14:09 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap2ams1.lijit.com/data/ Frame 2C95 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap2ams1.lijit.com/data/fp?tid=m_658444_3a5365093d1c4227ad45acf69684958f&zoneid=658444&starttime=1635318848970&adcfg=3&adcfg_response=298&addelivery=301&addelivery_response=328&lgfired=329&beacon=331&container=332&EOL=332&ctstart=0&elapsed_ms=332
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:09 GMT
Server
nginx
X-Sovrn-Pod
ad_ap2ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1458930781088413&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.heraldnet.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4a02a461499aace860af2f7481816828
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com *;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *;worker-src blob: *.facebook.com data: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
rollout
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
M2l7J2ScYYl32CKF+aJN5LiCFwcb1dEOzVx9FLUecFYQHipHgcZEegobd9iqCrXRwKgvLhaDM5I9+Ln0pFpseg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Wed, 27 Oct 2021 07:14:09 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame 2C95 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=heraldnet.com&GDPR_v2=&pubid=soundpub
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Oct 2021 07:14:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Wed, 27 Oct 2021 07:14:09 GMT
ct
ap.lijit.com/data/ Frame 2C95 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=m_658444_3a5365093d1c4227ad45acf69684958f&zoneid=658444&cid=18&geo=DE&all_tags=185%2C203%2C205%2C248%2C458%2C462%2C465%2C490%2C515%2C561%2C563%2C565%2C589%2C590%2C600%2C604&tss=42&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32%2C8&elapsed_ms=43
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:09 GMT
Server
nginx
X-Sovrn-Pod
ad_ap2ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
423
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 		190 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/423?referer=https%3A%2F%2Fwww.heraldnet.com%2F&bcsessionid=3881b85a-4e71-4779-b5f9-2550ff3be862&bctempid=&overruleReferrer=&time=2021-10-27T07%3A14%3A09%2B00%3A00&ts=1635318849492
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.243.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-243-234.compute-1.amazonaws.com
Software
- /
Resource Hash
aa99e010d16269db3e8de1440b7f4e093833596884a9fcda07c0e07e6f3e6a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-robots-tag
noindex, nofollow
p3p
policyref="", CP="DSP"
access-control-allow-origin
https://www.heraldnet.com
x-permitted-cross-domain-policies
master-only
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
152
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.45 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 27 Oct 2021 07:14:09 GMT
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-77-nzt-ray
5Y8ryx+5xHE=
age
48
x-edge-origin-shield-skipped
0
x-cache
HIT
x-age
2255265
content-encoding
br
x-77-nzt
AcO1rywoC7PvoWkiAA==
x-accel-expires
@1658983584
last-modified
Thu, 30 Sep 2021 16:45:19 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache
HIT
content-type
image/svg+xml
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7HZZvePIj9KrPDNiq1mRQizBO4L0n49vWYa8WihUqi48Pz1X2dcUnQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.45 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 27 Oct 2021 07:14:09 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
x-77-nzt-ray
ECouAOwWkQ0=
age
47
x-77-cache
HIT
x-edge-origin-shield-skipped
0
x-cache
HIT
x-age
2255266
content-encoding
br
x-77-nzt
AcO1ryxldJvvomkiAA==
x-accel-expires
@1658983583
last-modified
Thu, 30 Sep 2021 16:45:19 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
M07nhJhbyyD19edIIqjgBybCprTJO48n8oMB1xztGCg1QRdlWdxVlA==
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldnet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Cadunit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x250&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849885&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=106&adks=406828873&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x0&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
485d98089094d66dc2a94c613634dbaa32b2ccb71a0559c77e5ac6418f4896f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9140
x-xss-protection
0
google-lineitem-id
5819815116
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138368913851
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CadUnit1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849894&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=768&adks=3525437857&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5f0202cc4798039c0cf48486d46cdb1da093848a0a38d402e39b38169a387119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18049
x-xss-protection
0
google-lineitem-id
5811242046
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138367617717
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CadUnit3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849898&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=1177&adks=3954675714&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d4af35a532b02bf7436bc5bf8ec4851bf76216fce667c8a04ea4f426eebdf192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8241
x-xss-protection
0
google-lineitem-id
5803059791
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365995415
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CadUnit5&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849903&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=5877&adks=690361786&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2666a346f4b8175f6cb9a5b06e248f1c8c9473a9003afb8f7ff4fdae4b7ef365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9064
