www.heraldweekly.com Open in urlscan Pro
2600:9000:2250:5000:2:900c:c500:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heraldweekly.com/
Submission: On March 22 via manual (March 22nd 2023, 8:26:44 am UTC) from MY — Scanned from DE

Summary HTTP 109 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 109 HTTP transactions. The main IP is 2600:9000:2250:5000:2:900c:c500:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.heraldweekly.com. The Cisco Umbrella rank of the primary domain is 14493.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 27th 2023. Valid for: 10 months.

This is the only time www.heraldweekly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	2600:9000:225... 2600:9000:2250:5000:2:900c:c500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700:440... 2606:4700:4400::6812:2894	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
3	2600:9000:239... 2600:9000:2396:e000:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2606:4700:20:... 2606:4700:20::ac43:4773	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:1f18:c3a... 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	104.86.47.65 104.86.47.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.54.34.85 52.54.34.85	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223c:7e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
109	25

55 2600:9000:2250:5000:2:900c:c500:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.heraldweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bundle.heraldweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2396:e000:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4773 (United States)

ASN13335 (CLOUDFLARENET, US)

api-stagingtwo.cgstatic.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cmgl.heraldweekly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.86.47.65 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-47-65.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.34.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-34-85.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	heraldweekly.com www.heraldweekly.com — Cisco Umbrella Rank: 14493 bundle.heraldweekly.com — Cisco Umbrella Rank: 92813 cmgl.heraldweekly.com — Cisco Umbrella Rank: 70517	1005 KB
8	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6098	188 KB
7	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 16134 js.ad-score.com — Cisco Umbrella Rank: 7096 data.ad-score.com — Cisco Umbrella Rank: 6896	158 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	161 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 283	59 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	185 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	261 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6069	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4219 www.google.com — Cisco Umbrella Rank: 2	666 B
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 660	452 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 438	7 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 933	1 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 980	9 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 588	295 B
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 896	17 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1055	17 KB
1	cgstatic.info api-stagingtwo.cgstatic.info	920 B
109	19

	Domain	Requested by
54	www.heraldweekly.com	www.heraldweekly.com
8	cookie-cdn.cookiepro.com	www.heraldweekly.com cookie-cdn.cookiepro.com
4	cmgl.heraldweekly.com	bundle.heraldweekly.com
3	data.ad-score.com	js.ad-score.com
3	c.amazon-adsystem.com	bundle.heraldweekly.com c.amazon-adsystem.com
3	www.googletagmanager.com	www.heraldweekly.com www.googletagmanager.com
3	js.ad-score.com	www.heraldweekly.com js.ad-score.com
3	securepubads.g.doubleclick.net	www.heraldweekly.com securepubads.g.doubleclick.net
2	www.facebook.com	www.heraldweekly.com
2	connect.facebook.net	www.heraldweekly.com connect.facebook.net
2	www.google.de	www.heraldweekly.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	bundle.heraldweekly.com s.yimg.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.google.com	www.heraldweekly.com
1	region1.analytics.google.com	www.googletagmanager.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	cdn.id5-sync.com	www.heraldweekly.com
1	secure.cdn.fastclick.net	www.heraldweekly.com
1	api-stagingtwo.cgstatic.info	www.heraldweekly.com
1	rt.ad-score.com	www.heraldweekly.com
1	bundle.heraldweekly.com	www.heraldweekly.com
109	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.domesticatedcompanion.com
www.daily-stuff.com
www.daily-choices.com
cookiepedia.co.uk
tcf.cookiepedia.co.uk
www.cookiepro.com

Subject Issuer	Validity	Valid
*.heraldweekly.com Amazon RSA 2048 M01	`2023-02-27` - `2023-12-22`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-29`	3 months	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.heraldweekly.com/
Frame ID: 0F1C123BCF7D882D620ED7165557C816
Requests: 107 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=31e685f&pid=1000305
Frame ID: B2451620D98ED5C2B3F1C92CE81AF46C
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: B3DB764403E3B729017474B606B1C2E8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DE4BA43F471B63651BD2B73DAAB2EDC5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Herald Weekly – Breaking Entertainment News and GossipsBack ButtonSearch IconFilter Icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

96 %
HTTPS

79 %
IPv6

19
Domains

25
Subdomains

25
IPs

4
Countries

1968 kB
Transfer

5101 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/FollowHeraldweekly/

Search URL Search Domain Scan URL

URL: https://www.domesticatedcompanion.com/

Search URL Search Domain Scan URL

URL: https://www.daily-stuff.com/

Search URL Search Domain Scan URL

URL: https://www.daily-choices.com/

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new window

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.heraldweekly.com/ 198 KB
51 KB 121ms
25ms Document
text/html 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dc2e34d273102ef86fdf48bf1d91807daece1828c8bfa5f7a48ce9636d2588ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85030
cache-control: max-age=172800 private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 08:49:27 GMT
expires: Thu, 23 Mar 2023 08:49:27 GMT
link: <https://www.heraldweekly.com/wp-json/>; rel="https://api.w.org/"
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-id: fX8onV3hiVSvqVtCBIJ4_Y3Vba1Y_UyibyInqIZwNrQaERVGmKSOAA==
x-amz-cf-pop: FRA60-P2
x-backend-server: www.heraldweekly.com
x-bypass-reason: Unknown
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-proxycache-key: http,,https;www.heraldweekly.com/GETmedium=;desktop=true;tablet=false;mobile=false;geo=DE
x-proxycache-status: MISS
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 style.css
www.heraldweekly.com/wp-content/themes/cortado/child/heraldweekly.com/ 120 KB
17 KB 25ms
24ms Stylesheet
text/css 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/child/heraldweekly.com/style.css?v=96c7c950540620cdc52f8c1c772d48be__141@2023-03-12T13:21:16Z__v19_1.1.lang
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 05fdf9adb93942174b548177cb84a36f06d35cd061af3dbbdda48f9b04938635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 02:13:07 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 12 Mar 2023 14:19:36 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 22410
etag: W/"640ddf78-1e1f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: zXGdkSEZK6NzYOih1gx09dFJNEmfyQK-5n_0sqdeV0wHXF1aJxq5pw==
expires: Fri, 24 Mar 2023 02:13:07 GMT

GET
H2 200 icomoon.woff2
www.heraldweekly.com/wp-content/themes/cortado/fonts/ 2 KB
3 KB 26ms
25ms Font
application/octet-stream 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/fonts/icomoon.woff2?v=minified
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3c26c91b451af9063bf5a68a3167595ef2c18e472468f7d5a2a5c3fa9ed69be

Request headers

Referer: https://www.heraldweekly.com/
Origin: https://www.heraldweekly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:17 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 7520
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-bypass-reason: Bypass (v, minified)
x-proxycache-key: http,,https;www.heraldweekly.com/wp-content/themes/cortado/fonts/icomoon.woff2GETmedium=;desktop=;tablet=;mobile=;geo=
x-proxycache-status: BYPASS
last-modified: Sun, 12 Mar 2023 14:19:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"640ddf78-94c"
vary: Accept-Encoding
content-type: text/plain
cache-control: max-age=172800, private
x-amz-cf-id: w4uO-4ukr-REX5TdrPyzelLStGUXdyiDXWSxyp27gKV1fKnCn4kUbA==
expires: Fri, 24 Mar 2023 06:21:17 GMT

GET
H2 200 jquery.js Show response
www.heraldweekly.com/wp-content/themes/cortado/includes/js/ 86 KB
30 KB 24ms
23ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/includes/js/jquery.js?v=96c7c950540620cdc52f8c1c772d48be__141@2023-03-12T13:21:16Z__v19_1.1.lang
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b2ab7bf1d5cfb6a51556c68ddccd82dc79c89db06826245ede28a4222d94f77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:20 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 12 Mar 2023 14:19:36 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 7518
etag: W/"640ddf78-1585c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: DIwYGDfrTneCWR4pnvYJsyNC8zRnkSg6xtuNldkzrTRWE73csiX13A==
expires: Fri, 24 Mar 2023 06:21:20 GMT

GET
H2 200 app.js Show response
bundle.heraldweekly.com/bundle/v9_32/ 149 KB
47 KB 79ms
54ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bundle.heraldweekly.com/bundle/v9_32/app.js?v=pheraldweekly.com
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9a6f9782a0afb7f1fd544d3ea925d4d22ec1cdc491f1201d0254a82e28649c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 6vZeL7cqDDF01jHL50_ZsIGFL5E_7FWY
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
date: Wed, 22 Mar 2023 00:10:24 GMT
last-modified: Tue, 21 Feb 2023 09:05:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 29781
x-amz-server-side-encryption: AES256
etag: W/"0a7024720de3352e2326cd311e375b3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-amz-cf-id: EIF1gkYW3WIPkh2OJWX9pucpKJudSCxkKrUSE6gjdyNu0AAt9RMNKw==

GET
H2 200 pr-djs-production-cmgid-476bb34731188da1a780ff1bc0a904ef Show response
www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/ 831 B
2 KB 26ms
22ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-476bb34731188da1a780ff1bc0a904ef?v=pheraldweekly.com

