today.herald.bplaced.net Open in urlscan Pro
144.76.167.70  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 30

• http://today.herald.bplaced.net/favicon.ico
• http://info.extra.hu/

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response today.herald.bplaced.net/	24 KB 10 KB	1549ms 1540ms	Document text/html	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash fc88e22c49111edead371fc9a24cb9702cc55928acfe329d8df1636cf800a901 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Pragma no-cache Date Sat, 18 Feb 2017 14:04:25 GMT Content-Encoding gzip Server Apache/2.4 Vary Accept-Encoding Content-Type text/html Set-Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334; path=/ Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked Connection close Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	default.css today.herald.bplaced.net/templates/default/styles/	14 KB 3 KB	75ms 72ms	Stylesheet text/css	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://today.herald.bplaced.net/templates/default/styles/default.css Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash 7824bea621eb604ec072c92bbefd4ade17112981df1dac20d15f6b44cc6262f7 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://today.herald.bplaced.net/ Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334 Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:26 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2015 13:37:52 GMT Server Apache/2.4 ETag "38b8-520e2eba96c00-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 3141
GET H/1.1	200 OK	ddsmoothmenu.css today.herald.bplaced.net/templates/default/styles/	3 KB 1 KB	31ms 28ms	Stylesheet text/css	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://today.herald.bplaced.net/templates/default/styles/ddsmoothmenu.css Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash 5ce77a8602edf15115ddf514b6a2a5407b67b06f797d3996548b9f8d5ae2dbdc Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://today.herald.bplaced.net/ Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334 Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:26 GMT Content-Encoding gzip Last-Modified Sun, 18 Oct 2015 12:01:34 GMT Server Apache/2.4 ETag "a90-5225fca404380-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 1088
GET H/1.1	200 OK	plugins.css today.herald.bplaced.net/templates/default/styles/	391 B 208 B	12ms 10ms	Stylesheet text/css	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://today.herald.bplaced.net/templates/default/styles/plugins.css Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash 2b618f99677547d22422cbababe846216ac49dadc042f1d6152fa3b18e3d694d Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://today.herald.bplaced.net/ Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334 Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:26 GMT Content-Encoding gzip Last-Modified Wed, 17 Jun 2015 14:04:30 GMT Server Apache/2.4 ETag "187-518b72b69f780-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 208
GET H/1.1	200 OK	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.2.6/	54 KB 16 KB	81ms 41ms	Script text/javascript	2a00:1450:4010:c0e::5f Google Inc.
General Check archive.org Show headers Download Go to Full URL http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 2a00:1450:4010:c0e::5f , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software sffe / Resource Hash 928f0f1361a114f4b965df98e1b4cc11a9766a5292a29c79f13318edc3461dbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host ajax.googleapis.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept */* Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Thu, 16 Feb 2017 18:50:46 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 20 Dec 2016 18:17:03 GMT Server sffe Age 155620 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000, stale-while-revalidate=2592000 Timing-Allow-Origin * Content-Length 16841 X-XSS-Protection 1; mode=block Expires Fri, 16 Feb 2018 18:50:46 GMT
GET H/1.1	200 OK	ddsmoothmenu.js Show response today.herald.bplaced.net/templates/default/javascript/	8 KB 3 KB	74ms 72ms	Script application/javascript	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://today.herald.bplaced.net/templates/default/javascript/ddsmoothmenu.js Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash 6d4f0b084e8404b1c9d4a800f4f4a8efbd18bfdf5fde65762b301a63704bca45 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept */* Referer http://today.herald.bplaced.net/ Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334 Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:26 GMT Content-Encoding gzip Last-Modified Sun, 16 Nov 2014 09:56:30 GMT Server Apache/2.4 ETag "21e4-507f6e04c4f80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 3188