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CadUnit7&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849909&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=6576&adks=3685906942&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
33bac1851cf75041c580bc070b92e8b1e3f173d0450673e6dac6affb2c444774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17616
x-xss-protection
0
google-lineitem-id
5811242046
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138367618422
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CadUnit9&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849913&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=7154&adks=3180623369&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
984d864b33856ff1937e77b0e62af84ff282ac7512f99e3a2d0b9be469f8fc04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8268
x-xss-protection
0
google-lineitem-id
5803059791
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365994746
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CadUnit11&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x30&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849917&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=8085&adks=2666933970&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1024x0&msz=970x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9d235b08f225b6a4685fc451c89179af5711960b0bc39fcfe01bac6e3cb99094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8286
x-xss-protection
0
google-lineitem-id
5803059791
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365994860
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		426 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=280x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849920&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=8489&adks=896601501&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=341x0&msz=280x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c6375d149e2f60f435371ab247933519cd25fdd01ceeda0e361be780632b7c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
216
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		426 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=280x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849923&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=8489&adks=2495933709&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=341x0&msz=280x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
207acf9f9cb5022b653eb9f5e3508046867f5037efae00daddaf8237813eb5d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
219
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		423 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849926&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=8489&adks=1197313410&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x0&msz=120x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
096b960aa097c76c2ab8c937405becd31d74a1a0ed2b278536bd4dab535d26bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
214
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		423 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Cadunit100&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x100&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849929&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=1156&adys=8489&adks=273575670&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x0&msz=120x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2e58901b1bae713d768a687074cef2a6d9aa336023ab73d241902ee8d193beca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
214
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		426 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Cadunit101&enc_prev_ius=%2F0%2F1&prev_iu_szs=500x200&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849932&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=2917&adks=1428158900&ucis=d&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=597x0&msz=500x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
66326995d0e9795824ef40c745748ca0b2c9f60a2c11f213739754ee9fb49f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
218
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Cadunit32&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849939&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=986&adys=5394&adks=151416267&ucis=e&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=341x0&msz=300x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7931b48410f48f3a7e9b350d100a3b15d3fb75c07875b8e2b9712338386adf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17195
x-xss-protection
0
google-lineitem-id
5811242046
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138367618617
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		436 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2Chome-video-support&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x50&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849943&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adxs=900&adys=3428&adks=3817026097&ucis=f&ifi=15&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=426x0&msz=300x15&psts=AGkb-H_w6R3hpAMiRjc5LOe8J_bll-8O-mPIWY_5rzkJ4If_L2oOo4fAb-JyZMjsn7YrP3HQfpLzI9C742GoG5QDwkcNBCohrqNT&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=132&ohw=1600&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2c67a8058ca73336616854e60cb23deff7312fe1b690c1cd973b3d4b3432903e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
219
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3425084356530701&correlator=2626914752000948&output=ldjh&impl=fif&eid=31063272%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1036994%2CBranded-Series-Sponsor-Custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=150x35%7C320x50&ris=2&rcs=1&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dros%252Chome&cookie=ID%3Dd65f3eb2b0a90907-229b378101cb006f%3AT%3D1635318848%3AS%3DALNI_Mbr2xRUg_iSugtuVDrpLA3b2xWv7Q&bc=31&abxe=1&lmt=1635318849&dt=1635318849946&dlt=1635318847049&idt=678&frm=20&biw=1600&bih=1200&oid=2&adks=309399660&ucis=1&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.heraldnet.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=906521392.1635318848&ga_sid=1635318848&ga_hid=1065126420&ga_fc=true&ga_cid=55066865.1635318848&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