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

486a9196b3216052f589e21fa13740e6b1f30c481a00e99ca887495546027500

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:06:02 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 4836
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-proxycache-key: http,,https;www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-476bb34731188da1a780ff1bc0a904efGETmedium=;desktop=true;tablet=false;mobile=false;geo=DE
x-bypass-reason: Bypass (v, pheraldweekly.com)
x-proxycache-status: BYPASS
server: nginx/1.14.0 (Ubuntu)
content-type: application/javascript
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=172800, private
x-robots-tag: noindex
link: <https://www.heraldweekly.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: KEH3UklKMIQLTT435IYQC2G6uBwc0eoxbKiBU9BzeobyENW8xQJjUQ==
expires: Fri, 24 Mar 2023 07:06:02 GMT

GET
H2 200 pr-djs-production-cmgid-98490777ccc4456ca454858945c8c2f9 Show response
www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/ 597 B
1 KB 57ms
54ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-98490777ccc4456ca454858945c8c2f9?v=pheraldweekly.com

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

06696b31e78aa3edba9dd68048e1099757449f6999d1f9b175afbe1187c54d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:06:02 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 4836
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-proxycache-key: http,,https;www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-98490777ccc4456ca454858945c8c2f9GETmedium=;desktop=true;tablet=false;mobile=false;geo=DE
x-bypass-reason: Bypass (v, pheraldweekly.com)
x-proxycache-status: BYPASS
server: nginx/1.14.0 (Ubuntu)
content-type: application/javascript
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=172800, private
x-robots-tag: noindex
link: <https://www.heraldweekly.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: LFktD2OwPyV3AItpNQSbn5LUupqk0kdvfh0V74eGlUZSeFqABEXwyQ==
expires: Fri, 24 Mar 2023 07:06:02 GMT

GET
H2 200 prebid.js Show response
www.heraldweekly.com/wp-content/plugins/cmg-prebid/ 429 KB
131 KB 29ms
26ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/plugins/cmg-prebid/prebid.js?v=pheraldweekly.com
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5413c91b4bacc8f191713e0a56722bcc3d943f85a22f0f3b2d85c0214fbf730d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:31 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 10:43:46 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 7507
etag: W/"63ff2c62-6b2db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: yVIRi05AsrydEWn_55zmPL4HT45S_2v22uzSLDddwWoJWwh7i1kVEQ==
expires: Fri, 24 Mar 2023 06:21:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 183ms
108ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b81c3e6805c739c9afdc2fcce410e8c8ede00837eb53a622a59cc457a2d37be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27136
x-xss-protection: 0
server: sffe
etag: "1518 / 615 of 1000 / last-modified: 1679436494"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Mar 2023 08:26:38 GMT

GET
H2 200 pr-djs-production-cmgid-7672d2aaf536167eb3309811f3d8d838 Show response
www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/ 2 KB
3 KB 58ms
55ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-7672d2aaf536167eb3309811f3d8d838?v=pheraldweekly.com

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3cb24dbe464c11454c898613d8b261503f2f0545784a71f8f5c1c0b928c13591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:46:09 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 2429
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-proxycache-key: http,,https;www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-7672d2aaf536167eb3309811f3d8d838GETmedium=;desktop=true;tablet=false;mobile=false;geo=DE
x-bypass-reason: Bypass (v, pheraldweekly.com)
x-proxycache-status: BYPASS
server: nginx/1.14.0 (Ubuntu)
content-type: application/javascript
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=172800, private
x-robots-tag: noindex
link: <https://www.heraldweekly.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: aIxpmcQ1-AEawlUMbH8yX9_O0Jq6ucwLX6rtAST_9jmZhvjnmILhMg==
expires: Fri, 24 Mar 2023 07:46:09 GMT

GET
H2 200 logo-h60-w300.png
www.heraldweekly.com/wp-content/uploads/2019/06/ 4 KB
4 KB 53ms
50ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/06/logo-h60-w300.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d37117c0d1def0732213cb1209a9d5120eaaa7f39ef1b60dad325b15db70d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:13 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 28 Jul 2022 09:48:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 21130
etag: "b2484f6c89cbd9cfac55e627fe01e6a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 3996
x-amz-cf-id: Ef3CC_nXY7iqQ13TtYMXeAzOFMc31QrQsl5BUC6kh5_DPej0TYLVLg==

GET
H2 200 logo-dc-small.png
www.heraldweekly.com/wp-content/uploads/2019/01/ 2 KB
3 KB 54ms
52ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/01/logo-dc-small.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b0be6d18e238dc3e35530df2042ffd46acce39d3336efe2b318b9a02e6111e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:13 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:24:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 25732
etag: "156436f91983154001fbd724a3591ae1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 2246
x-amz-cf-id: mnZupst66yUgrqHnicU4otZ_43dKbcunfNCDJcnSXNZuCLAhF575Mw==

GET
H2 200 ds-logo-300x60-1.png
www.heraldweekly.com/wp-content/uploads/2020/11/ 3 KB
3 KB 55ms
53ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/11/ds-logo-300x60-1.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0cf3ca5886b5dcfceb139f557b4b539b41528acce60f974a36a56f584e86f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:13 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:24:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 21130
etag: "a89765928658f20e367db1179469988c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 2976
x-amz-cf-id: bSudW9f3mhdqyO7OVm_0xiGI_PV-I_ISxmfQ2D4Eh0jhQf5iFH--Dw==

GET
H2 200 logo.png
www.heraldweekly.com/wp-content/uploads/2019/01/ 4 KB
4 KB 56ms
53ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/01/logo.png
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05fb4ada94f6bb3475806bd6a7ea4645a3d6175ec872adc723176120caf755f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:13 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:24:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7529
etag: "c50fe9ecc5733067d53a46568c4c12b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 3990
x-amz-cf-id: Ab4KbcMfDkhLMu80Cn8ukCYHdwjiJr3EepPajKT9d57F6BONgh7e3A==

GET
H2 200 pr-djs-production-cmgid-801751b9e728983d2ff229416d3d28d4 Show response
www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/ 5 KB
6 KB 59ms
57ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-801751b9e728983d2ff229416d3d28d4?v=pheraldweekly.com

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0bfadc2d96984a9734518258f4b3c0f3e0f01c7f4d2369a1cb638857869ed276

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:06:02 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 4836
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="ADMa,OUR,STA,COM,NAV"
x-backend-server: www.heraldweekly.com
x-proxycache-key: http,,https;www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-801751b9e728983d2ff229416d3d28d4GETmedium=;desktop=true;tablet=false;mobile=false;geo=DE
x-bypass-reason: Bypass (v, pheraldweekly.com)
x-proxycache-status: BYPASS
server: nginx/1.14.0 (Ubuntu)
content-type: application/javascript
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
cache-control: max-age=172800, private
x-robots-tag: noindex
link: <https://www.heraldweekly.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, Content-Type
x-amz-cf-id: jDryP_l-q0plOgHu1nAKP0wOsOrbGffbIvBzpSAdSnjIakm49XGXKQ==
expires: Fri, 24 Mar 2023 07:06:02 GMT

GET
H2 200 menu.min.js Show response
www.heraldweekly.com/wp-content/themes/cortado/includes/dest/ 11 KB
4 KB 61ms
59ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/includes/dest/menu.min.js?ver=96c7c950540620cdc52f8c1c772d48be__141@2023-03-12T13:21:16Z__v19_1.1.lang
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ea719522f75824ed4d8ae18dfcaeb413aefdf20ec8162e1a9273563fde75c8cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:21:16 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 12 Mar 2023 14:19:36 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 7522
etag: W/"640ddf78-2b8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: CtK0-_RjbjH6aZrF8qBv12B2_4y2prpeBWROebuLPom6Z8aQUzv5Qw==
expires: Fri, 24 Mar 2023 06:21:16 GMT

GET
H2 200 deffered-tasks.min.js Show response
www.heraldweekly.com/wp-content/themes/cortado/includes/dest/ 12 KB
4 KB 62ms
60ms Script
application/javascript 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/wp-content/themes/cortado/includes/dest/deffered-tasks.min.js?ver=96c7c950540620cdc52f8c1c772d48be__141@2023-03-12T13:21:16Z__v19_1.1.lang
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c6e15fd75bc7a558f5a41ada1c207cb43020e441364c44e1d19510317927f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 03:12:32 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 12 Mar 2023 14:19:36 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P2
age: 18846
etag: W/"640ddf78-2e1d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=172800, private
x-backend-server: www.heraldweekly.com
x-amz-cf-id: -Y9P9nqPSPmh66iCrk6NmLx8_GJK33BoquHYrvBCv4p0hXIQDpyoIg==
expires: Fri, 24 Mar 2023 03:12:32 GMT

GET
H2 200 webpage_view
www.heraldweekly.com/nunchaku/kusari/ 68 B
777 B 186ms
184ms Stylesheet
image/png 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldweekly.com/nunchaku/kusari/webpage_view?v=pheraldweekly.com
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 13f86bd1a6d578ee82ca0c54a9a634e03d8d7db09380d72590b158f173f53790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-length: 68
pragma: no-cache
last-modified: Tue, 21 Mar 2023 20:07:35 GMT
server: nginx/1.12.2
etag: 1679473598.13
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-amz-cf-id: t2qE4FfDyhhfitzR5ZK1vkTo37QRa_GWatcLzPcMeuitiLugicYjww==
expires: 0