GET H/1.1	200 OK	search_button.png today.herald.bplaced.net/templates/default/images/	3 KB 3 KB	39ms 38ms	Image image/png	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://today.herald.bplaced.net/templates/default/images/search_button.png Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash e7e9bb950b3ceef3d85b30ade556920bb3f87de1860eb12ce24348f260343fd5 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334 Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Last-Modified Sun, 16 Nov 2014 09:56:28 GMT Server Apache/2.4 ETag "d09-507f6e02dcb00" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3337
GET H/1.1	200 OK	b.gif pixel.wp.com/	43 B 43 B	24ms 12ms	Image image/gif	192.0.76.3 Automattic
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/b.gif?host=minnesota.cbslocal.com&blog=15909630&post=721165&subd=cbsminnesota&ref=&feed=1 Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host pixel.wp.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	b.gif pixel.wp.com/	43 B 43 B	25ms 12ms	Image image/gif	192.0.76.3 Automattic
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/b.gif?host=minnesota.cbslocal.com&blog=15909630&post=721099&subd=cbsminnesota&ref=&feed=1 Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host pixel.wp.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	51874576.0.jpg cdn0.vox-cdn.com/thumbor/2gSHJEd5OuwZ0PDbyv-DUo5hVU0=/0x0%3A3000x2000/1310x873/cdn0.vox-cdn.com/uploads/chorus_image/image/53296391/	90 KB 90 KB	126ms 98ms	Image image/webp	151.101.112.124 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.vox-cdn.com/thumbor/2gSHJEd5OuwZ0PDbyv-DUo5hVU0=/0x0%3A3000x2000/1310x873/cdn0.vox-cdn.com/uploads/chorus_image/image/53296391/51874576.0.jpg Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.124 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash ad5d67ac75f725cc204d0354fb718bdcd8ba28b9832b76499bb16563ce6f748b Request headers :path /thumbor/2gSHJEd5OuwZ0PDbyv-DUo5hVU0=/0x0%3A3000x2000/1310x873/cdn0.vox-cdn.com/uploads/chorus_image/image/53296391/51874576.0.jpg pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept image/webp,image/*,*/*;q=0.8 cache-control no-cache :authority cdn0.vox-cdn.com referer http://today.herald.bplaced.net/ :scheme https :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers date Sat, 18 Feb 2017 14:04:27 GMT via 1.1 varnish-v4 1.1 varnish 1.1 varnish age 30 x-cache HIT, MISS status 200 x-cache-hits 1, 0 content-length 91722 x-served-by cache-iad2135-IAD, cache-hhn1530-HHN cache-control max-age=315576000,public x-timer S1487426667.074202,VS0,VE92 etag "fe520bd08a02213ef3fc3fcd5321311771e933ac" vary Accept content-type image/webp fastly-debug-digest ed6da07b4516183d97c2b358cc57df63140b79b605e387b106b2375ed66f5916 accept-ranges bytes expires Fri, 19 Feb 2027 02:04:00 GMT
GET H/1.1	200 OK	nesta-carter1359-320x198.gif www.nationnews.com/IMG/760/72760/	52 KB 52 KB	398ms 198ms	Image image/gif	128.199.137.182 DIGITALOCEAN-AS-A...
General Check archive.org Show headers Download Go to Show image Full URL http://www.nationnews.com/IMG/760/72760/nesta-carter1359-320x198.gif Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 128.199.137.182 Singapore, Singapore, ASN133165 (DIGITALOCEAN-AS-AP Digital Ocean, Inc., SG), Reverse DNS Software nginx / Resource Hash 5c94a48c30b06911a8bdb285b2aaf08f57d400fa551c3f3b09f94b2bbd52c806 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.nationnews.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Last-Modified Thu, 09 Feb 2017 13:12:12 GMT Server nginx Content-Type image/gif Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 52980 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	404 Not Found	2714b5fa-3db4-4260-8631-2524b9a3d823.jpg i.amz.mshcdn.com/DMQtKJNriGJbve1REM7p6Jrjoz4=/575x323/filters%3Aquality(90)/https%3A//blueprint-api-production.s3.amazonaws.com/uploads/story/thumbnail/37186/	0 0	391ms 384ms	Image text/html	2a02:26f0:122::215:f623 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://i.amz.mshcdn.com/DMQtKJNriGJbve1REM7p6Jrjoz4=/575x323/filters%3Aquality(90)/https%3A//blueprint-api-production.s3.amazonaws.com/uploads/story/thumbnail/37186/2714b5fa-3db4-4260-8631-2524b9a3d823.jpg Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 2a02:26f0:122::215:f623 , European Union, ASN20940 (AKAMAI-ASN1 , US), Reverse DNS Software nginx/1.8.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host i.amz.mshcdn.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Server nginx/1.8.1 X-Varnish 1638411972 1638410358 Cache-Control public, max-age=7200 Connection keep-alive Accept-Ranges bytes Content-Type text/html; charset=UTF-8 Content-Length 0
