www.henryherald.com Open in urlscan Pro
192.104.183.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_48...
Submission: On August 12 via manual (August 12th 2023, 3:45:02 pm UTC) from US — Scanned from US

Summary HTTP 262 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 4 countries across 56 domains to perform 262 HTTP transactions. The main IP is 192.104.183.209, located in United States and belongs to LEE-ASN, US. The main domain is www.henryherald.com.
TLS certificate: Issued by GTS CA 1P5 on July 18th 2023. Valid for: 3 months.

This is the only time www.henryherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	192.104.183.209 192.104.183.209	10668 (LEE-ASN) (LEE-ASN)
7	2606:4700::68... 2606:4700::6812:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	52.217.106.70 52.217.106.70	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:21e... 2600:9000:21ea:5a00:c:8c50:2440:21	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:303... 2606:4700:3034::6815:880	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:5367	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.139.29.105 108.139.29.105	16509 (AMAZON-02) (AMAZON-02)
23	2606:4700:e6:... 2606:4700:e6::ac40:cf23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4006:816::2014	15169 (GOOGLE) (GOOGLE)
4	151.101.66.182 151.101.66.182	54113 (FASTLY) (FASTLY)
9	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
3	108.138.107.138 108.138.107.138	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f1:6e00:1b:83f3:bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
1	130.211.10.17 130.211.10.17	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:b48:9001::1 2a02:b48:9001::1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	18.164.116.73 18.164.116.73	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:23c... 2600:9000:23ca:a200:1e:fdf8:aac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	18.208.29.47 18.208.29.47	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:141b:13:... 2600:141b:13::17d7:82ab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	14618 (AMAZON-AES) (AMAZON-AES)
5	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
5	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:251... 2600:9000:2511:d400:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	104.18.25.112 104.18.25.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	3.227.250.191 3.227.250.191	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
4	13.225.223.151 13.225.223.151	16509 (AMAZON-02) (AMAZON-02)
1	52.22.33.131 52.22.33.131	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	23.77.173.8 23.77.173.8	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700::68... 2606:4700::6812:4a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
1	34.149.139.129 34.149.139.129	15169 (GOOGLE) (GOOGLE)
1	3.228.223.152 3.228.223.152	14618 (AMAZON-AES) (AMAZON-AES)
1	54.230.163.108 54.230.163.108	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1 7	104.18.1.32 104.18.1.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.58.62 34.120.58.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
4	34.233.227.88 34.233.227.88	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.63.33 13.225.63.33	16509 (AMAZON-02) (AMAZON-02)
1	35.81.90.104 35.81.90.104	16509 (AMAZON-02) (AMAZON-02)
2	52.5.49.175 52.5.49.175	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	63.251.86.50 63.251.86.50	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	69.166.1.9 69.166.1.9	27630 (AS-XFERNET) (AS-XFERNET)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
262	66

11 192.104.183.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.henryherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:807::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80c::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.106.70 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ea:5a00:c:8c50:2440:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d3uvwl4wtkgzo1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:880 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.otto-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5367 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

otto-js.us.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.29.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-105.jfk50.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:e6::ac40:cf23 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.whizzco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.whizzco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2014 (Stony Point, United States)

ASN15169 (GOOGLE, US)

japfg-trending-content.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.182 (United States)

ASN54113 (FASTLY, US)

core.spreedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80c::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:6e00:1b:83f3:bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:822::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.10.211.130.bc.googleusercontent.com

www.justapinch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b48:9001::1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn-p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.116.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-73.jfk50.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:a200:1e:fdf8:aac0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

matchadsrvr.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.29.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-29-47.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:13::17d7:82ab (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn2.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.netizen.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:d400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.112 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.227.250.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-250-191.compute-1.amazonaws.com