c1eb227a4851c4ea73da2e198a2a89135ae2c72126d16bb1e6e15e1af85574eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15215
x-xss-protection
0
google-lineitem-id
5720081679
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138353446981
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldnet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1DA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.heraldnet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 27 Oct 2021 07:14:08 GMT
expires
Thu, 27 Oct 2022 07:14:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 1DA6 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: 3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
URL: https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 07:09:07 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1DA6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
URL: https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 18:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 18:57:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DA6 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
URL: https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635161763799786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Oct 2021 07:14:10 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 1DA6 		109 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
URL: https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com/
Origin
https://3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 12:32:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 12:32:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1DA6 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1vX6G2SuwT1wJCS4_jeYifXVCiZwlGIOjqBnm1DuU384Tg2VlCoT8_VCM7vqY9FVKIECCXIZNPuImhKd16ft_aY_ZMEWyugIwQV1qqiwbZegvAFQVcYzWmjsMsDGRwXs2iYg4oYcqCDfMHMos6updAAZfW7MclhBLlXqYZO3olrXMSwJyAYowpp3JQ9zcNjojYH4NBjZjbtROcYIO2XAAawBrH9VQmDPTASHx_52iPYOBPcz8LdxXEqXyfLtDhWhZgrqvEOE_DJjZkjNS5UVgqYgTzQdUyHM4hFqaQOXwXZwdlmHg&sig=Cg0ArKJSzDcwfK_tscCwEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 07:14:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 27 Oct 2021 07:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 07:09:07 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Nov 2021 07:13:12 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHzoneacIjurkc6ZmkmM5nAnKLGMj758uIULzzE0uhv09RfR6KYW1ghL2hdLEr3S1Gi4vRFznzFhwJEMBYC6sl2x49hQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 27 Oct 2021 07:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1635161763799786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Oct 2021 07:14:10 GMT
394953720081819842
tpc.googlesyndication.com/simgad/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/394953720081819842
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
22ba87261bdbd0c52f0dc751d85a4fe66346c083deb86d30b33f17c7bcf7c473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 05:35:22 GMT
x-content-type-options
nosniff
age
437928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28234
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 18:47:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Oct 2022 05:35:22 GMT
truncated
/ 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc5108255e5e2870da721d8cc2e602ff9c189326ed0c2a88bd1a0f21a5c85f34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHfbJVQSh_p6EAQiZCgl7Z9IER4v25iCrKjjyGuQCuoxqPnOK9UYSTilbWWjOWmXh7MmcWIZ-KzaGC-ChN10dftnr04pHSdV24h45GoW_q5mvVU9S8BRLgR9rEi4iMRiQ5x_ur2jDKryFqkEwmWhILavBKHmhGk4CTak2NJ9TgHR1gNWO_qO_vxfa5krppaYMxBwGx8fQuyy3n5DE2AwjXeLxzfl_rMxtj6iBExnPs4lPa_1Bhx5mzEuQPNcZRHCSCG5EsspZb50vXDDMEuohWSQOAmr_heaYFDfp-er1nAVQtHyPmQr0&sig=Cg0ArKJSzGmzbcWZDIEgEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Oct 2021 07:14:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 27 Oct 2021 07:14:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5UVWJeJKgJ08Z5GbErVZHOY2oZtxVhgoLUXw_uoECXfbAXvFO1j3CWqWEM5sLpXUXv-hmNNMQECleBATu5soIaE2Ap2Z4MFMjWW3lieYHV14EOZ57&sig=Cg0ArKJSzHovRJo0FtCTEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3525437857&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635318845419&rpt=5140&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Oct 2021 07:14:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.heraldnet.com%2F/DESKTOP/WIDGET_OFF/ 		77 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.heraldnet.com%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2021-10-25/widget_app_base_1635199435031.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.242.84.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-242-84-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 07:14:14 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-ea8502ed
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&f_privb=0&tid=0392c97c-17bc-4753-81fa-bd0000378983&pid=eee9bb90-43a1-4c43-8b22-e4d5812dab0d&dtm=1635318857781&qnm=_matherq&visible=1&tabid=ac7ec07e-c080-4d1e-87c8-49dd5a605ba6&url=https%3A%2F%2Fwww.heraldnet.com%2F&vp=1600x1200&ds=1600x1200&tofa=1635318848&vid=1&lvidt=1635318848&duid=250a8d04d6665f23&fp=560948675&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYzNTMxODg0NTQxOSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMS45bWIiLCJoZWFwVCI6IjE0LjNtYiIsImZzdFBhaW50IjoiMzAwMCIsImZldGNoUyI6IjExNDEiLCJkb21haW5TIjoiMTE0MiIsImRvbWFpbkUiOiIxMTQyIiwiY29ublMiOiIxMTQyIiwiY29ubkUiOiIxNDc0Iiwic3NsUyI6IjEyNTEiLCJyZXF1UyI6IjE0NzQiLCJyZXNwUyI6IjE2MjciLCJyZXNwRSI6IjE3MzYiLCJkb21Mb2FkIjoiMTYzMCIsImRvbUludGVyIjoiMjg0NSIsImRvbUxvYWRTIjoiMjg4NyIsImRvbUxvYWRFIjoiMjk0NSJ9fQ
Requested by
Host: www.heraldnet.com