GET H2	200	1*pg67R51YRtXnnoYEoeHWhg.jpeg cdn-images-1.medium.com/max/1024/	112 KB 112 KB	36ms 10ms	Image image/jpeg	2400:cb00:2048:1::6810:7691 CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-images-1.medium.com/max/1024/1*pg67R51YRtXnnoYEoeHWhg.jpeg Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2400:cb00:2048:1::6810:7691 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Geomyidae artificij Resource Hash 781818d6bf3c4d7f209334044cfc931c3c0c044a3495acb94ff81874abbb7fc8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers :path /max/1024/1*pg67R51YRtXnnoYEoeHWhg.jpeg pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept image/webp,image/*,*/*;q=0.8 cache-control no-cache :authority cdn-images-1.medium.com referer http://today.herald.bplaced.net/ :scheme https :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers date Sat, 18 Feb 2017 14:04:27 GMT x-content-type-options nosniff cf-cache-status HIT x-powered-by Geomyidae artificij x-obvious-info 16.3, 2795-f18d8a7 status 200 vary Accept-Encoding content-length 114463 pragma public server cloudflare-nginx etag "16.3" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 set-cookie __cfduid=d8018c3be26b5f12e1186abd31a2e07b71487426667; expires=Sun, 18-Feb-18 14:04:27 GMT; path=/; domain=.medium.com; HttpOnly accept-ranges bytes cf-ray 3332073d3d1627a4-FRA expires Mon, 20 Mar 2017 14:04:27 GMT
GET H/1.1	200 OK	b.gif pixel.wp.com/	43 B 43 B	25ms 13ms	Image image/gif	192.0.76.3 Automattic
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/b.gif?host=newyork.cbslocal.com&blog=14578484&post=1345146&subd=cbsnewyork&ref=&feed=1 Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host pixel.wp.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	1*c2851drgno21x3UFWF0Gxw.png cdn-images-1.medium.com/max/1024/	451 KB 451 KB	54ms 28ms	Image image/png	2400:cb00:2048:1::6810:7691 CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-images-1.medium.com/max/1024/1*c2851drgno21x3UFWF0Gxw.png Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2400:cb00:2048:1::6810:7691 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Geomyidae artificij Resource Hash c3445c4c9caaeb7646c5646b41cd34934cf9b65cd689f56919dfa46cf35bc45a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers :path /max/1024/1*c2851drgno21x3UFWF0Gxw.png pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept image/webp,image/*,*/*;q=0.8 cache-control no-cache :authority cdn-images-1.medium.com referer http://today.herald.bplaced.net/ :scheme https :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers date Sat, 18 Feb 2017 14:04:27 GMT x-content-type-options nosniff cf-cache-status HIT x-powered-by Geomyidae artificij x-obvious-info 16.3, 2795-f18d8a7 status 200 vary Accept-Encoding content-length 461615 pragma public server cloudflare-nginx etag "16.3" strict-transport-security max-age=15552000; includeSubDomains; preload content-type image/png access-control-allow-origin * cache-control public, max-age=2592000 set-cookie __cfduid=d8018c3be26b5f12e1186abd31a2e07b71487426667; expires=Sun, 18-Feb-18 14:04:27 GMT; path=/; domain=.medium.com; HttpOnly accept-ranges bytes cf-ray 3332073d3d1727a4-FRA expires Mon, 20 Mar 2017 14:04:27 GMT
GET H/1.1	200 OK	b.gif pixel.wp.com/	43 B 43 B	25ms 13ms	Image image/gif	192.0.76.3 Automattic
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/b.gif?host=cleveland.cbslocal.com&blog=19705111&post=342119&subd=cbscleveland&ref=&feed=1 Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host pixel.wp.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	reset.css today.herald.bplaced.net/templates/default/styles/	953 B 560 B	12ms 11ms	Stylesheet text/css	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://today.herald.bplaced.net/templates/default/styles/reset.css Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash 3876c6f0c824963f889d8002be7b3930779f30db0626b75bc638ea6620e7e4b9 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://today.herald.bplaced.net/ Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334 Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:26 GMT Content-Encoding gzip Last-Modified Sun, 16 Nov 2014 09:56:28 GMT Server Apache/2.4 ETag "3b9-507f6e02dcb00-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 560