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.33.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-33-131.compute-1.amazonaws.com

gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.77.173.8 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-173-8.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:4a5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.139.129 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 129.139.149.34.bc.googleusercontent.com

decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.223.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-223-152.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.163.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-108.ewr53.r.cloudfront.net

shopper.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.1.32 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com

www.americanhometownmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.233.227.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-227-88.compute-1.amazonaws.com

trends.netizen.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-33.ewr53.r.cloudfront.net

images.wishabi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.90.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-90-104.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.49.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-49-175.compute-1.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

justapinch-com-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.9 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 15692	582 KB
23	whizzco.com cdn.whizzco.com — Cisco Umbrella Rank: 68040 api.whizzco.com — Cisco Umbrella Rank: 65658	15 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	578 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114	242 KB
11	henryherald.com www.henryherald.com	202 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	603 KB
8	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 96	108 KB
7	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1560 cd.connatix.com — Cisco Umbrella Rank: 3301 cds.connatix.com — Cisco Umbrella Rank: 3503 vid.connatix.com Failed pl.connatix.com Failed	341 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 377	123 KB
6	amazonaws.com s3.amazonaws.com kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1604	21 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 ampcid.google.com — Cisco Umbrella Rank: 2411 analytics.google.com — Cisco Umbrella Rank: 180	31 KB
5	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 7069 img.revcontent.com — Cisco Umbrella Rank: 12046 yeet.revcontent.com — Cisco Umbrella Rank: 8188	17 KB
5	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8266 c.mgid.com — Cisco Umbrella Rank: 6335 cdn.mgid.com — Cisco Umbrella Rank: 11358	98 KB
5	netizen.co assets.netizen.co — Cisco Umbrella Rank: 53250 trends.netizen.co — Cisco Umbrella Rank: 51778	63 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1579	35 KB
4	azureedge.net csp.azureedge.net — Cisco Umbrella Rank: 26940	10 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 423	52 KB
4	flipp.com p.flipp.com — Cisco Umbrella Rank: 11389 shopper.flipp.com — Cisco Umbrella Rank: 24418	116 KB
4	spreedly.com core.spreedly.com — Cisco Umbrella Rank: 24752	197 KB
3	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1504	127 KB
3	yieldmo.com 1 redirects static.yieldmo.com — Cisco Umbrella Rank: 2507 matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 2859 ads.yieldmo.com — Cisco Umbrella Rank: 672	131 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357	64 KB
3	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 11548 gateflipp.flippback.com — Cisco Umbrella Rank: 17128	74 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com Failed	3 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 757	606 B
2	openx.net justapinch-com-d.openx.net — Cisco Umbrella Rank: 45152	982 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 553 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 592	67 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 886	12 KB
2	decide.dev cdn2.decide.dev — Cisco Umbrella Rank: 27757 decide.dev — Cisco Umbrella Rank: 20580	5 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 356	40 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 368	888 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 410	837 B
2	appspot.com japfg-trending-content.appspot.com — Cisco Umbrella Rank: 49920	4 KB
2	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 27553 cdn-p.cityspark.com — Cisco Umbrella Rank: 18923	32 KB
2	auth0.com 1 redirects otto-js.us.auth0.com	1 KB
2	otto-js.com 2 redirects app.otto-js.com	1 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	176 KB
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2533	718 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1174	177 B
1	wishabi.net images.wishabi.net — Cisco Umbrella Rank: 21081	16 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	28 KB
1	americanhometownmedia.com www.americanhometownmedia.com — Cisco Umbrella Rank: 58826	103 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1147	406 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216	608 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1617	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1378	9 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 617	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1676	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1539	1 KB
1	quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 1026	373 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 363	530 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 806	634 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 641	256 B
1	justapinch.com www.justapinch.com — Cisco Umbrella Rank: 58330	22 KB
1	cloudfront.net 1 redirects d3uvwl4wtkgzo1.cloudfront.net	599 B
262	56