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 26 KB
9 KB 192ms
117ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: XP5ufGIMVAznk1F+pqtwzg==
age: 83183
x-ms-lease-status: unlocked
last-modified: Fri, 17 Mar 2023 01:35:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4720f86f-101e-0031-31b3-58d95e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d049cfd6961-FRA
expires: Thu, 23 Mar 2023 08:26:38 GMT

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/v2/score/ 59 B
736 B 550ms
140ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/v2/score/cors?s=1&callback=RTWITHJS&v=31e685f&cb=0.784793444473215&pid=1000305&tid=www.heraldweekly.com&l1=undef&l2=undef&l3=www.heraldweekly.com&l4=undef&l5=rtwithjs&uid=pmu-JtckZrw38Bsb5lxtO8qfWvOVkO87
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: 54fcdfae21f2461e688823ae53268977df41e73eecd2c5b1557f9b7dd70c7917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Mar 2023 08:26:38 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.heraldweekly.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 59

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 437 KB
139 KB 497ms
153ms Script
application/javascript 2600:9000:2396:e000:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000305
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:e000:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9c1ac92f4de4049e678423feaca1d37ec8299ef047ea374828f5fc4138415784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 06:44:35 GMT
Content-Encoding: br
Via: 1.1 50e461b059c65812f6d9298225ac4e9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MCT50-P1
Age: 6123
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 22 Mar 2023 06:44:35 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: wVthKU4A8wdK6PGzGlhjw4ejNrrpW1v-g-dIZKvn8wSwiPFN_H17XA==
Expires: Thu, 23 Mar 2023 06:44:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 195ms
121ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-81920024-4

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f444f1122e7ad0f348c649a0b3aacf21e5a4ddd447ee66a84c36016e4c58b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Mar 2023 08:26:38 GMT

GET
H2 200 2BHDT7D-scaled.jpg.pro-cmg-scaled.jpg
www.heraldweekly.com/wp-content/uploads/cmg_images/103990/rid_1acdecfeaf69759e0b5ad2c5c8ea7c01/ 43 KB
43 KB 52ms
43ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/cmg_images/103990/rid_1acdecfeaf69759e0b5ad2c5c8ea7c01/2BHDT7D-scaled.jpg.pro-cmg-scaled.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab3cfcf3a97ed44abc05c16f5bf9f34c0d3d243e1802975fe38fac41bd2a2bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:00:10 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jan 2022 13:37:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 84389
etag: "0d91d2dfcaf950ffaa1a4b249e746795"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 43696
x-amz-cf-id: wb3igaF5lz_7izuzABjGNnJHwVHoceF0pQEhgp9R0Wjfqr63zn5dnQ==

GET
H2 200 GettyImages-120010278-oldhollywood-131552.v-1.v.jpg
www.heraldweekly.com/wp-content/uploads/2019/09/ 45 KB
45 KB 55ms
42ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/09/GettyImages-120010278-oldhollywood-131552.v-1.v.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 304d5927ffc6fc16d22a98bbe2e8e7748ec8d708f69c75f795e4e015976a55c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:00:01 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 13:44:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 84398
etag: "17c344aa2ceecdef5d5eaf5b125db4f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 46142
x-amz-cf-id: 61qLhWFVS_E2zMo0jHHLPOaZoKA1cqe_dk9tCvOxd9ifRDFzDr8zzA==

GET
H2 200 GettyImages-1025458362.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2019/06/ 12 KB
12 KB 53ms
40ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/06/GettyImages-1025458362.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2725951ad20590a6cfd29c4eb111783888956b8ba9e2ff1a7ee63d350f3cc52a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 19:35:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 2676
etag: "652238edb04f9aeab789662a2f3c457c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 12330
x-amz-cf-id: HcyCQsFdu2_ozqI5L4KyawmS2GLLWDoFpCSk9Qt89lC9NYTaxqV_yA==

GET
H2 200 shutterstock_1137328811.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/08/ 8 KB
8 KB 54ms
41ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/08/shutterstock_1137328811.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea00d868768a6e22e20849511cce8249a911098d30af038b57a3d1898e7f643c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 14:37:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "0cf7a32ce12f7febde52990cb605bdda"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 7970
x-amz-cf-id: UHBCgMa4pJPEaF58iUH-UaUiPw9OgTdi_pfTLtJPkLJK7Vi7QbZ59w==

GET
H2 200 shutterstock_1307764885-Leonardo-da-Vinci-vintage-engraved-illustration.-From-the-Universe-and-Humanity-1910-facts-about-leonardo-da-vinci.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2023/03/ 9 KB
10 KB 68ms
55ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2023/03/shutterstock_1307764885-Leonardo-da-Vinci-vintage-engraved-illustration.-From-the-Universe-and-Humanity-1910-facts-about-leonardo-da-vinci.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2824eed75ea9674e0dfd63c8a3902f18e9f6adb4bd62baf350f9bd6c1b9d316

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 12:38:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
x-amz-server-side-encryption: AES256
etag: "b51ce7c621849732ce38961df13ac240"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 9620
x-amz-cf-id: ba_QiU8wyRTZn9VbnHvh78hizTCOiPSpxLeXeCGnjUaWbRH-60bSow==

GET
H2 200 C5NC8R-0-Led-Zeppelin-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/03/ 8 KB
9 KB 54ms
42ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/03/C5NC8R-0-Led-Zeppelin-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eafeb4fbd0e8a2618749567726f408b2334451feb21a04a4f0be0662487366ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:34:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "b4821a695540d67f028f620e2151230b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 8408
x-amz-cf-id: 9nwTwXrl2qIWxUW6rRZy5uT52_ypsZQvFv_D2UOurCMdt_Cx0QfIpw==

GET
H2 200 GettyImages-582217943-actorsandtheirparents-132629-p1-300x203.jpg
www.heraldweekly.com/wp-content/uploads/2019/07/ 5 KB
6 KB 149ms
137ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/07/GettyImages-582217943-actorsandtheirparents-132629-p1-300x203.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3291ac8a5f226461cf7c0c0956b9318c297224203728c139cf24fd3118e230bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 16:12:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
x-amz-server-side-encryption: AES256
etag: "9ccf7a1b5eb909c097eadae7da18c102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 5440
x-amz-cf-id: LAfKnfVIalb7YlLuAj5DTdHXS93Ib3b3pTJuABnAdpWch05Yt9lv5A==

GET
H2 200 J16WMR-scaled.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/cmg_images/108721/rid_cbebbe14e0d7cee3dc764d5d3d5fa53d/ 75 KB
76 KB 55ms
43ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/cmg_images/108721/rid_cbebbe14e0d7cee3dc764d5d3d5fa53d/J16WMR-scaled.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a999b3e04cbafc1df2662a566127fd15f2d3a8fa3d381d193b7902c6221327e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 01 Feb 2022 09:03:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7308
etag: "75920ddae03c62eca48b398c7ae5502d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 77022
x-amz-cf-id: HRmfh9aCEC8Z0ki0FFEglqur9MjqWMLNzYh1sXKpI7-abyC2QzK4IQ==

GET
H2 200 shutterstock_1802223193-bicycle-trip.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2023/03/ 10 KB
11 KB 56ms
45ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2023/03/shutterstock_1802223193-bicycle-trip.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 527c6dab5e112677363580e13251685f315c34df50a5922b80c707c26b61d998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 12:16:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 19 Mar 2023 12:10:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 72881
x-amz-server-side-encryption: AES256
etag: "f322ae2f79ffe440d6fd068d2e9c6c63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 10398
x-amz-cf-id: coqDWEnIA2a-eTGhtQwJQHAwYyBsnOkul-bnAsQAyKs-cGB6yw5AjA==

GET
H2 200 GettyImages-885542936-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/11/ 13 KB
14 KB 151ms
140ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/11/GettyImages-885542936-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13878e3dd497c916e61120c8612b0b49ec34fac99309e42b42305460bb40e921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 08:57:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "e6ea710e0ae4877fd83c0c24264c1e11"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 13652
x-amz-cf-id: 9fQSak6Wi_ZFKkHDbgAeESuaJG6z1_1J2nYC0cgaaCSmxtz1nsPRkA==

GET
H2 200 shutterstock_410346478.jpg.pro-cmg.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/08/ 10 KB
10 KB 58ms
47ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/08/shutterstock_410346478.jpg.pro-cmg.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f01e17f6e30409eb233db4f5a64af5c41ccdb0b8ad3c5d3e111609555db3b9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 29 Aug 2021 12:41:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "0372be8f921e635d71df371840e3ff6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 10234
x-amz-cf-id: 1bihbDUA665mUdoYgDh8YI6UvEsh8WlMN2XdxwDfgaiCN3Pc-zS--g==

GET
H2 200 shutterstock_559055305.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/10/ 11 KB
11 KB 62ms
51ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/10/shutterstock_559055305.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6873d233fb31781d124482fcee4e762a372ec88e02c9bd2c3f9297102964842a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 16:15:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "da93b7e4494fd23398a9cd4d3d489780"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 10814
x-amz-cf-id: VL-4RKbd-87NH7GYA6knixxDtC3XKdl3q8hpndGlrIA46bzSyca-KA==