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	52 KB 19 KB	62ms 30ms	Script text/javascript	2a00:1450:400f:807::2002 Google Inc.
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 2a00:1450:400f:807::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software cafe / Resource Hash 9348889b9a139580675c7cde65fc2e56ff24f3b428270b3726ee2bf99740ba68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host pagead2.googlesyndication.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept */* Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Timing-Allow-Origin * Date Sat, 18 Feb 2017 13:38:37 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe Age 1550 ETag 3015804920548708397 P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control public, max-age=3600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 19738 X-XSS-Protection 1; mode=block Expires Sat, 18 Feb 2017 14:38:37 GMT
GET H2	200	plusone.js Show response apis.google.com/js/	41 KB 16 KB	139ms 70ms	Script application/javascript	2a00:1450:400f:808::200e Google Inc.
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/plusone.js Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:400f:808::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software ESF / Resource Hash 080cc22fb3689175655e372ca9131f2e1373b470743412975e25e162695bedfe Security Headers Name Value Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20170216.17_p0 Strict-Transport-Security max-age=10886400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /js/plusone.js pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept */* cache-control no-cache :authority apis.google.com referer http://today.herald.bplaced.net/ :scheme https x-client-data CIi2yQEIpLbJAQ== :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers content-security-policy script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20170216.17_p0 content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info." status 200 strict-transport-security max-age=10886400 alt-svc quic=":443"; ma=2592000; v="35,34" etag "a354ee188c4dd3dd078cba4b7f63ccfe" x-ua-compatible IE=edge, chrome=1 server ESF date Sat, 18 Feb 2017 14:04:27 GMT x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block cache-control private, max-age=1800, stale-while-revalidate=1800 set-cookie NID=97=maFbQR2e-jxlgOPhBXhpmMhzdcEBxWLowWDnAJ1LVE5yaKUJ7aXWa4cTJmSfKcoz_o4ptiYV23pqzeHbLHwpKzC4Xm2TWxw1k3Zhll64ONK7mgmHT6EWFnog0Vgsv9r7;Domain=.google.com;Path=/;Expires=Sun, 20-Aug-2017 14:04:27 GMT;HttpOnly timing-allow-origin * expires Sat, 18 Feb 2017 14:04:27 GMT
GET H2	200	ca-pub-9917716591664734.js Show response pagead2.googlesyndication.com/pub-config/r20160913/	108 B 126 B	96ms 31ms	Script text/javascript	2a00:1450:400f:807::2002 Google Inc.
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9917716591664734.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:400f:807::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software sffe / Resource Hash 809aff888a1f0aa605fec635b41cdf72d9c35a4028642b167ccae58fa8b46e7a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /pub-config/r20160913/ca-pub-9917716591664734.js pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept */* cache-control no-cache :authority pagead2.googlesyndication.com referer http://today.herald.bplaced.net/ :scheme https x-client-data CIi2yQEIpLbJAQ== :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers date Sat, 18 Feb 2017 10:25:25 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 17 Feb 2017 19:45:14 GMT server sffe age 13142 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=43200 alt-svc quic=":443"; ma=2592000; v="35,34" content-length 117 x-xss-protection 1; mode=block expires Sat, 18 Feb 2017 22:25:25 GMT
GET		zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20170213/r20170110/ Frame 8168	0 0
GET H/1.1	200 OK	show_ads_impl.js Show response pagead2.googlesyndication.com/pagead/js/r20170213/r20170110/ Frame 8168	177 KB 66 KB	50ms 50ms	Script text/javascript	2a00:1450:400f:807::2002 Google Inc.