	Domain	Requested by
60	bloximages.newyork1.vip.townnews.com	www.henryherald.com
20	api.whizzco.com	cdn.whizzco.com
11	www.henryherald.com	www.henryherald.com
9	www.googletagmanager.com	www.henryherald.com www.googletagmanager.com
8	lh3.googleusercontent.com	www.henryherald.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	cdn.cookielaw.org	www.henryherald.com cdn.cookielaw.org
6	www.gstatic.com	www.henryherald.com www.google.com www.gstatic.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	securepubads.g.doubleclick.net	www.henryherald.com securepubads.g.doubleclick.net cd.connatix.com
4	trends.netizen.co	assets.netizen.co
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com decide.dev
4	cdn.segment.com	www.henryherald.com cdn.segment.com
4	kinesis.us-east-1.amazonaws.com	static.yieldmo.com
4	csp.azureedge.net	cdn.cityspark.com csp.azureedge.net
4	core.spreedly.com	www.henryherald.com core.spreedly.com
4	www.google.com	www.henryherald.com www.gstatic.com www.google.com
3	cds.connatix.com	www.henryherald.com cd.connatix.com
3	capi.connatix.com	www.henryherald.com cd.connatix.com
3	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
3	p.flipp.com	cdn-gateflipp.flippback.com
3	c.amazon-adsystem.com	www.henryherald.com c.amazon-adsystem.com
3	cdn.whizzco.com	www.henryherald.com cdn.whizzco.com
3	fonts.googleapis.com	www.henryherald.com csp.azureedge.net
2	ap.lijit.com	www.americanhometownmedia.com
2	justapinch-com-d.openx.net	www.americanhometownmedia.com
2	yeet.revcontent.com	assets.netizen.co
2	cdn.mgid.com	blank
2	assets.revcontent.com	assets.netizen.co
2	id5-sync.com	cdn.id5-sync.com
2	jsc.mgid.com	cdn.whizzco.com jsc.mgid.com
2	cdn.jsdelivr.net	cdn.cityspark.com securepubads.g.doubleclick.net
2	cdn.id5-sync.com	www.henryherald.com securepubads.g.doubleclick.net
2	px.ads.linkedin.com	1 redirects www.henryherald.com
2	idsync.rlcdn.com	2 redirects
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	japfg-trending-content.appspot.com	www.henryherald.com
2	cdn-gateflipp.flippback.com	www.henryherald.com shopper.flipp.com
2	otto-js.us.auth0.com	1 redirects www.henryherald.com
2	app.otto-js.com	2 redirects
2	s3.amazonaws.com	www.henryherald.com
2	pagead2.googlesyndication.com	www.henryherald.com pagead2.googlesyndication.com
1	hbopenbid.pubmatic.com	www.americanhometownmedia.com
1	apex.go.sonobi.com	www.americanhometownmedia.com
1	api.segment.io	cdn.segment.com
1	img.revcontent.com	www.henryherald.com
1	c.mgid.com	www.henryherald.com
1	images.wishabi.net	www.henryherald.com
1	cd.connatix.com	1 redirects
1	www.googletagservices.com	www.henryherald.com
1	www.americanhometownmedia.com	www.henryherald.com
1	analytics.google.com	www.googletagmanager.com
1	shopper.flipp.com	cdn-gateflipp.flippback.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	decide.dev	cdn2.decide.dev
1	ads.pubmatic.com	assets.netizen.co
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	gateflipp.flippback.com	cdn-gateflipp.flippback.com
1	ampcid.google.com	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	assets.netizen.co	cdn.whizzco.com
1	cdn2.decide.dev	www.henryherald.com
1	pixel.quantserve.com	cdn.cityspark.com
1	ads.yieldmo.com	static.yieldmo.com
1	match.adsrvr.org	www.henryherald.com
1	matchadsrvr.yieldmo.com	1 redirects
1	pippio.com	1 redirects
1	cdn-p.cityspark.com	cdn.cityspark.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.justapinch.com	www.henryherald.com
1	static.yieldmo.com	www.henryherald.com
1	cdn.cityspark.com	www.henryherald.com
1	d3uvwl4wtkgzo1.cloudfront.net	1 redirects
0	pl.connatix.com Failed	cd.connatix.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	vid.connatix.com Failed	cd.connatix.com
262	82

This site contains no links.