GET
H2 200 shutterstock_210586210-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/09/ 11 KB
12 KB 62ms
52ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/09/shutterstock_210586210-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 280c418878398094815112619b1c6881728e098bb7ea7954a88b2a46e307871b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 16:15:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "505479957a933ed0161aad709aae0552"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 11732
x-amz-cf-id: g-kIG1-Qh4qh2W7647j2A9GxqsmiJ5OQteB1g2nzVH5OG89HCWh8NQ==

GET
H2 200 shutterstock_1665914263-taj-mahal-india-1-scaled.jpg.pro-cmg.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/08/ 8 KB
9 KB 63ms
52ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/08/shutterstock_1665914263-taj-mahal-india-1-scaled.jpg.pro-cmg.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84fba83b8e3dffe1b00806247f13927f209ef1d0de65e7603dfa65fb89fef66e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 15:08:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "eb66525ffc3b522ad9031e7ff2f49456"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 8690
x-amz-cf-id: rca5p9f1k-fZhqdMZfX1tpwFYHifnIDQantVpWfQ0YhQRGjp_I5b-w==

GET
H2 200 shutterstock_1308387823-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/06/ 23 KB
24 KB 63ms
53ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/06/shutterstock_1308387823-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61b2e0550e873940d23a33c8c83fea46dd43ef12f5843fcbadcf8d66a762718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:25:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "71a638607f489fd4e5263862e4815f45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 23776
x-amz-cf-id: _IrmAjnItoHjmokzQembI1cvPGvmTDGkgFRgFRFJkuqg0daEsKPFww==

GET
H2 200 86-4.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2019/04/ 16 KB
17 KB 63ms
53ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/04/86-4.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a942dfde678c142ba7328220de2b153d22aeedd53ab46d44355fc0ae17035884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 02 Nov 2021 21:56:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "c3e3e3525c2214aae95c92a89cfde67d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 16874
x-amz-cf-id: zXQEYKjIXp_mUni_6yH1CqjGPIX7bi3ZnuPvy0GuzOfQD8dLYLKhAQ==

GET
H2 200 shutterstock_139682926-Woman-washes-cutting-board-in-kitchen-sink.jpg.pro-cmg.v.jpg
www.heraldweekly.com/wp-content/uploads/2020/08/ 23 KB
24 KB 64ms
54ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/08/shutterstock_139682926-Woman-washes-cutting-board-in-kitchen-sink.jpg.pro-cmg.v.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 652f7d8549433c82641121e8affb29b37a7bad83ea74c53ac3070c1d7a266e19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:03:40 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:25:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "19174fd299bd180dbbbafe0ae066dea6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 23968
x-amz-cf-id: 17pe265Vs01BYI0NbUeCJG7KvGqFOaQF3mR3E1klm75nws0WZaNjIg==

GET
H2 200 Bristol-Milk-Ad-238x300.jpg
www.heraldweekly.com/wp-content/uploads/2019/07/ 13 KB
14 KB 64ms
54ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/07/Bristol-Milk-Ad-238x300.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2d1269d897d21325133d6590899d5c1be3cc036e52745cd8e49eaccc1ae788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 22:12:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "30409739c6224783e0cc1ddd61bad67d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 13510
x-amz-cf-id: ir6Px_JVk8vP-FgDumjAQ1rsnNJITnmbWXTO2172CcPUKMI3BQoiGw==

GET
H2 200 GettyImages-182691746-scaled.jpg.pro-cmg.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/11/ 7 KB
8 KB 150ms
141ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/11/GettyImages-182691746-scaled.jpg.pro-cmg.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0887c61fee95b246aa9525884eedd07941d9d88abd699206f3d42bf04b6b8f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 09:03:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "3c5cd3ab0ff3e568a8c35e7ef11e3286"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 7646
x-amz-cf-id: HwTPZ6dFANiaAvojCRkchzMV0M6-qnBo9bS-cNQYTwe7QqZU6sfLuw==

GET
H2 200 BAM5GB-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2019/09/ 14 KB
14 KB 64ms
55ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/09/BAM5GB-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2e03c15af81ab88ac0c6cb37707a21edfde1bb2121c93549f2c8d1fecbbc6b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 03 Aug 2021 04:40:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "3bbc6ad5cb764c228d705179bfc1b6aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 14360
x-amz-cf-id: 5rrjf1ZvZ5YMosER5aYCLIcTI-wV8cbgmio0J9yoOgPSNF9e7PUChQ==

GET
H2 200 shutterstock_1494574826.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/2021/08/261575/ 39 KB
39 KB 151ms
142ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/08/261575/shutterstock_1494574826.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45e13ea784dc2c415d78c90891d6bc7fa83c38e6a235ff375f546a86f2bfe2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 29 Aug 2021 13:02:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 79804
etag: "601348ef33a487be626d8b31cbcb8663"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 39798
x-amz-cf-id: DKY4LGoQDZMvIiTvcWh9Vb63-GHa1c2upEHxLe7Zscx6tryM1Mz91A==

GET
H2 200 47-9.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2019/12/ 9 KB
9 KB 164ms
156ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/12/47-9.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ff1d8a5e6fc6180dbd8351db79e76d4cd2214742b59f866979486e4de2cc58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 20:28:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "4bf37d7693ff5c84eb14a1cf11353057"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 9320
x-amz-cf-id: 9g_I-x_0EYSRXXk4HqgW_TCfA2N_moexnOEnMAzuq4cp1pkhyklZwA==

GET
H2 200 shutterstock_1052789864-kitchen-cookbook-Lady-reading-pizza-recipe-in-culinary-book-at-home-with-kitchenware-on-table-scaled.jpg.pro-cmg.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/08/ 8 KB
8 KB 151ms
143ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/08/shutterstock_1052789864-kitchen-cookbook-Lady-reading-pizza-recipe-in-culinary-book-at-home-with-kitchenware-on-table-scaled.jpg.pro-cmg.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc5db043edc53fa9f3f89920b35180b58a91ac31207169c6db9d730b49c4b91b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 14:37:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "fb115aabb8b07403049040ac954018b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 8074
x-amz-cf-id: GnIOy6zPqMp9mIhJ9C4G0ohXa-ZTK3AVLO93EouHsa8wwU4hcKBxCA==

GET
H2 200 GettyImages-1023274292-FIFAcup-132511-p1-300x214.jpg
www.heraldweekly.com/wp-content/uploads/2019/08/ 22 KB
22 KB 152ms
143ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/08/GettyImages-1023274292-FIFAcup-132511-p1-300x214.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67b9d7b1f22af1d1dd0c83c64ecdbb38f3337690ef0d66a01412e0df45361de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:25:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "c0b2be1f2561ea5b298b9797c4ea4ab4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 22526
x-amz-cf-id: C_dLgdilT7RiD380HG9gOVJiSjUBiZRasn6r0r3L4LRIamgQSPZzwQ==

GET
H2 200 organicarticle-112791-antiaging-1.v.v-1-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2019/03/ 8 KB
8 KB 152ms
144ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/03/organicarticle-112791-antiaging-1.v.v-1-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4772ff86d8e35ea220ff7c72792dd88142eb32398a96ebb3cdebb9153bea081c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 01 Sep 2021 14:35:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "0142d6b27df8569f757b0881900faa02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 8020
x-amz-cf-id: qmryol-u1_J836Pj-D-86JZD7VvHQDfWU83EFc8R4HZp2KwgEyToKA==

GET
H2 200 shutterstock_184540046-soccer-player-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/05/ 9 KB
10 KB 153ms
145ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/05/shutterstock_184540046-soccer-player-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7ddb9a7b9d9d8ca1eabaa72461ff2a6fb61a05f60ee5a5fe82f50dc6d55c878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 15:08:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "21d3c9acdaf8ec27806d28c485f013bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 9476
x-amz-cf-id: DZZIx4quKCCbdsOabBTbRe7JQNyYAApgD5w0P4QlesPFDq7Oh_6jhg==

GET
H2 200 GettyImages-1157259131-foulballs-132543-p1-300x215.jpg
www.heraldweekly.com/wp-content/uploads/2019/08/ 18 KB
19 KB 154ms
146ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/08/GettyImages-1157259131-foulballs-132543-p1-300x215.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa0cbb56d9d33a7cc2c41cdeec9187b7cc99cae32b4235b4933cb176eab3d264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:27:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 80767
etag: "644d9069975ece7d79fd09d0f13f9224"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 18616
x-amz-cf-id: oEyN-3uRw1b6VqDxLudbmEyxFh82TfoESVsfDd4BXEJcMOfuxr1m-g==

GET
H2 200 shutterstock_601861616-Young-woman-scuba-diving.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2023/03/ 16 KB
16 KB 154ms
147ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2023/03/shutterstock_601861616-Young-woman-scuba-diving.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 222ad86d08b79aaf56f99c63aed023156b8651eca376b1756e67a5dad27fc197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 13:11:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
x-amz-server-side-encryption: AES256
etag: "c6d75544f341c3033a610e0491668d89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 16052
x-amz-cf-id: ogd6QGG-9VqvE-pJ26djLg0dtlpDIcCarU_BrkyeEENPSx0rbELMDw==