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/r20170213/r20170110/show_ads_impl.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol HTTP/1.1 Server 2a00:1450:400f:807::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software cafe / Resource Hash 429efa6522ab1bad66588fe6bf93518a3bbbce9b20172d2bba4ee99316029bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host pagead2.googlesyndication.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept */* Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Timing-Allow-Origin * Date Sat, 18 Feb 2017 14:04:27 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 2162105480492758953 P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=1209600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 67118 X-XSS-Protection 1; mode=block Expires Sat, 18 Feb 2017 14:04:27 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.AUUp1d_InB4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPCMAJj7r4Lhgp0Z20an0qJzM2bbw/	115 KB 41 KB	36ms 36ms	Script text/javascript	2a00:1450:400f:808::200e Google Inc.
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.AUUp1d_InB4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPCMAJj7r4Lhgp0Z20an0qJzM2bbw/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/plusone.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:400f:808::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software sffe / Resource Hash c98839c1a571bd65170d98128fa027c6fccca0835a8b493343a9344eeb4d687b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /_/scs/apps-static/_/js/k=oz.gapi.de.AUUp1d_InB4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPCMAJj7r4Lhgp0Z20an0qJzM2bbw/cb=gapi.loaded_0 pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept */* cache-control no-cache :authority apis.google.com cookie NID=97=maFbQR2e-jxlgOPhBXhpmMhzdcEBxWLowWDnAJ1LVE5yaKUJ7aXWa4cTJmSfKcoz_o4ptiYV23pqzeHbLHwpKzC4Xm2TWxw1k3Zhll64ONK7mgmHT6EWFnog0Vgsv9r7 :scheme https referer http://today.herald.bplaced.net/ x-client-data CIi2yQEIpLbJAQ== :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers date Fri, 17 Feb 2017 18:48:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 17 Feb 2017 03:51:46 GMT server sffe age 69348 vary Accept-Encoding content-type text/javascript; charset=UTF-8 status 200 cache-control public, immutable, max-age=31536000 alt-svc quic=":443"; ma=2592000; v="35,34" content-length 41683 x-xss-protection 1; mode=block expires Sat, 17 Feb 2018 18:48:39 GMT
GET H/1.1	200 OK	sdk.js Show response connect.facebook.net/en_US/	194 KB 60 KB	12ms 6ms	Script application/x-javascript	2a03:2880:f01c:6:face:b00c:0:1 Facebook
General Check archive.org Show headers Download Go to Full URL http://connect.facebook.net/en_US/sdk.js Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 2a03:2880:f01c:6:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 8a9633483c11e5cf3adcdc76cc64d2f14523972dba89bbc224e626d095c2fc3b Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host connect.facebook.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept */* Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Strict-Transport-Security max-age=15552000; preload Content-Encoding gzip X-Content-Type-Options nosniff X-XSS-Protection 0 Content-MD5 VsP776EOblra5NnaE3ZQHA== Connection keep-alive Vary Accept-Encoding Content-Length 61586 ETag "51682d44b2e27fcec87cd5b04eb78a4e" X-FB-Debug jwllW/hpUF+qX8hur3z+bJqZ6NLQ0/Nhp3WKwxUZBhmrs2eI7AoDmi17+rYz/uqFaVrO/Zio64ylJhVhaEl/pw== x-fb-content-md5 b37fbb33ea3bb16fc3919b81260d637b Date Sat, 18 Feb 2017 14:04:27 GMT X-Frame-Options DENY Content-Type application/x-javascript; charset=utf-8 Access-Control-Expose-Headers X-FB-Content-MD5 Cache-Control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * Expires Sat, 18 Feb 2017 14:11:44 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	113 KB 32 KB	11ms 5ms	Script application/javascript	199.96.57.6 Twitter Inc.
General Check archive.org Show headers Download Go to Full URL http://platform.twitter.com/widgets.js Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US), Reverse DNS Software / Resource Hash a8549ef4f48d5cd70510fbc7ab50d309837170a374ae38f335b73fc736c5a08e Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host platform.twitter.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept */* Referer http://today.herald.bplaced.net/ Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Content-Encoding gzip Age 1291 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Connection keep-alive Content-Length 32900 X-Served-By cache-tw-fra1-cr1-16-TWFRA1 Last-Modified Fri, 17 Feb 2017 17:11:32 GMT X-Timer S1487426667.284240,VS0,VE0 Etag "aa4972af0eeee0612a603ddd0cf91d7a+gzip" Vary Accept-Encoding,Host Content-Type application/javascript; charset=utf-8 Via 1.1 varnish Cache-Control public, max-age=1800 Accept-Ranges bytes