Subject Issuer	Validity	Valid
henryherald.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
*.flippback.com Amazon RSA 2048 M02	`2023-06-15` - `2024-07-12`	a year	crt.sh
whizzco.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
sni0f49gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-23`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
core.spreedly.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-01-12` - `2024-02-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
static.yieldmo.com Amazon RSA 2048 M02	`2023-05-21` - `2024-06-18`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
justapinch.com Go Daddy Secure Certificate Authority - G2	`2023-04-18` - `2024-05-19`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
cdn-p.cityspark.com R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
flipp.com Amazon RSA 2048 M01	`2023-07-31` - `2024-08-28`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M02	`2023-02-28` - `2023-10-12`	7 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-05-17` - `2024-05-11`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
cdn2.decide.dev R3	`2023-07-05` - `2023-10-03`	3 months	crt.sh
assets.netizen.co R3	`2023-07-06` - `2023-10-04`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-07-23` - `2023-10-21`	3 months	crt.sh
decide.dev GTS CA 1D4	`2023-06-23` - `2023-09-21`	3 months	crt.sh
www.americanhometownmedia.com Go Daddy Secure Certificate Authority - G2	`2023-05-14` - `2024-06-14`	a year	crt.sh
netizen.co Amazon RSA 2048 M01	`2023-02-23` - `2023-10-11`	8 months	crt.sh
*.wishabi.net Amazon RSA 2048 M01	`2023-03-01` - `2023-10-15`	8 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
assets.revcontent.com R3	`2023-07-10` - `2023-10-08`	3 months	crt.sh
img.revcontent.com R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Frame ID: D303E685881B9080E55C8D37F1FBCACE
Requests: 214 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: AB37FEE7F8B771C68490479D8287D939
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Frame ID: C34FC9EEE2E2A645EE209FDC8008E75C
Requests: 13 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/number-frame-1.110.html
Frame ID: 2AAA4E235A1ABA420A9CAB3A534225EC
Requests: 2 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/cvv-frame-1.110.html
Frame ID: E0FBF85EDF80F88D43DCD2E8C5D48657
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3129558407352269&output=html&adk=1812271804&adf=3025194257&lmt=1691881772&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691855073100&bpp=18&bdt=1246&idt=862&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2436571313534&frm=20&pv=2&ga_vid=1044184676.1691855074&ga_sid=1691855074&ga_hid=136177701&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759875%2C44759926%2C44759837%2C31076804%2C31076924%2C21065724&oid=2&pvsid=3576657166846134&tmod=1565548349&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=940
Frame ID: AE3A4826CA332945900428B09A9BA7D5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=7m5jy7csh9lb
Frame ID: 566C1ACEB73BA2D4CA48D184BBB1ACF7
Requests: 7 HTTP requests in this frame

Frame: https://decide.dev/lad/14870740986191206?pubid=ld-6820-1947&pubo=https%3A%2F%2Fwww.henryherald.com&rid=&width=1006&path=%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html
Frame ID: EB263C297A185CD3FC5593079C177CE4
Requests: 2 HTTP requests in this frame

Frame: https://shopper.flipp.com/static/1.2.0/latest
Frame ID: D11BBE8DA5E9C2F2022FED7C55E422B7
Requests: 3 HTTP requests in this frame

Frame: https://cds.connatix.com/p/313168/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a&tier=1
Frame ID: DCB082DF5FBECF2F8A54F1E43EA23E88
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

262
Requests

94 %
HTTPS

49 %
IPv6

56
Domains

82
Subdomains

66
IPs

4
Countries

4397 kB
Transfer

12342 kB
Size

47
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://d3uvwl4wtkgzo1.cloudfront.net/8a9003e0-58e0-4430-ad2d-f4cfb40e4f89.js HTTP 301
https://app.otto-js.com/ HTTP 302
https://app.otto-js.com/auth/auth0?audience=https://api.devconops.com HTTP 302
https://otto-js.us.auth0.com/authorize?audience=https%3A%2F%2Fapi.devconops.com&client_id=70hPbpttuUICXMQjf8l93nhybIVB3UGa&redirect_uri=http%3A%2F%2Fapp.otto-js.com%2Fauth%2Fauth0%2Fcallback&response_type=code&scope=openid+profile+email+read%3Astatus HTTP 302
https://otto-js.us.auth0.com/u/login?state=hKFo2SBzeExKemx5MjlwVmI1bG85d1MwRnh6a3kxZWpDQXpabqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFVsUzNsZzV6enhxWXZwOHFLdDUtTGs0b3V6dUc0LU5io2NpZNkgNzBoUGJwdHR1VUlDWE1RamY4bDkzbmh5YklWQjNVR2E

Request Chain 114

https://idsync.rlcdn.com/712559.gif?partner_uid=2f4eb3db-beed-4d8b-bd52-e949c19c88ee HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDJmNGViM2RiLWJlZWQtNGQ4Yi1iZDUyLWU5NDljMTljODhlZRAAGg0I4dHepgYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&rand=00634406 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&rand=00634406&expected_cookie=831d6c1c-ee10-42fd-b50b-0921bcea346c

Request Chain 122

https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json HTTP 302
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json

Request Chain 220

https://cd.connatix.com/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a HTTP 302
https://cds.connatix.com/p/313168/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a&tier=1