GET
H2 200 DK4G28-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/08/ 8 KB
8 KB 155ms
147ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/08/DK4G28-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df9bdb5f1f9fa5310ca95b82b94d05747ee43f743c50621b9f93578c69c3aacb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 00:28:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "1931f256b14d2a1890e86f8c272506f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 7810
x-amz-cf-id: tABzfe6IJnJvJyoF-hnkYoIYESUKDLXJrGG4LMoXbsd3cfyty6cWHQ==

GET
H2 200 shutterstock_656261071-walk.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/10/ 12 KB
13 KB 156ms
149ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/10/shutterstock_656261071-walk.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ae133b83e7046fe51ba38d1537ebaa3910fa6215cf3196a781d030ce7051d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 11:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "2aaf953c4e78c0bbf9d9fc8fdecf0138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 12514
x-amz-cf-id: iVzFu6HIoCx3LflJ8aOgr8eJS1TveUz1LJ8E6UaGQ5_b3jTpDXqfDg==

GET
H2 200 GettyImages-588638468.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2019/06/ 8 KB
8 KB 155ms
148ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/06/GettyImages-588638468.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc1a41aee930136aeb287e2701783156c279b1a5ab0e5a94909158cbee48c74f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 12:25:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "a04b46b35b0b035eace549a097f0a9e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 7886
x-amz-cf-id: KpaLJc3Lo64Te4Qy08AK1EKpa2hljQ-43_G-EUfKsIZfi7cVHfd7nw==

GET
H2 200 the-matrix_5b345bc4-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2020/08/ 7 KB
8 KB 156ms
149ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2020/08/the-matrix_5b345bc4-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bf76e3b6ff15598df42730579cf2538f9501ebf5d9dd9e7cc3420c71fb92dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 17:55:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "a2ee3a853bd27d27fe14ca670a93f69f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 7476
x-amz-cf-id: pGAimuDvsJCpd1A04opsJdW7RfuYQBZ6mOT57wxhDAAzxhp4AEKIYQ==

GET
H2 200 GettyImages-1264283637.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/11/ 13 KB
14 KB 157ms
150ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/11/GettyImages-1264283637.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8022c4ff9c42f0a7fbecf37bbfaaa07243fc53a0f571e5197a5744175a9f6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 09 Oct 2022 19:10:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
x-amz-server-side-encryption: AES256
etag: "75a84414ebb6b0a051ccd895022331f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 13552
x-amz-cf-id: FfNI0CPe-CNsuABX_JysS4j8nC7Rmri_Zmzw3hqnxaqvstnP7ZIMCA==

GET
H2 200 BDWYWE-1024x672.jpg.pro-cmg.jpg
www.heraldweekly.com/wp-content/uploads/2019/11/124264/ 73 KB
73 KB 157ms
151ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/11/124264/BDWYWE-1024x672.jpg.pro-cmg.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46667cbc0697fbf35f264b8bad21108a87cf861c65df1c4d5d6dc301221829a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:08:40 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 14:54:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7295
etag: "bb23476af15065d858962d5bd408031a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 74784
x-amz-cf-id: QZiUbZIjSqV8Nu3EVpAq8vbFozzgaxb8iM1YNOUfSexKGSoDHugtYQ==

GET
H2 200 shutterstock_447776278-40-amp-Fabulous-Celebs-Who-Became-Moms-Later-in-Life-Geena-Davis-46-48.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2021/08/ 7 KB
7 KB 158ms
153ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2021/08/shutterstock_447776278-40-amp-Fabulous-Celebs-Who-Became-Moms-Later-in-Life-Geena-Davis-46-48.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba920015f27943104f23f15e3cba0ea9c3576717ca7dd39bb5d576d2e1e6de9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Sun, 29 Aug 2021 11:36:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "74c034bf1c82c6905b4d70f9fc99f51a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 6692
x-amz-cf-id: sERRuCYq92uv28w_Lpnl8QDxxC2o3Q6D8yBTiS8yawl596OBqQcLHA==

GET
H2 200 DuckTales.jpeg.pro-cmg.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2019/11/ 15 KB
15 KB 158ms
153ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/11/DuckTales.jpeg.pro-cmg.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c0eb14d4ff7b141dac7fa38e7a3393af20687858329ed165b7f123b9fdae4ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 16:10:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
etag: "d0f6972797f4dc2c10e0c9424128dd36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 15214
x-amz-cf-id: fv15j3jRj8HFH3l2AwV5kzUJzfLkvBZPE4KSH9pMA9XyITTVC_5UEQ==

GET
H2 200 GHFW5Y-harry-potter-and-the-order-of-the-phoenix-voldemort-ralph-finnes-scaled-1.v-300x200.jpg
www.heraldweekly.com/wp-content/uploads/2023/03/ 4 KB
4 KB 159ms
154ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2023/03/GHFW5Y-harry-potter-and-the-order-of-the-phoenix-voldemort-ralph-finnes-scaled-1.v-300x200.jpg
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58e8dd238bb67fe34d901fdfa0869deb8683bb294e0f3ad69efdd0c6374b6bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:51:41 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Mar 2023 13:23:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 7257
x-amz-server-side-encryption: AES256
etag: "9b20da30253e56b996b57466b92df922"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 3620
x-amz-cf-id: YpfAercpwzqXEJnJ07PwfIaKDiXsSX_DjnN8EoGoJQP2edM1n22uCg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 222 KB
55 KB 92ms
28ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v9_32/app.js?v=pheraldweekly.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:22:51 GMT
content-encoding: gzip
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 20:24:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 228
x-amz-server-side-encryption: AES256
etag: W/"a7e0149ce78dcfe46a1b0656ebdcc903"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: rYxVXqOzZ4dcTbbErqoResSYCS-d4-wExG-do6MOIcCjpILhD5joZg==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 168ms
37ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v9_32/app.js?v=pheraldweekly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:25 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: Z6HNCQ1AH3PDWGC3
age: 14
x-amz-server-side-encryption: AES256
x-amz-id-2: sNdMrjx3KCtr3kWMSRwuQBL5q5pHxXYtsNnTKHviQuHgOdPyA0hJCrAHlbu47IV0GW0aaJngrHo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 webpage_crossdomain
api-stagingtwo.cgstatic.info/nunchaku/kusari/ 68 B
920 B 343ms
234ms Image
image/png 2606:4700:20::ac43:4773
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-stagingtwo.cgstatic.info/nunchaku/kusari/webpage_crossdomain?brUID=37b0c582-395f-c828-9238-62553cb15c3b&sid=5181899173022
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4773 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Mon, 06 Mar 2023 06:38:13 GMT
server: cloudflare
etag: 1679473598.4
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkKif%2FHXbSVDtj1%2Bb6Wlnhuuwmh1L5iloJiKJr2ZaHijNDL4JBHf%2B14fp4n%2BDd%2FD8CizPM8fRBJajqIJRuwAfI8iSlNLWRgmwJn6xumJvVugyK3VAk%2Bax83zzkIlirUO9r7RHfkQLlw4OjF%2FZRt3rNJ23opQ1wtbWT4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7abd0d04ffd22c3d-FRA
expires: 0

POST
H2 200 himo
cmgl.heraldweekly.com/nunchaku/ 0
254 B 406ms
155ms Ping
text/html 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cmgl.heraldweekly.com/nunchaku/himo?_request_type=webpage_view&__logID=1a8a8e67-7bc5-f9e0-ba50-2ffafd72133b
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v9_32/app.js?v=pheraldweekly.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
server: nginx/1.12.2
etag: 1679473598.52
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H2 200 e2d1040d-5b13-4339-9111-bce7a5da03da.json Show response
cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/ 3 KB
2 KB 77ms
32ms XHR
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/e2d1040d-5b13-4339-9111-bce7a5da03da.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d818557e781688fd2d2ce993da99031879dde8c83060ebc6d8600a197ebdcbef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: g8qhFN4Vixy5g0fRycOzzg==
age: 82360
x-ms-lease-status: unlocked
last-modified: Sun, 07 Feb 2021 09:37:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 37295fae-901e-0062-3467-47fa6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d052f7437fe-FRA

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 773 B
1 KB 23ms
22ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldweekly.com&pubid=1326ecb8-453d-4895-a55f-8ba968e408d5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c868d4da7aa68f32fc15fdbf6928b0299e9ca2491e1767397310237df42f984f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:28:49 GMT
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 3468
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heraldweekly.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 773
x-amz-cf-id: wJ7Jbt5DEC29viE4CpntCYvMnqm5itI0bHtmO4pRcVm8tqyMxHjS7A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 69ms
22ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 22:59:20 GMT
x-amz-version-id: V2lSIFfe30G.NOL3Jg0JvcKQw0PMFHNY
content-encoding: gzip
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 34039
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 21 Mar 2023 22:59:14 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pwCQ23ClhBoxhjdHQOJuehZw5N-LcKNe_7W3ombtHQolH3t5ex_NsQ==