GET H/1.1	200 OK	down.gif today.herald.bplaced.net/templates/default/images/	854 B 854 B	11ms 10ms	Image image/gif	144.76.167.70 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://today.herald.bplaced.net/templates/default/images/down.gif Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol HTTP/1.1 Server 144.76.167.70 , Germany, ASN24940 (HETZNER-AS , DE), Reverse DNS server2.bplaced.net Software Apache/2.4 / Resource Hash c4701cacedfda8d2883e40d3f0f88e01e3a927880a7b6a4fcc5060cc0d105a34 Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host today.herald.bplaced.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Accept image/webp,image/*,*/*;q=0.8 Referer http://today.herald.bplaced.net/ Cookie PHPSESSID=6ecc14143717f91445d86d7d626a4334 Connection keep-alive Cache-Control no-cache Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers Date Sat, 18 Feb 2017 14:04:27 GMT Last-Modified Sun, 16 Nov 2014 09:56:30 GMT Server Apache/2.4 ETag "356-507f6e04c4f80" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 854
GET		ads googleads.g.doubleclick.net/pagead/ Frame 8168	0 0
GET H2	200	osd.js Show response pagead2.googlesyndication.com/pagead/ Frame 8168	76 KB 28 KB	31ms 31ms	Script text/javascript	2a00:1450:400f:807::2002 Google Inc.
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/osd.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/r20170213/r20170110/show_ads_impl.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:400f:807::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software cafe / Resource Hash d3a36e9a1fcdf9451c8dbc49337bd1926c14334c7112ce3090c48881b78637ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :path /pagead/osd.js pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept */* cache-control no-cache :authority pagead2.googlesyndication.com referer http://today.herald.bplaced.net/ :scheme https x-client-data CIi2yQEIpLbJAQ== :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers date Sat, 18 Feb 2017 13:58:09 GMT content-encoding gzip x-content-type-options nosniff age 378 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="35,34" content-length 28735 x-xss-protection 1; mode=block server cafe etag 3192815125381720603 content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Sat, 18 Feb 2017 14:58:09 GMT
GET H2	200	/ www.facebook.com/impression.php/f3538f2ba56e7bc/	43 B 57 B	73ms 56ms	Image image/gif	2a03:2880:f11c:83:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/impression.php/f3538f2ba56e7bc/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D Requested by Host: today.herald.bplaced.net URL: http://today.herald.bplaced.net/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f11c:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :path /impression.php/f3538f2ba56e7bc/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D pragma no-cache accept-encoding gzip, deflate, sdch, br accept-language en-US,en;q=0.8 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 accept image/webp,image/*,*/*;q=0.8 cache-control no-cache :authority www.facebook.com referer http://today.herald.bplaced.net/ :scheme https :method GET Referer http://today.herald.bplaced.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; content-encoding br x-content-type-options nosniff status 200 vary Origin Accept-Encoding x-xss-protection 0 pragma no-cache x-fb-debug 8x/ht9gFGpU77kaCFeHtNaz4P+S9gCBcrx9y+6SYga4CJygopMVygt4Sz94UNUd69Twu9efIrMWztOITPqQwjg== date Sat, 18 Feb 2017 14:04:27 GMT strict-transport-security max-age=15552000; preload public-key-pins-report-only max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/" access-control-allow-origin https://www.facebook.com access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif access-control-allow-method OPTIONS expires Sat, 01 Jan 2000 00:00:00 GMT
GET		ao6eUeuGXQq.js staticxx.facebook.com/connect/xd_arbiter/r/ Frame 8168	0 0
GET		ao6eUeuGXQq.js staticxx.facebook.com/connect/xd_arbiter/r/ Frame 8168	0 0
GET		/ info.extra.hu/ Redirect Chain http://today.herald.bplaced.net/favicon.ico http://info.extra.hu/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/html/r20170213/r20170110/zrt_lookup.html