URL: https://www.heraldnet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.53.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-53-99.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heraldnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 07:14:17 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 27 Oct 2021 07:14:19 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldnet.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 27 Oct 2021 07:14:19 GMT
content-length
0
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
everettweb.newzware.com
URL
https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css
Domain
everett.newzware.com
URL
https://everett.newzware.com/newzlib/images/milky-icons/48/80.png
Domain
everett.newzware.com
URL
https://everett.newzware.com/newzlib/images/milky-icons/48/23.png
Domain
everett.newzware.com
URL
https://everett.newzware.com/newzlib/images/milky-icons/48/84.png
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwJt9kxiN_th7lEyICjnuaZ8dSaptWXFimby8OKqk3iwsbEV0yAfqGCvf3iwc4qncno5MwYISK1WIBUrJsn4YSZOSLLh-RQiD3T2SjgZ2ZexWNz8w1&sig=Cg0ArKJSzP8A0OIRMiHxEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211025&bin=7&avms=ns&bs=0,0&mc=0&if=1&app=0&itpl=30&adk=406828873&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=2&r=u&rst=1635318850060&wmsd=1

Verdicts & Comments Add Verdict or Comment

587 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| php_vars number| nwviewportwidth number| nwviewportheight string| nwSite string| nwPubDate string| nwProtocol string| nwServer string| nwEdition string| nwUserCkSubscripDays number| nwuserCkDefaultDays string| nwContentId string| nwECopyAccess string| nwDayPassAccess string| nwMeterAccess string| nwMustRegister string| nwMeterThreshold number| nwMeterDefaultDays string| nwContentCallback string| nwIllegalChars number| nwPasswordLength string| nwDoNonSubCheck string| nwSkipConfirmation string| nwTheme string| uiVersion string| nwLabelColor string| nwInputFontSize string| nwInputFontColor string| nwFacebook string| nwGoogle string| nwDialogWidth string| nwDialogHeading string| nwECopy string| nwDayPass string| nwTerm string| nwWelcome string| nwMeterUsed string| nwLoginIcon string| nwLoginInstruct string| nwLoginIdLabel string| nwPasswordLabel string| nwButtonLogin string| nwButtonCancel string| nwButtonRegister string| nwInvalidLogin string| nwNoValidSubscrip string| nwInsufficientFunds string| nwForgotPasswordLinkText string| nwPurchaseOptionsHeading string| nwDayPassHeading string| nwECopyHeading string| nwTermSubscripHeading string| nwDayPassBuyButtonText string| nwECopyBuyButtonText string| nwTermSubscripBuyButtonText string| nwCancelButtonText string| nwDayPassIconURL string| nwTermIconURL string| nwECopyIconURL string| nwTermBuyIconURL string| nwDayPassBuyIconURL string| nwECopyBuyIconURL string| nwPublicTerminalText string| nwRegistrationHeading string| nwNonSubRegistrationHeading string| nwAccountFieldText string| nwLastNameFieldText string| nwFirstNameFieldText string| nwEmailFieldText string| nwEmailConfirmFieldText string| nwUserNameFieldText string| nwPasswordFieldText string| nwConfirmPasswordFieldText string| nwRegisterButtonText string| nwUserRegistrationText string| nwUserChoiceSub string| nwUserChoiceNonSub string| nwRegistrationIconURL string| nwRegAuthButton string| nwConfirmButton string| nwECopyConfirmButton string| nwConfirmCancelButton string| nwConfirmUpdateButton string| nwPurchaseConfirmHeading string| nwECopyPurchaseConfirmHeading string| nwEPassRatesHeading string| nwLabelSunday string| nwLabelMonday string| nwLabelTuesday string| nwLabelWednesday string| nwLabelThursday string| nwLabelFriday string| nwLabelSaturday string| nwECopyCreditAmts string| nwConfirmSaleText string| nwECopyConfirmSaleText string| nwRegisteredMessage string| nwRegisteredAuthorized string| nwNonSubAccountFound string| nwNonSubAccountFail string| nwAlertText string| nwMessageText string| nwMeterUpMessage string| nwIsTeaserBlock string| nwTeaserId string| nwRegisteringMessage string| nwContentWidth string| nwLabelStyle string| nwPublicTerminalTextStyle string| nwHeadingStyle string| nwLogoutMessage string| nwLogoutID string| nwFloatLogout string| nwLogoutText string| nwLogoutStyle string| nwLogoutDivStyle string| nwLogoutDivHTML string| nwNoLogoutMessage number| nwReauthTimeMin string| nwLogAdvDivContent string| nwLogAdvStyle boolean| nwInitLogin string| nwLowerCaseMessage number| nwDefaultPurchasePanel string| nwTwitter string| nwInvalidAccount string| nwFacebookJS string| nwFacebookAPIKey string| nwFacebookInitialize string| nwFacebookLoginInstruction string| nwRegisterWithFacebookButton string| nwLoginWithFacebookButton string| nwDeleteAllOnLogout string| nwShowAccountManageButton string| nwAccountManageButton string| nwCookieDomain string| nwNonSubRegistrationPanelChecked string| nwSubRegistrationPanelChecked string| nwDebug string| nwMobileButtonWidth string| nwAfterLogin string| nwNoShowOptionsAfterLogin string| nwAfterLogout boolean| nwIsLoggedIn string| nwLoggedInAndAuthorizedCallback string| nwAfterRegistrationCallback string| nwCustomRegistrationPanel string| nwCustomPurchasePanel string| nwCustomLoginTable string| nwNoSubscriptionSelectedMessage function| newzware_offerClicked function| newzware_afterRegistration function| newzware_getWebLogin boolean| nwResizable string| nwShowLogout string| nwSSO string| nwShowMeterMessage string| nwMeterBoxHTML string| nwUseJQueryInputStyle string| nwUseInputStyle object| nwInputJQueryStyle object| nwInputStyle string| nwUseMainDivStyle object| nwMainDivStyle string| nwAppId number| nwMeterBoxOpenThreshold string| nwJQueryEffect string| nwLoadThemeSeparate string| nwJQueryDialogClass string| nwVerifyEmail string| nwValidateEmailMessage string| nwForceEmailAsUserName number| nwMeterBoxSlideBoxWidth boolean| nwNoActionOnInit string| nwShowLoginCallback string| nwShowRegistrationCallback string| nwShowPurchaseCallback string| nwMeterLimitReachedCallback