GET
H2 200 pubads_impl_2023031601.js Show response
securepubads.g.doubleclick.net/gpt/ 396 KB
134 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136618
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:37:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Mar 2024 07:37:34 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1019 B
478 B 102ms
57ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldweekly.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df92fb542f55f678e0d4037f988dd4f1fabb9c9309971cffabf4eba98219d52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Wed, 22 Mar 2023 08:26:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
77 KB 44ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MM30QFCR52&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-81920024-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0b9a573b4e136ae0fc9c2b715827919510b96f2c8692a4c23095208e430ac5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78903
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Mar 2023 08:26:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-81920024-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Mar 2023 07:19:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4025
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 22 Mar 2023 09:19:33 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 108ms
29ms Script
application/javascript 104.86.47.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.86.47.65 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-47-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 22 Mar 2023 08:41:38 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 92ms
35ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: 037BTZQJKQYKWKAR
age: 3407
etag: W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7abd0d058fe89a11-FRA
x-amz-id-2: 3ZDyDSgeRfyVVSAh3GfxJ4kNQciMYKTi/55hDh5DYTNL8pcmXctUGv5WpwM5NjY4JdFsL/rHnS4=

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
452 B 112ms
112ms XHR
text/plain 52.54.34.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.34.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-34-85.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 22 Mar 2023 08:26:38 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 343ms
112ms Preflight 52.54.34.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.34.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-34-85.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heraldweekly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 22 Mar 2023 08:26:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 himo
cmgl.heraldweekly.com/nunchaku/ 0
252 B 379ms
234ms Ping
text/html 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cmgl.heraldweekly.com/nunchaku/himo?_request_type=wp_ready&__logID=ac625361-46b2-5008-95e9-f09ee5f1525d
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v9_32/app.js?v=pheraldweekly.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
server: nginx/1.12.2
etag: 1679473598.6
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 132ms
69ms XHR
application/json 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7abd0d05cff70368-FRA
access-control-allow-headers: Content-Type

GET
H2 200 10047424.json Show response
s.yimg.com/wi/config/ 46 B
678 B 111ms
42ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10047424.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

5e8c835689b9f06096355d80f0a10df54f9b515c649639124992c18e33c3cfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:28 GMT
x-amz-version-id: T6RHQC4ENxUD6OHDWQ9M8MTZw1i9.n1K
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9JNRQNBNYK1RDGEQ
age: 11
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: 2zX1wnT+3QzhtXtIwqqujT8ZijPI1KrMyTrLlg2dlraew06Kcqq/3//Q0q0ALG12qolVxNwMFTo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 27 Sep 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 22 Aug 2022 21:00:27 GMT
server: ATS
etag: "e5246eef995badaf66dcaaae273bda01"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 27ms
26ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1850792658&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldweekly.com%2F&ul=en-us&de=UTF-8&dt=Herald%20Weekly%20%E2%80%93%20Breaking%20Entertainment%20News%20and%20Gossips&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2120402376&gjid=529159199&cid=2002215394.1679473598&tid=UA-81920024-4&_gid=1884042378.1679473598&_r=1&gtm=457e33k0&z=233020558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 80ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MM30QFCR52&gtm=45je33k0&_p=1850792658&_gaz=1&cid=2002215394.1679473598&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679473598&sct=1&seg=0&dl=https%3A%2F%2Fwww.heraldweekly.com%2F&dt=Herald%20Weekly%20%E2%80%93%20Breaking%20Entertainment%20News%20and%20Gossips&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MM30QFCR52&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 85ms
29ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MM30QFCR52&cid=2002215394.1679473598&gtm=45je33k0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MM30QFCR52&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 85ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MM30QFCR52&cid=2002215394.1679473598&gtm=45je33k0&aip=1&z=1704459952

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 68ms
27ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-81920024-4&cid=2002215394.1679473598&jid=2120402376&gjid=529159199&_gid=1884042378.1679473598&_u=YEBAAUAAAAAAACAAI~&z=1669009668

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Mar 2023 08:26:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldweekly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 himo
cmgl.heraldweekly.com/nunchaku/ 0
252 B 239ms
239ms Ping
text/html 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cmgl.heraldweekly.com/nunchaku/himo?_request_type=ga&__logID=3460d412-d0bd-4328-52dd-595975665660
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v9_32/app.js?v=pheraldweekly.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
server: nginx/1.12.2
etag: 1679473598.6
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/ 366 KB
74 KB 41ms
41ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: pY8Rr438h7Vb2adEFDW1VA==
age: 83121
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:32:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a343c80c-c01e-0032-4e67-47383a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d064ee06961-FRA
expires: Thu, 23 Mar 2023 08:26:38 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 83ms
32ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-81920024-4&cid=2002215394.1679473598&jid=2120402376&_u=YEBAAUAAAAAAACAAI~&z=396964783

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-81920024-4&cid=2002215394.1679473598&jid=2120402376&_u=YEBAAUAAAAAAACAAI~&z=396964783

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/21f79ac7-f9fb-4af3-afd8-6a16b36aeb6f/ 116 KB
19 KB 36ms
35ms Fetch
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e2d1040d-5b13-4339-9111-bce7a5da03da/21f79ac7-f9fb-4af3-afd8-6a16b36aeb6f/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9358be4e9fbfd4e3c266c88d50cc0b817b80fe65c5669d09e4c7aceeb7c4cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: ihDKbm1FhoEUJTyvr+aTHQ==
age: 81875
x-ms-lease-status: unlocked
last-modified: Sun, 07 Feb 2021 09:37:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 20cc657d-e01e-0078-6867-479bb5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d06c9ae37fe-FRA

GET
H2 200 iab2Data.json Show response
cookie-cdn.cookiepro.com/vendorlist/ 369 KB
54 KB 39ms
38ms Fetch
application/x-javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/vendorlist/iab2Data.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf3336f391a602df0d66921b3c6860afb9209ad3bbb1bec489394607e67ec6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: xg6JNQG6qP47IUyYLRxIDg==
age: 81896
x-ms-lease-status: unlocked
last-modified: Tue, 21 Mar 2023 04:02:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9db71454-b01e-00ae-3fd8-5b955c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d06c9af37fe-FRA
expires: Thu, 23 Mar 2023 08:26:38 GMT

GET
H2 200 otTCF.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/ 67 KB
15 KB 36ms
35ms Script
application/javascript 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otTCF.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: O4pYvrmqusOrAenZ/pvytA==
age: 83076
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:32:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8de69c95-101e-00b7-6767-4715e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d06cf7b6961-FRA
expires: Thu, 23 Mar 2023 08:26:38 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
63 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBJQTB2

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/wp-json/cmg-setup-manager/load-js/pr-djs-production-cmgid-7672d2aaf536167eb3309811f3d8d838?v=pheraldweekly.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

decf103b6621fa23a748fd1b5ff5ca11bd35357295e8d194a5cd4428d81ac990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64498
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Mar 2023 08:26:38 GMT

GET
H2 200 otCenterRounded.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/ 9 KB
3 KB 33ms
33ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/otCenterRounded.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: L0sZwKqEvb9GD/IAcZBCVQ==
age: 81874
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:31:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 52ccd2a7-101e-006c-0c67-47d3da000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d078aa837fe-FRA
expires: Thu, 23 Mar 2023 08:26:38 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/ 47 KB
12 KB 34ms
34ms Fetch
application/json 2606:4700:4400::6812:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 22 Mar 2023 08:26:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
content-md5: X6D86gIa8XOVqm7r1Vfyzg==
age: 82046
x-ms-lease-status: unlocked
last-modified: Thu, 28 Jan 2021 07:31:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6d3bdef7-d01e-005c-5567-476d15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7abd0d078aaa37fe-FRA
expires: Thu, 23 Mar 2023 08:26:38 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 94ms
22ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBJQTB2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 08:26:38 GMT
content-encoding: gzip
etag: "qnbLQo87mD/KmvsyZTIxlQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 29 Mar 2023 08:26:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 65ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Mar 2023 08:26:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Hhia2303qAD4Rguhy7PozvO5jc/Bsr2B7qvl0jYpvusr5oCCeSNRzjedyju9ElkiBWjqOB1rr221QVhvBe2iEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 145636400298825 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/145636400298825?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19ec2307971d59a8f45aa575d594217d747af0c8368bf8779d5dcb4c457ee918

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Mar 2023 08:26:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110260
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: dy9ypPrahBuCN/f9uu18BrJsb1PIUlCqVZ7YGMwYd45d3HOiZ8SIjMqoKAKdEvwo59ZwkU0PZSlOr28Usw2H1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-RgTEz2hsE2gsa.js Show response
rules.quantcount.com/ 2 KB
1 KB 75ms
19ms Script
application/javascript 2600:9000:223c:7e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-RgTEz2hsE2gsa.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7af23de298eb455bb81224797a7e85ac1ad1a7e378cf6031194a6886c98c2221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 07:40:57 GMT
content-encoding: gzip
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:04:58 GMT
server: AmazonS3
etag: W/"385ae5e0877e05a288dbf079ccf2b36c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: M9I2vAgGZOw9cJp_8ceH0siRsODhg8cGg7KHde4Yog4KtvjFcgiEVg==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 74ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=145636400298825&ev=PageView&dl=https%3A%2F%2Fwww.heraldweekly.com%2F&rl=&if=false&ts=1679473598892&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679473598891.1769066452&it=1679473598816&coo=false&rqm=GET