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9917716591664734&format=300x600&output=html&h=600&slotname=5402801202&adk=2387405048&adf=4215334027&w=300&lmt=1487426667&flash=24.0.0&url=http%3A%2F%2Ftoday.herald.bplaced.net%2F&wgl=1&dt=1487426667198&bpp=8&bdt=285&fdt=10&idt=178&shv=r20170213&cbv=r20170110&saldr=aa&correlator=6612569358656&frm=20&ga_vid=1193726969.1487426667&ga_sid=1487426667&ga_hid=1141717135&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=freightsans_pro&dfs=16&adx=1037&ady=215&biw=1583&bih=1132&eid=4089036%2C575144605&oid=3&rx=0&eae=0&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1132&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=ZFVao0tZnY&p=http%3A//today.herald.bplaced.net&dtd=199

Domain

staticxx.facebook.com

URL

http://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42

Domain

staticxx.facebook.com

URL

https://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42

Domain

info.extra.hu

URL

http://info.extra.hu/

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			today.herald.bplaced.net/	1970-01-01 00:00:00	Name: PHPSESSID Value: 6ecc14143717f91445d86d7d626a4334

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
cdn-images-1.medium.com
cdn0.vox-cdn.com
connect.facebook.net
googleads.g.doubleclick.net
i.amz.mshcdn.com
info.extra.hu
pagead2.googlesyndication.com
pixel.wp.com
platform.twitter.com
staticxx.facebook.com
today.herald.bplaced.net
www.facebook.com
www.nationnews.com
googleads.g.doubleclick.net
info.extra.hu
staticxx.facebook.com
128.199.137.182
144.76.167.70
151.101.112.124
192.0.76.3
199.96.57.6
2400:cb00:2048:1::6810:7691
2a00:1450:400f:807::2002
2a00:1450:400f:808::200e
2a00:1450:4010:c0e::5f
2a02:26f0:122::215:f623
2a03:2880:f01c:6:face:b00c:0:1
2a03:2880:f11c:83:face:b00c:0:25de
080cc22fb3689175655e372ca9131f2e1373b470743412975e25e162695bedfe
2b618f99677547d22422cbababe846216ac49dadc042f1d6152fa3b18e3d694d
3876c6f0c824963f889d8002be7b3930779f30db0626b75bc638ea6620e7e4b9
429efa6522ab1bad66588fe6bf93518a3bbbce9b20172d2bba4ee99316029bee
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c94a48c30b06911a8bdb285b2aaf08f57d400fa551c3f3b09f94b2bbd52c806
5ce77a8602edf15115ddf514b6a2a5407b67b06f797d3996548b9f8d5ae2dbdc
6d4f0b084e8404b1c9d4a800f4f4a8efbd18bfdf5fde65762b301a63704bca45
781818d6bf3c4d7f209334044cfc931c3c0c044a3495acb94ff81874abbb7fc8
7824bea621eb604ec072c92bbefd4ade17112981df1dac20d15f6b44cc6262f7
809aff888a1f0aa605fec635b41cdf72d9c35a4028642b167ccae58fa8b46e7a
8a9633483c11e5cf3adcdc76cc64d2f14523972dba89bbc224e626d095c2fc3b
928f0f1361a114f4b965df98e1b4cc11a9766a5292a29c79f13318edc3461dbc
9348889b9a139580675c7cde65fc2e56ff24f3b428270b3726ee2bf99740ba68
a8549ef4f48d5cd70510fbc7ab50d309837170a374ae38f335b73fc736c5a08e
ad5d67ac75f725cc204d0354fb718bdcd8ba28b9832b76499bb16563ce6f748b
c3445c4c9caaeb7646c5646b41cd34934cf9b65cd689f56919dfa46cf35bc45a
c4701cacedfda8d2883e40d3f0f88e01e3a927880a7b6a4fcc5060cc0d105a34
c98839c1a571bd65170d98128fa027c6fccca0835a8b493343a9344eeb4d687b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3a36e9a1fcdf9451c8dbc49337bd1926c14334c7112ce3090c48881b78637ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e9bb950b3ceef3d85b30ade556920bb3f87de1860eb12ce24348f260343fd5
fc88e22c49111edead371fc9a24cb9702cc55928acfe329d8df1636cf800a901