boolean| nwMeterExpireEndOfMonth string| nwPromoCk string| nwFacebookInvalidMessage object| nw_exdate string| nwParams object| urlParams object| nwRPage function| newzware_redirectToRPage function| newzware_doLogoutRedirect function| newzware_autoRedirect object| _0x7a9c number| nwNetworkType function| newzware_v function| newzware_vc string| nwAuthURL string| nwWebLoginURL string| nwForgotURL string| nwForgotAcctURL string| nwCCCheckURL string| nwNonSubCheckURL string| nwCreateGenURL string| nwCreateSubURL string| nwValidateSubURL string| nwDayPassURL string| nwVariableURL string| nwSSMURL string| nwSSMLoginURL string| nwMeterURL string| nwLogoutURL string| nwPulseURL string| nwCurrURL string| nwAuthCk string| nwUserCk string| nwUserLgCk string| nwUserSecCk string| nwMeterCk string| nwVariable string| nwCompName string| nwCookiesDisabledURL string| nwPrRateIdCk string| nwAlert1 string| nwAlert2 string| nwHighlight1 string| nwHighlight2 string| nwMainHTML string| nwLoginAdditionalText string| nwRegistrationOptionBuff string| nwRegistrationOptionsPanel string| nwLoginTable string| nwTermOption string| nwECopyOption string| nwDayPassOption string| nwPurchasePanel string| nwRegistrationPanel string| nwAuthorizePanel string| nwConfirmPanel string| nwEOptionBuff object| nwECopyArr number| gg string| nwECopyPanel function| $ function| jQuery function| DP_jQuery_1635318847163 function| nwJQuery object| _0xc507 object| todayDate string| newzwareFilesAdded string| nwNetwork boolean| nwSSOTried boolean| nwMeterDone function| newzware_loadTheme function| newzware_epassInit function| newzware_isAuthorized function| newzware_checkPulse function| newzware_start function| newzware_login function| newzware_purchaseCancelled function| newzware_loginCancelled function| newzware_isMainVisible function| newzware_showProcessing function| newzware_doLogin function| newzware_registrationAuthorize function| newzware_nwtrim function| newzware_authorization function| newzware_parseDate function| newzware_getUH function| newzware_createMainPanel function| newzware_createLoginPanel function| newzware_createPurchasePanel function| newzware_createRegistrationPanel function| newzware_facebookLogin function| newzware_doFacebookSubRegistration function| newzware_facebookInit function| newzware_createRegistrationOptionsPanel function| newzware_createAuthorizePanel function| newzware_createConfirmPanel function| newzware_createECopyPanel function| newzware_showPurchasePanel function| newzware_showConfirmationPanel function| newzware_showECopyConfirmationPanel function| newzware_cancelConfirmation function| newzware_cancelECopyConfirmation function| newzware_cancelRegistration function| newzware_showRegistrationPanel function| newzware_hideAuthorizePanel function| newzware_hideLoginShowRegistration function| newzware_hideLoginShowPurchase function| newzware_hideRegistrationShowPurchase function| newzware_hideRegistrationShowAuthorize function| newzware_hideLogout function| newzware_afterLogout function| newzware_afterLogin function| newzware_showLogout function| newzware_doLogout function| newzware_showContent function| newzware_hideAll function| newzware_hidePurchase function| newzware_clearMessage function| newzware_showLogin function| newzware_hideMain function| newzware_showMain function| newzware_cookiesEnabled function| newzware_setSessionCookie function| newzware_setCookieMin function| newzware_setCookie function| newzware_getCookie function| newzware_deleteCookie function| newzware_dayPass function| newzware_ecopy function| newzware_confirmSingleDaySale function| newzware_confirmECopySale function| newzware_purchaseDayPass function| newzware_doSSMRedirect function| newzware_autoLogin function| newzware_purchaseTermSubscription function| newzware_purchaseECopy string| newzware_hex_chr function| newzware_rhex function| newzware_str2blks_MD5 function| newzware_add function| newzware_rol function| newzware_cmn function| newzware_ff function| newzware_gg function| newzware_hh function| newzware_ii function| newzware_calcMD5 function| newzware_setRegistrationType function| newzware_hideRegistrationBlocks function| newzware_showRegistrationChoice function| newzware_doFacebookNonSubRegistration function| newzware_registerNonSubUsingFacebook function| newzware_createGeneralAccount function| newzware_registerUsingFacebook function| newzware_createOnlineAccount function| newzware_showMessage function| newzware_hasIllegalChars function| newzware_forgotPassword function| newzware_forgotAccount function| newzware_updateBillingInformation function| randomString function| newzware_loadJSCSSFile function| newzware_checkLoadJSCSSFile function| newzware_autoLoginAndStart function| newzware_meterBoxOpen function| newzware_meterBoxClose function| newzware_getDaysForMonthMeter function| newzware_attachLoginEvent object| ai_front boolean| ai_dummy object| googletag object| gptAdSlots object| picturefillCFG function| picturefill function| selectAll function| deselectAll function| activateSelected function| deactivateSelected function| processReqFailure function| processReq function| goToMonth function| setAction function| setChosenDate function| openCalendarPopup function| switchMode function| hide function| show function| hideButton object| WebFont object| dataLayer object| blueConicPreListeners function| BCClass object| blueConicClient object| jwDefaults object| webpackJsonpjwplayer function| jwplayer number| _sf_startpt function| fbq function| _fbq function| gtag object| sp_userVar object| sp_userLgVar function| documentInitOneSignal function| OneSignal object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _mather object| _matherq object| tid object| __ctcg_65349_0_exec boolean| pollClosed10950427 boolean| PDV_POLLRAND10950427 string| PDV_a10950427 string| PDV_o10950427 number| PDV_id10950427 number| PDV_pt10950427 number| PDV_po10950427 number| PDV_b10950427 number| PDV_pr10950427 