Request Chain 233

https://capi.connatix.com/core/sync?v=313168 HTTP 302
https://capi.connatix.com/core/sync?v=313168&final=true

262 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request article_489e3249-9c55-5924-af18-b59e0821de71.html Show response
www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/ 577 KB
143 KB 1251ms
505ms Document
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

eb48fcff4e1a4c0fae5f8d80c311991f2b8678217eab00ff8e5d3f3d3353042b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 144371
content-type: text/html; charset=UTF-8
date: Sat, 12 Aug 2023 15:44:31 GMT
etag: W/07b22a977422171a77d64aab3848fe50
last-modified: Sat, 12 Aug 2023 13:09:32 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.b36ccd6c63f37a5c53e27315d402bd25.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: unavailable_after: Monday, 11-Sep-23 13:09:31 Z noarchive
x-tncms: 1.70.8; app5; 0.4s; 6.1M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 150ms
72ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
age: 77632
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Thu, 10 Aug 2023 17:49:49 GMT
server: cloudflare
etag: 0x8DB99CA31A90166
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 28d0050c-401e-003e-51c3-cbaefc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f59d717a8952243-ORD

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 220ms
94ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2432669
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7182d898114-ORD
expires: Tue, 02 Apr 2024 18:10:29 GMT

GET
H2 200 user.js Show response
www.henryherald.com/shared-content/art/tncms/user/ 3 KB
2 KB 143ms
126ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: c6e6da77dacb153a6384cca89b97bef3a39bd73cb3f3b997d0002ff0c1c4dc86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:03 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 20:49:22 GMT
x-vcache: HIT
age: 28
etag: W/"64d54d52-c04"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1419
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 218ms
93ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5009548
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7182d8e8114-ORD
expires: Wed, 12 Jun 2024 04:20:41 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 216ms
90ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 20843552
last-modified: Tue, 10 May 2022 15:14:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a815c-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7182d8b8114-ORD
expires: Thu, 25 May 2023 16:13:17 GMT

GET
H2 200 tnt.b36ccd6c63f37a5c53e27315d402bd25.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 23 KB
6 KB 217ms
92ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.b36ccd6c63f37a5c53e27315d402bd25.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa59d2979c85d4fec938c960a0c4e7138cd122db113331b2974113869007dc46

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4307438
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Jun 2023 17:09:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6495d1e3-5cda"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7182d8d8114-ORD
expires: Sat, 22 Jun 2024 19:02:59 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 214ms
89ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4307438
cross-origin-resource-policy: cross-origin
last-modified: Fri, 23 Jun 2023 18:40:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6495e71c-10fa"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7182d8c8114-ORD
expires: Sat, 22 Jun 2024 19:02:58 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
970 B 216ms
91ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3184715
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:38:57 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137051-9ae"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7182d8a8114-ORD
expires: Wed, 20 Mar 2024 20:32:02 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 170ms
46ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7604483
cross-origin-resource-policy: cross-origin
last-modified: Thu, 11 May 2023 20:00:28 GMT
x-vcache: MISS
server: cloudflare
etag: W/"645d495c-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd588114-ORD
expires: Wed, 15 May 2024 15:01:31 GMT

GET
H2 200 layout.c16df073a4f45c16eb2b8a91ceb7b785.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 177ms
54ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.c16df073a4f45c16eb2b8a91ceb7b785.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 938584
cross-origin-resource-policy: cross-origin
last-modified: Wed, 26 Jul 2023 20:07:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64c17cf0-26681"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd598114-ORD
expires: Wed, 31 Jul 2024 19:01:26 GMT

GET
H2 200 theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 210ms
87ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4564213
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:05:00 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8b0c-a506"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd5b8114-ORD
expires: Wed, 19 Jun 2024 19:01:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 220ms
67ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=PT+Serif:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fea3d4b9c89cd2ed84c8336b93cd1c54f43abc9464e0eed56986590b2951ab0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:44:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Aug 2023 15:44:32 GMT

GET
H2 200 tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/ 21 KB
4 KB 174ms
52ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.e83899ab184df30a9837c1688f1e5fa1.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 333500
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:16:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa12-5327"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd5c8114-ORD
expires: Wed, 07 Aug 2024 19:01:40 GMT