Requested by

Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Mar 2023 08:26:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
723 B 594ms
172ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=mZYmMbivqNvGOZagQUiWSJMWhXRiYzev-FE7fPshldVrkKD4Q03zDE0PD-E0zGNclhbFblMw==&pm_ct=2aa855a61c09d725ae61a45e&pm_pl=1679473598966&pm_td=7&pid=1000305&en=1.1&callback=__pm_glbl_ArgyHOQiGCxNL85JJ39mO4V8._gc1&v=31e685f
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000305
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b461ea5e8c3f60527ebc6d5132e22d6e617b4f90f5e2bbd4aac3ffbc07d9ae1a

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 22 Mar 2023 08:26:39 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.heraldweekly.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame B245 46 KB
16 KB 160ms
159ms Document
text/html 2600:9000:2396:e000:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=31e685f&pid=1000305
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000305
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:e000:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f7feeb101acefce53b5bd4d2831140f1c2a8627c222ad79ef868b3fc3c9cde3d

Request headers

Referer: https://www.heraldweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 6131
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Mar 2023 06:44:28 GMT
Last-Modified: Wed, 22 Mar 2023 06:20:50 GMT
Transfer-Encoding: chunked
Via: 1.1 50e461b059c65812f6d9298225ac4e9a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: VUpK7yZ_ICN8F5UrFsUYh0_0aR-q_NxXneNSaq7GM0v4e1FOCSldIw==
X-Amz-Cf-Pop: MCT50-P1
X-Cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame B3DB 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 8947d34d-1171-4e8a-b239-d296eaaa9291
https://www.heraldweekly.com/ 10 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldweekly.com/8947d34d-1171-4e8a-b239-d296eaaa9291
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 784ccde8e081279453382c7975e5fa2ecd8ff32d17b5334218fa9b399b8b8ded

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 10694
Content-Type: text/javascript

GET
BLOB 200
OK 9a01375f-3a6c-487d-ae4d-92b1960f0760
https://www.heraldweekly.com/ 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldweekly.com/9a01375f-3a6c-487d-ae4d-92b1960f0760
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK ee1ade82-c156-47b2-8e98-81a285f59179
https://www.heraldweekly.com/ 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldweekly.com/ee1ade82-c156-47b2-8e98-81a285f59179
Requested by: Host: www.heraldweekly.com
URL: https://www.heraldweekly.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame B245 0
564 B 303ms
153ms XHR
text/html 2600:9000:2396:e000:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=31e685f&pid=1000305
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=31e685f&pid=1000305
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:e000:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?v=31e685f&pid=1000305
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 06:44:28 GMT
Content-Encoding: gzip
Via: 1.1 50e461b059c65812f6d9298225ac4e9a.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Mar 2023 06:20:50 GMT
X-Amz-Cf-Pop: MCT50-P1
Age: 6131
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: y76FNLm_8Edh_ZuVIi_f3rw8rNS9XSynn7HXhA8eCrCBkJ49ioQVqw==

POST
H2 200 himo
cmgl.heraldweekly.com/nunchaku/ 0
253 B 162ms
161ms Ping
text/html 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cmgl.heraldweekly.com/nunchaku/himo?_request_type=dom_loaded&__logID=0f14c9de-60f2-d25e-9b09-68cff120af9f
Requested by: Host: bundle.heraldweekly.com
URL: https://bundle.heraldweekly.com/bundle/v9_32/app.js?v=pheraldweekly.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Mar 2023 08:26:39 GMT
server: nginx/1.12.2
etag: 1679473599.33
access-control-allow-methods: HEAD, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
BLOB 200
OK 977d78d9-d18c-4883-8136-cce5cdefa57d
https://www.heraldweekly.com/ 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.heraldweekly.com/977d78d9-d18c-4883-8136-cce5cdefa57d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 / Show response
www.facebook.com/tr/ Frame DE4B 0
76 B 21ms
20ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.heraldweekly.com
Referer: https://www.heraldweekly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.heraldweekly.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 08:26:39 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
276 B 182ms
181ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=mZYmMbivqNvGOZagQUiWSJMWhXRiYzev-FE7fPshldVrkKD4Q03zDE0PD-E0zGNclhbFblMw==&pm_ct=2aa855a61c09d725ae61a45e&pm_pl=1679473598966&pm_td=607&pid=1000305&en=1.1&callback=__pm_glbl_ArgyHOQiGCxNL85JJ39mO4V8._gc2&v=31e685f
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000305
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.heraldweekly.com
Date: Wed, 22 Mar 2023 08:26:39 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
276 B 222ms
221ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=mZYmMbivqNvGOZagQUiWSJMWhXRiYzev-FE7fPshldVrkKD4Q03zDE0PD-E0zGNclhbFblMw==&pm_ct=2aa855a61c09d725ae61a45e&pm_pl=1679473598966&pm_td=1282&pid=1000305&en=1.1&callback=__pm_glbl_ArgyHOQiGCxNL85JJ39mO4V8._gc3&v=31e685f
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000305
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.heraldweekly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.heraldweekly.com
Date: Wed, 22 Mar 2023 08:26:40 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 GettyImages-1025458362.v.jpg
www.heraldweekly.com/wp-content/uploads/2019/06/ 33 KB
34 KB 22ms
21ms Image
image/webp 2600:9000:2250:5000:2:900c:c500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldweekly.com/wp-content/uploads/2019/06/GettyImages-1025458362.v.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5000:2:900c:c500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fdf6dc82c6eca4ab5f73f53e4da8ab8faf5a290a81a7f7baf16c0505cdd2621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.heraldweekly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 09:00:01 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jul 2021 13:26:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 84403
etag: "718f553195d50491fc16bbadb2c3c79e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: private,max-age=172800
accept-ranges: bytes
content-length: 34272
x-amz-cf-id: sQS51OtSJbx2NZljD70YfNdZBAegHawZ_QHVI1Z5a6NfK4mJ0G7Wiw==

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.heraldweekly.com/	1970-01-20 19:16:49	Name: __country_iso Value: DE
.heraldweekly.com/	1970-01-20 19:16:49	Name: brUID Value: 37b0c582-395f-c828-9238-62553cb15c3b
www.heraldweekly.com/	1970-01-20 19:16:49	Name: brUID Value: 37b0c582-395f-c828-9238-62553cb15c3b
www.heraldweekly.com/	1970-01-20 19:16:49	Name: cmg_test_item Value: 1
www.heraldweekly.com/	1970-01-20 20:07:13	Name: CONSOLE_LOG_STATUS Value: %22DISABLED%22
.heraldweekly.com/	1970-01-20 10:32:39	Name: ctxpxl Value: "user_id_actual:2001..1b60..2..240..3247....9\054pv:1\054sub_id:\054utm_content:\054campaign_id:\054utm_medium:\054sid:8d12266b-f121-4baf-b5de-1a8a7ad9440b\054date:2023_03_22_08_26_38\054distributor_id:0"
.heraldweekly.com/	1970-01-20 10:32:39	Name: _gid Value: GA1.2.1884042378.1679473598
.heraldweekly.com/	1970-01-20 10:31:13	Name: _gat_gtag_UA_81920024_4 Value: 1
.heraldweekly.com/	1970-01-20 20:07:13	Name: _ga_MM30QFCR52 Value: GS1.1.1679473598.1.0.1679473598.60.0.0
.heraldweekly.com/	1970-01-20 20:07:13	Name: _ga Value: GA1.1.2002215394.1679473598
.cgstatic.info/	1970-01-20 19:16:49	Name: cmgcrossdomainid Value: 37b0c582-395f-c828-9238-62553cb15c3b
.cgstatic.info/	1970-01-20 19:16:49	Name: cmghstck Value: 586apcvM+isNaX+hZ+t84A4Qo2muRWDU2mfOTaO5zmS5dCHz8UMwsVrL4+pf2NDi
js.ad-score.com/	1970-01-20 20:07:13	Name: token Value: aywzXDWlFmqHS-v35f-iwvgFInmIWTTf
.www.heraldweekly.com/	1970-01-20 19:16:49	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Mar+22+2023+08%3A26%3A38+GMT%2B0000+(GMT)&version=6.13.0&hosts=&consentId=56b59d53-146d-459b-828b-bf2c77f8471e&interactionCount=0&landingPath=https%3A%2F%2Fwww.heraldweekly.com%2F&groups=C0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0001%3A1%2CSTACK42%3A0
.heraldweekly.com/	1970-01-20 12:40:49	Name: _fbp Value: fb.1.1679473598891.1769066452
www.heraldweekly.com/	1970-01-20 10:32:39	Name: pmtimesig Value: [[1679473598979,0]]
data.ad-score.com/	1970-01-20 20:07:13	Name: token Value: eTpkifERsuXAR-kb66-qDNQzJqvCuugb