number| PDV_l10950427 number| PDV_s10950427 string| PDV_h10950427 number| PDV_w10950427 number| PDV_share10950427 number| PDV_expire10950427 number| PDV_version10950427 string| PDV_def10950427 number| PDV_sl10950427 number| PDV_lnk10950427 number| PDV_va10950427 string| PDV_POLL_q10950427 string| PDV_POLL_medType10950427 string| PDV_POLL_medID10950427 object| PDV_A10950427 string| PDV_l1_10950427 string| PDV_l2_10950427 string| PDV_l3_10950427 string| PDV_l4_10950427 string| PDV_l12_10950427 function| Sanitize string| a2a_track_pub number| a2a_no_3p number| PD_ck10950427 string| PD_ck_name10950427 string| PDV_n10950427 object| PD_button10950427 string| PDV_nurl10950427 function| _$ function| is_secure function| getHead string| PDV_server10950427 object| AA10950427 string| PDV_html10950427 function| PDF_mc10950427 function| PDF_a10950427 function| PDF_o10950427 function| PDF_checkOther10950427 function| PD_prevote10950427 function| PD_vote10950427 function| PDF_getTags10950427 function| PDF_urlEncode10950427 function| PDF_rand10950427 function| PDF_loadStyleSheet10950427 function| PDV_go10950427 function| PDF_setCookie10950427 function| PDF_getCookie10950427 function| PDF_callback10950427 function| get_sanitizer_10950427 function| sanitize_HTML_10950427 function| unescape_HTML_10950427 function| prepare_HTML_10950427 function| PD_addEventListener10950427 function| PDF_log10950427 number| PDV_x string| y10950427 number| x10950427 object| gaplugins object| gaGlobal object| gaData object| _userway_config object| UserWayWidgetApp object| _sf_async_config function| nwCheckLoginButton function| showContent function| nwdemo_doAfterLogin function| nwdemo_doAfterLogout function| showMeterMessage function| showLogInBox function| nwforgotPassword function| _createClass function| _classCallCheck object| initClasses object| activeClasses string| endEvent function| animate object| MotionUI object| Foundation object| wp function| b64e function| b64d function| ai_insert function| ai_insert_code function| readCookie function| amzn_uam object| apstag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| jQuery172003545418770450626 function| onYouTubeIframeAPIReady object| __connect function| InteractionTypeImpl object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_84241 function| __read function| __spread function| __values function| __rest boolean| _userway boolean| apstagLOADED number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| onLogImpressionComplete function| _docReady object| pbjs object| atdpbjs boolean| isUserActive boolean| windowActive object| _yetiAXTInstances object| _yetiAXTUnitConfig object| Mustache object| _bcp object| bc function| BlueConicEngagement function| RuleService object| justDetectAdblock function| FormRuleService function| md5 function| BlueConicMetaDataService object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| fbAsyncInit object| closure_lm_892822 function| Sizzle object| _fiBackupData function| atdpbjsChunk object| _pbjsGlobals object| bc_json424 string| sovrn_beacon_tid object| FB object| LJT_Ads object| UserWay object| ampInaboxIframes object| ampInaboxPendingMessages string| jscVersion object| google_casm function| su object| dicnf object| viewReq function| vu function| init_ssb function| accbk function| xy function| ss function| st function| ha function| ia function| ja function| buildAttribution object| google_logging_queue undefined| goog_delegate_deferred_token number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| window_focus_for_click

25 Cookies

Domain/Path Name / Value
soundpublishing.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 3881b85a-4e71-4779-b5f9-2550ff3be862
www.heraldnet.com/ Name: spi-adslots
Value: %5B%22f4e5f220-2efc-45a1-869f-0b293f8aec73%22%2C%201036994%2C%20%5B%5B1%2C%20%22%5B970%2C%2090%5D%22%5D%2C%20%5B3%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%20%5B320%2C%2050%5D%22%5D%2C%20%5B5%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B7%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B9%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B11%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B13%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%5D%5D
www.heraldnet.com/ Name: spi-check
Value: 0
www.heraldnet.com/ Name: nwssmcookie
Value: ssm
.heraldnet.com/ Name: bc_tstgrp
Value: 2
www.heraldnet.com/ Name: nwcompname
Value: 77vWsWVb
.heraldnet.com/ Name: _ml_ses
Value: *
.heraldnet.com/ Name: _gid
Value: GA1.2.55066865.1635318848
.heraldnet.com/ Name: _dc_gtm_UA-52608-71
Value: 1
.heraldnet.com/ Name: _dc_gtm_UA-52608-48
Value: 1
.heraldnet.com/ Name: _ga_2WM1N458VT
Value: GS1.1.1635318847.1.0.1635318847.0
.heraldnet.com/ Name: _gat_gtag_UA_52608_71
Value: 1
.heraldnet.com/ Name: _gat_gtag_UA_109002081_1
Value: 1
.heraldnet.com/ Name: _gat_gtag_UA_109002081_7
Value: 1
.heraldnet.com/ Name: _ga_BHJYZD7VVN
Value: GS1.1.1635318847.1.0.1635318847.0
obs.cheqzone.com/ Name: cg_uuid
Value: d99ee6b13be9199e5c11481a37566b27
.heraldnet.com/ Name: _ga
Value: GA1.2.906521392.1635318848
.heraldnet.com/ Name: _gat_UA-52608-71
Value: 1
.heraldnet.com/ Name: _fbp
Value: fb.1.1635318848572.782689251
.heraldnet.com/ Name: BCSessionID
Value: 3881b85a-4e71-4779-b5f9-2550ff3be862
.lijit.com/ Name: ctag
Value: 561:1637910849|515:1637910849|563:1637910849|565:1635405249|185:1635405249|203:1636528449|205:1635405249|589:1637910849|462:1635405249
soundpublishing.blueconic.net/ Name: AWSALBCORS
Value: 5AGJp8dBidjp/6M8mSttkv7YlbluAtpg01uG6+V/7YbtfoQPDnaU4QUbYtfR+myvqon+jxLObzN7wC5fxd/LVKlEOIrzll/weOug6VpJBVzQ9kJTp93bO8Vm8lRR
.heraldnet.com/ Name: __gads
Value: ID=d65f3eb2b0a90907:T=1635318848:S=ALNI_MYhr4Y4szs17mhNjlrphY0zth14dA
.doubleclick.net/ Name: IDE
Value: AHWqTUl07JvbGTWgnqmzfxGAp1b8YbTDOFPXFxrX266H3llRLKuZr9dav2wXs8SrDl8
.heraldnet.com/ Name: _ml_id
Value: 250a8d04d6665f23.1635318848.1.1635318858.1635318848

8 Console Messages

Source Level URL
Text
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
deprecation warning URL: https://soundpublishing.blueconic.net/plugin/library/bb2cb2eaed230ae17e83654981387c9e(Line 19)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network error URL: https://soundpublishing.blueconic.net/plugin/library/bb2cb2eaed230ae17e83654981387c9e(Line 19)
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
3cbc36958b851ae798103cc012bb204d.safeframe.googlesyndication.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
api.recruitology.com
api.userway.org
b2cdn.automatad.com
c.amazon-adsystem.com
cdn.blueconic.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.userway.org
cdnjs.cloudflare.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
entitlements.jwplayer.com
everett-tpweb.newsengin.com
everett.newzware.com
everettweb.newzware.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
go.automatad.com
gslbeacon.lijit.com
heraldnet-wa.newsmemory.com
heraldnet.com
imasdk.googleapis.com
js.matheranalytics.com
log.outbrainimg.com
ob.cheqzone.com
obs.cheqzone.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
plugins.blueconic.net
pxdrop.lijit.com
s0.2mdn.net
secure.polldaddy.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
soundpublishing.blueconic.net
ssl.p.jwpcdn.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
vap2ams1.lijit.com
widget-pixels.outbrain.com
widgets.outbrain.com
widgets.recruitology.com
www.accuweather.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.heraldnet.com
www.i.matheranalytics.com
everett.newzware.com
everettweb.newzware.com
pagead2.googlesyndication.com
100.24.222.120
104.111.214.80
104.111.233.227
104.16.18.94
104.18.225.52
104.198.41.198
107.178.250.234
108.161.188.228
13.229.43.140
142.250.181.230
142.250.181.238
142.250.185.162
142.250.185.170
142.250.185.202
142.250.185.225
142.250.185.228
142.250.186.130
142.250.186.163
142.250.186.33
142.250.186.66
151.101.2.114
152.199.22.243
157.240.20.19
157.240.20.35
172.217.16.130
172.217.16.138
172.217.23.104
18.208.243.234
184.30.25.193
192.0.123.248
195.181.175.45
2.18.234.190
34.117.123.47
34.234.121.44
44.242.84.49
50.16.211.97
52.222.149.26
52.222.149.52
52.222.149.67
52.222.158.105
52.222.158.12
52.222.158.2
52.222.158.81
52.222.158.86
52.222.163.173
54.152.53.99
70.42.32.95
72.251.249.13
72.251.249.9
74.125.133.154
75.2.13.80
89.187.169.47
0253ce040e77b6f4a11d3902274e823840a6bf9266499269e8bc765d319d7a4a
02c4806479af1a141f4a5f56022dbd2d966ec657afb42987da8cb9ab6dd9a2e8
048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096b960aa097c76c2ab8c937405becd31d74a1a0ed2b278536bd4dab535d26bb
099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a
0a73d05531962fcbd61b2bc88c80a2f6c9b3afcf7c0151b1fbe19ea789eb8a70
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e06b5d278d6804234403dd065277a68bef31bb1a30fe421a9b55790f86eb3d4
0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3
0edfb5568fc61262f6c27ddf7ef69a312f41daa8f897bcca41368a375301bc64
0f2254dbe33e7422e9ec9025a8babddbc6200d63b505adb33b5b849de53d9726
0fba307933e75ca5e824d3dc85ba5ec80c0207ef87f58e3c609b01ed4a7125a3
10812563777eda195bb752d0eb90d5af1af38fe8eaccb94be3ff56a0e2be77e5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
18fa372d92c3535ad1cd2f0825983bcec5a04aeee80641ee6e9b51e5b95b759a
1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c
1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8
1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
207acf9f9cb5022b653eb9f5e3508046867f5037efae00daddaf8237813eb5d7
22ba87261bdbd0c52f0dc751d85a4fe66346c083deb86d30b33f17c7bcf7c473
22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd
24726fad4c60cfc6357b6a47ef513babd44468c36f2f3649df09488c91fcf3b6
2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4
2666a346f4b8175f6cb9a5b06e248f1c8c9473a9003afb8f7ff4fdae4b7ef365
273d22ce359bf67fbe85bd22bb549e162a7096f735566b62b96714afd0fca7dd
2a0503318465483e29f86fcfb1d88621db8cd62bf36f3c78ee115827675e0008
2a98dd822458f5d47ed4febf322c763eafe9498dd446b853fa6904cf2f23d6ea
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b4a236ad5e82be642bd0f69c4657c6413064a9732b59472b814de0d188ad77d
2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8
2c67a8058ca73336616854e60cb23deff7312fe1b690c1cd973b3d4b3432903e
2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4
2e58901b1bae713d768a687074cef2a6d9aa336023ab73d241902ee8d193beca
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
31005eda0dd0a4be23208105e45c84d562d9ec599941d8103fe65586a6f2bcdd
33bac1851cf75041c580bc070b92e8b1e3f173d0450673e6dac6affb2c444774
352914e806bd73df2cb65ec59e541c44dcd1e41a56a2534487c2fbe40a2650cf
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a89054ff8695f3eae2c3531420c1b311f21695395a4b1ede7a5639d41c60f9a
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90
3fed279680a00e501f736327199b2f3c6c0490c8a46772f3dce46bc3ad52f6e2
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
40abffc6cc361e6f31e1738c7f835297ec4ba0a14666fdaeeff57f1b62e3d694
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71
485d98089094d66dc2a94c613634dbaa32b2ccb71a0559c77e5ac6418f4896f3
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
5462bd716ebcf7a78d50b201e11488373aea4e1dcd80c3e47860afde2ab48023
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5da32ead21ee2f8124a0e0a6884c9a0b4cf31cdaecd23fde4e527a7cc01b187d
5dd3e152a8ef540f0c36eefa9c190d78b6fcdf5f461ae7a05103a17330e9ad02
5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020
5f0202cc4798039c0cf48486d46cdb1da093848a0a38d402e39b38169a387119
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
650e56e74a47d42a27b8430049800ed60ccc19efe63cfe1905a55a8a1b153e85
66326995d0e9795824ef40c745748ca0b2c9f60a2c11f213739754ee9fb49f0d
6949cb00596a05946a61e1fbcd19aafc6b73a067791178b36df39382b80b2df3
69f0e66de394788011c9e0d5fcf53f1a0feb32aba17b18c4c78612cd92adb44f
6a013fd3aa1ff4bf9f213303285b43e7ec61c7eecc69be09f307f329d23fecd4