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-stagingtwo.cgstatic.info
bundle.heraldweekly.com
c.amazon-adsystem.com
cdn.id5-sync.com
cmgl.heraldweekly.com
connect.facebook.net
cookie-cdn.cookiepro.com
data.ad-score.com
geolocation.onetrust.com
js.ad-score.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
rt.ad-score.com
rules.quantcount.com
s.yimg.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.heraldweekly.com
104.86.47.65
108.138.1.25
130.211.115.4
2001:4860:4802:34::36
2600:1f18:c3a:ef50:d18a:ad60:3fd4:90ae
2600:9000:223c:7e00:6:44e3:f8c0:93a1
2600:9000:2250:5000:2:900c:c500:93a1
2600:9000:2396:e000:a:deb0:3380:93a1
2606:4700:10::6816:3556
2606:4700:20::ac43:4773
2606:4700:4400::6812:2894
2606:4700:4400::6812:2b9e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1288:80:807::1
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.208.216.174
52.54.34.85
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
05fb4ada94f6bb3475806bd6a7ea4645a3d6175ec872adc723176120caf755f9
05fdf9adb93942174b548177cb84a36f06d35cd061af3dbbdda48f9b04938635
06696b31e78aa3edba9dd68048e1099757449f6999d1f9b175afbe1187c54d59
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
0887c61fee95b246aa9525884eedd07941d9d88abd699206f3d42bf04b6b8f43
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0ae133b83e7046fe51ba38d1537ebaa3910fa6215cf3196a781d030ce7051d1f
0bfadc2d96984a9734518258f4b3c0f3e0f01c7f4d2369a1cb638857869ed276
0c0eb14d4ff7b141dac7fa38e7a3393af20687858329ed165b7f123b9fdae4ea
13878e3dd497c916e61120c8612b0b49ec34fac99309e42b42305460bb40e921
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
13f86bd1a6d578ee82ca0c54a9a634e03d8d7db09380d72590b158f173f53790
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
19ec2307971d59a8f45aa575d594217d747af0c8368bf8779d5dcb4c457ee918
1f444f1122e7ad0f348c649a0b3aacf21e5a4ddd447ee66a84c36016e4c58b61
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
222ad86d08b79aaf56f99c63aed023156b8651eca376b1756e67a5dad27fc197
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2725951ad20590a6cfd29c4eb111783888956b8ba9e2ff1a7ee63d350f3cc52a
280c418878398094815112619b1c6881728e098bb7ea7954a88b2a46e307871b
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0
304d5927ffc6fc16d22a98bbe2e8e7748ec8d708f69c75f795e4e015976a55c6
3291ac8a5f226461cf7c0c0956b9318c297224203728c139cf24fd3118e230bd
3cb24dbe464c11454c898613d8b261503f2f0545784a71f8f5c1c0b928c13591
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45e13ea784dc2c415d78c90891d6bc7fa83c38e6a235ff375f546a86f2bfe2bb
46667cbc0697fbf35f264b8bad21108a87cf861c65df1c4d5d6dc301221829a6
4772ff86d8e35ea220ff7c72792dd88142eb32398a96ebb3cdebb9153bea081c
486a9196b3216052f589e21fa13740e6b1f30c481a00e99ca887495546027500
4f2d1269d897d21325133d6590899d5c1be3cc036e52745cd8e49eaccc1ae788
527c6dab5e112677363580e13251685f315c34df50a5922b80c707c26b61d998
5413c91b4bacc8f191713e0a56722bcc3d943f85a22f0f3b2d85c0214fbf730d
54fcdfae21f2461e688823ae53268977df41e73eecd2c5b1557f9b7dd70c7917
58e8dd238bb67fe34d901fdfa0869deb8683bb294e0f3ad69efdd0c6374b6bd7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5e8c835689b9f06096355d80f0a10df54f9b515c649639124992c18e33c3cfa6
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
652f7d8549433c82641121e8affb29b37a7bad83ea74c53ac3070c1d7a266e19
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67b9d7b1f22af1d1dd0c83c64ecdbb38f3337690ef0d66a01412e0df45361de8
6873d233fb31781d124482fcee4e762a372ec88e02c9bd2c3f9297102964842a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b81c3e6805c739c9afdc2fcce410e8c8ede00837eb53a622a59cc457a2d37be
6cf3336f391a602df0d66921b3c6860afb9209ad3bbb1bec489394607e67ec6e
784ccde8e081279453382c7975e5fa2ecd8ff32d17b5334218fa9b399b8b8ded
7af23de298eb455bb81224797a7e85ac1ad1a7e378cf6031194a6886c98c2221
7b0be6d18e238dc3e35530df2042ffd46acce39d3336efe2b318b9a02e6111e5
7ff1d8a5e6fc6180dbd8351db79e76d4cd2214742b59f866979486e4de2cc58b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fba83b8e3dffe1b00806247f13927f209ef1d0de65e7603dfa65fb89fef66e
8f01e17f6e30409eb233db4f5a64af5c41ccdb0b8ad3c5d3e111609555db3b9a
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9bf76e3b6ff15598df42730579cf2538f9501ebf5d9dd9e7cc3420c71fb92dc3
9c1ac92f4de4049e678423feaca1d37ec8299ef047ea374828f5fc4138415784
9c6e15fd75bc7a558f5a41ada1c207cb43020e441364c44e1d19510317927f0f
9fdf6dc82c6eca4ab5f73f53e4da8ab8faf5a290a81a7f7baf16c0505cdd2621
a0cf3ca5886b5dcfceb139f557b4b539b41528acce60f974a36a56f584e86f6c
a2824eed75ea9674e0dfd63c8a3902f18e9f6adb4bd62baf350f9bd6c1b9d316
a942dfde678c142ba7328220de2b153d22aeedd53ab46d44355fc0ae17035884
a999b3e04cbafc1df2662a566127fd15f2d3a8fa3d381d193b7902c6221327e8
aa0cbb56d9d33a7cc2c41cdeec9187b7cc99cae32b4235b4933cb176eab3d264
ab3cfcf3a97ed44abc05c16f5bf9f34c0d3d243e1802975fe38fac41bd2a2bd2
b2ab7bf1d5cfb6a51556c68ddccd82dc79c89db06826245ede28a4222d94f77d
b2e03c15af81ab88ac0c6cb37707a21edfde1bb2121c93549f2c8d1fecbbc6b4
b461ea5e8c3f60527ebc6d5132e22d6e617b4f90f5e2bbd4aac3ffbc07d9ae1a
b7d37117c0d1def0732213cb1209a9d5120eaaa7f39ef1b60dad325b15db70d7
b7ddb9a7b9d9d8ca1eabaa72461ff2a6fb61a05f60ee5a5fe82f50dc6d55c878
b8022c4ff9c42f0a7fbecf37bbfaaa07243fc53a0f571e5197a5744175a9f6e6
b9a6f9782a0afb7f1fd544d3ea925d4d22ec1cdc491f1201d0254a82e28649c6
ba920015f27943104f23f15e3cba0ea9c3576717ca7dd39bb5d576d2e1e6de9f
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
c0b9a573b4e136ae0fc9c2b715827919510b96f2c8692a4c23095208e430ac5c
c604b3a9a3f1464144a15ce0ae7853500a51074eafb1e6ab4221e29a9986813a
c868d4da7aa68f32fc15fdbf6928b0299e9ca2491e1767397310237df42f984f
c9358be4e9fbfd4e3c266c88d50cc0b817b80fe65c5669d09e4c7aceeb7c4cbc
cc1a41aee930136aeb287e2701783156c279b1a5ab0e5a94909158cbee48c74f
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d818557e781688fd2d2ce993da99031879dde8c83060ebc6d8600a197ebdcbef
dc2e34d273102ef86fdf48bf1d91807daece1828c8bfa5f7a48ce9636d2588ca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
decf103b6621fa23a748fd1b5ff5ca11bd35357295e8d194a5cd4428d81ac990
df92fb542f55f678e0d4037f988dd4f1fabb9c9309971cffabf4eba98219d52a
df9bdb5f1f9fa5310ca95b82b94d05747ee43f743c50621b9f93578c69c3aacb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c26c91b451af9063bf5a68a3167595ef2c18e472468f7d5a2a5c3fa9ed69be
e61b2e0550e873940d23a33c8c83fea46dd43ef12f5843fcbadcf8d66a762718
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4
e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7
ea00d868768a6e22e20849511cce8249a911098d30af038b57a3d1898e7f643c
ea719522f75824ed4d8ae18dfcaeb413aefdf20ec8162e1a9273563fde75c8cb
eafeb4fbd0e8a2618749567726f408b2334451feb21a04a4f0be0662487366ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7feeb101acefce53b5bd4d2831140f1c2a8627c222ad79ef868b3fc3c9cde3d
fc5db043edc53fa9f3f89920b35180b58a91ac31207169c6db9d730b49c4b91b

www.heraldweekly.com Open in urlscan Pro 2600:9000:2250:5000:2:900c:c500:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

96 %HTTPS

79 %IPv6

19 Domains

25 Subdomains

25 IPs

4 Countries

1968 kBTransfer

5101 kBSize

17 Cookies

7 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldweekly.com Open in urlscan Pro
2600:9000:2250:5000:2:900c:c500:93a1 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

96 %
HTTPS

79 %
IPv6

19
Domains

25
Subdomains

25
IPs

4
Countries

1968 kB
Transfer

5101 kB
Size

17
Cookies

109 HTTP transactions
3 data transactions