6a215d32cd6fa5203df0bd5210ef60b3335955d55be91f5940e9e19781a3649d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c25b5c0ed51665f0003fc29d4a4f1b4cc2210b67d564ba6ac9451fe38ee6e9a
6c3700437243f2994cfb61b6423b99d71ce8b73741d123e06cf1c675ab311e24
6fee4f0d21404d7ce3b0e3e1759c965f33fd9d870f07510d519bdca98b1d02c6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747d4689b8093b6b64eca59a4b4746c7250d4975523621ecd988e848ab271c8b
7505468536f0cc99279960b2e9380a1da3b766dbe27440f3562be6e974512e32
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
782b100759cee637a831dd4ba5fb282e7b84754c34a5e8196ce975651a3ab390
783048db23c8424fd550465ab8f4ea3556106dbd1e2338e7a0303d7819576d0d
7931b48410f48f3a7e9b350d100a3b15d3fb75c07875b8e2b9712338386adf63
7a47ef42df82a89ce8c9caec612959dbc901655d66312370ee6c1a4788b65a17
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
7ec8c2fed6490bc9da90e953b5dc3e988360540f88e8ad62ca998de2e03e31b3
7fa5724005524cb3c96104af47e774f662712d93d6d0d052c040cfb46519e4e7
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8545f47cef7e0846091e60002cdbf18eadfde70979d043fe4ad638daca1f5153
8806a9f9b3bcd4a2ee2ae62e8483b6558336d9f9920770d0af93a378365d2231
8978af83932f00e4bbfc0178c836ae53412980ecaa342de711b23231688f247c
89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de
8ba91d81ec22c189f381e611af66a6862c9dba43632fc19af7a12ac44f1a742b
8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337
8c23d14fe9c6f1796ac06ab13fdd2069afa881f403ce8276ddbda91adce6db74
8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2
8e1bb1c289d14c266e529528cd6e0d5c42562d92a1b946cd45cfc9a6e1a93869
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8e79f49a59b2da417dbc275440bb0e2ff2276e8398e85ca60c038da1cc6eb45e
8ffe5386c21a1708f78f2ece358833eb88c56f96719b703ff3349e8042bdb5ee
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9149bab1457f6379ba9320b797c932a24b802ad44c36217d945632c33635d87a
91a04f1e5724fe7af40bd9fd17921b50149707f870cd03bd4a5e30f4a2aacafc
946c7755fe5a265547bb71049406fbe397d23a25ee4510b945776e6895d361a2
982bd5811cd3e8f4f066715d657d3d0aad1ee32008b92d815f9be6cde2933c79
984d864b33856ff1937e77b0e62af84ff282ac7512f99e3a2d0b9be469f8fc04
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535
9cd5f69718feedbc383228bd72dda45633adaf6e325c1415a80d080dbf5a46d8
9d235b08f225b6a4685fc451c89179af5711960b0bc39fcfe01bac6e3cb99094
9da6e9cda652b8e4eb1c7449df52fc22580e1c4fccccaa3b2d82323c825d3f58
a160181417d6d07acf207c9be345b02271657606b4f3291ab4a4160f1bba3bf3
a172937d6387b1be47457ff490efa1fb5c1cd27d277caba6efe89e7387ef897e
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a2bcbd6f6d23664abb09edc9db55802300eee4bf73fcbff4da59e4e55dca4a9c
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5aa5eca408596d6816f873ca7bf2ab1cd4c44cacc4649676defe438c6fff18c
a6a9995eb5a932a94ff14016526b5d5b34599b5599b576b44b7e49ace7ac0a46
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7844adc1f5ad550bf533fd8d78936561757277b5a251693b04a82ee4eab30b8
aa99e010d16269db3e8de1440b7f4e093833596884a9fcda07c0e07e6f3e6a37
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2664176f0e1e0763fb3767d9e0576b9883f6c1623c0d28f4d9be7b40a600081
b372ba82431aa0eff7d94071558ba1bf9386a7193632cf501e98812904e5f598
b3dafed8f0df0a8d79a88ebdd5e0351dc6ed6dde6f73711125c14822a9e0d61a
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
bb87d62374924dfe28b02ba1f40a403bde3cf998554147f4a98e26e91ce05f03
bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa
c0b12bc3340ce49b4de1dbb12a05a3b4e5c4709b60e36ce158a8a0be9e6b7680
c1eb227a4851c4ea73da2e198a2a89135ae2c72126d16bb1e6e15e1af85574eb
c2423ff67400588dc4204c553696927c05c41e069a9e1715b05fb4517b8767d6
c3160d4eb1326fe436d7a1edde158f5d5756ee4de884c40ae20c308b4cdf1fd3
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5cee7e6aa64088bf3e1569168fb295c8cb286855328b0d1e2a213465a9e182f
c6375d149e2f60f435371ab247933519cd25fdd01ceeda0e361be780632b7c0c
c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe
c6cacd17c6bf8a665a018dc0eb89d4684953c4a145800b0c0756e25d6975c9a6
c6d562799491fcd2e98910dd06f2a665646c5279710fea428522fbc365772e49
c76853b9b64b3fb4b4cfbd22885e4cc2e3f14918020efb69a1df8eaeeb2a3b8e
cdbe9b3c8c969aa6aa467eeb4301a9c0a566df11de4d4b769438c4ebe8d40a22
ce706c89e2e86ef54cc77afb77672f911822f73cbb9d7822415cb60873157703
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
cf79654605ff2f1af4cb080e2da5a23eda82fc4d9b4a72ecde8730320044f547
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4af35a532b02bf7436bc5bf8ec4851bf76216fce667c8a04ea4f426eebdf192
d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d925db65ec1961756427ffaa480d32f5413d5edc49503d5ae7987aed8782e7f5
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
db41fa827b42b71615db50bab8259690ed3281ebd0f96c8a0af349fbbe6c3c15
dd1a7e2a5bf329678fe11e8e0c1a3a00ac3ce68f053e221376cb5b23c3224e86
ddac94a280772ca795c65b8bbcd9c7107e8b0b94061ba6cb2b65fe01e3ccb652
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e085fe123de003b0fe2b4fa981ce75e81734d7f50fb8c21462420d92e89b8a7b
e159c034b8ee012d4793d299da22d758b6dc98e6dbc74903958025728f4a7897
e37ae5d102b6a2a59335bdb9e89df1c3f60ed83f2153dbc5a4bf0b62467f6742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e713e5286e1ea67b3b7efa75cab4b22fbeeac675bd41020185d2fab749c3971f
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f3732a2e63630899d49b5dfc4e8664335886400b66dba1d5fbc653dd5661d6f8
f39f5a2b61aea2db3244384a3f02be6830fb34b924538452856aa6c53b7ae5bf
f3ea8a28cf1c4070dd1841d097f170ad020ce3ce498f9c611f7aeb44353a985e
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5966e7e2f9af57e4fe2ad14ac15753fca66c65af4639ccfb8a50b39e7a4b2f5
f705100b4cb858cef5721752ea8901dd84d7b109fcb6f5b08ca6f82dbcb91500
fa6ac12608d91ecee751159d0ba7cb891d54511088b5cd45c89685c8252300c6
fc5108255e5e2870da721d8cc2e602ff9c189326ed0c2a88bd1a0f21a5c85f34
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2
fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7
ff71581268dfd7c58f18463eab5f1426c5339c7f895c362c78b490abceadfe12