GET
H2 200 datepicker3.9f2593097fc3849b80bb9d187a12b345.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 31 KB
3 KB 171ms
50ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 17000903
cross-origin-resource-policy: cross-origin
last-modified: Thu, 27 Oct 2022 21:00:21 GMT
x-vcache: MISS
server: cloudflare
etag: W/"635af165-7b02"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd5f8114-ORD
expires: Sat, 04 Nov 2023 12:18:49 GMT

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 960 B
659 B 162ms
41ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3936496
last-modified: Thu, 21 Jul 2022 21:07:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9c02a-3c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd608114-ORD
expires: Wed, 26 Jul 2023 11:07:02 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 169ms
48ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 17000903
last-modified: Thu, 21 Jul 2022 21:07:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9c02b-189c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd648114-ORD
expires: Wed, 26 Jul 2023 08:35:03 GMT

GET
H2 200 tnt.comments.c281ededc640381d48e91e027585814d.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/styles/ 3 KB
924 B 209ms
88ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/styles/tnt.comments.c281ededc640381d48e91e027585814d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78fabb8840d3fba5bd2a5bd16096e4d255e5da9267f3228efc263bdebf35c088

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 15806006
cross-origin-resource-policy: cross-origin
last-modified: Fri, 03 Feb 2023 14:57:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63dd20e6-af5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d7a8114-ORD
expires: Sat, 10 Feb 2024 17:10:46 GMT

GET
H2 200 flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 531 B
367 B 207ms
86ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5003243
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Apr 2023 14:41:45 GMT
x-vcache: MISS
server: cloudflare
etag: W/"643814a9-213"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d717fd628114-ORD
expires: Mon, 22 Apr 2024 15:17:36 GMT

GET
H2 200 access.js Show response
www.henryherald.com/shared-content/art/tncms/api/ 87 KB
35 KB 140ms
128ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/api/access.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8

Request headers

Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:41:16 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2023 20:21:14 GMT
x-vcache: HIT
age: 195
etag: W/"64307b3a-15cd7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 35387
service-worker-allowed: /

GET
H2 200 bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 26 KB
8 KB 212ms
93ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 29652034
cross-origin-resource-policy: cross-origin
last-modified: Wed, 03 Aug 2022 16:43:50 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62eaa5c6-6931"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d7e8114-ORD
expires: Tue, 22 Aug 2023 03:03:07 GMT

GET
H2 200 jquery.mask.84bef41f682a27dac3fd6e812c06365d.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 3 KB
2 KB 209ms
91ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 29652034
cross-origin-resource-policy: cross-origin
last-modified: Wed, 03 Aug 2022 16:43:49 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62eaa5c5-c0b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d828114-ORD
expires: Tue, 22 Aug 2023 03:02:10 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 217ms
70ms Script
text/javascript 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=signupVkCallback&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d18d08befc5772dede6de7561caa8343ccf34fb088ed85dc152f97ac10bf05c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 861
x-xss-protection: 1; mode=block
expires: Sat, 12 Aug 2023 15:44:32 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
686 B 212ms
71ms Script
text/javascript 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67979ecbbaf9bcaeec027f7f805946fbeb1cd2b20cbb14a07c1001d7c079744d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617
x-xss-protection: 1; mode=block
expires: Sat, 12 Aug 2023 15:44:32 GMT

GET
H2 200 tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 10 KB
2 KB 201ms
88ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.log.3a08a9e5cc9ffa7f4c54ed2c8a09a1a2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 332477
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-2638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d808114-ORD
expires: Wed, 07 Aug 2024 19:01:39 GMT

GET
H2 200 tnt.access.status.828de94349981272665c0fb0107f3e49.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 925 B
421 B 201ms
89ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4466888
cross-origin-resource-policy: cross-origin
last-modified: Fri, 13 Jan 2023 15:38:19 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63c17aeb-39d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d858114-ORD
expires: Tue, 23 Jan 2024 15:00:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 85 KB
28 KB 306ms
146ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7bb9b8952386d99c3994cd788dbe1321b970c867b555763efdc9fb06792b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28629
x-xss-protection: 0
server: cafe
etag: 698 / 19581 / 31076944 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:44:32 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
913 B 137ms
102ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7067979
last-modified: Thu, 21 Jul 2022 21:06:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bff2-5bb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fc18114-ORD
expires: Wed, 26 Jul 2023 09:40:44 GMT

GET
H2 200 tnt.comment.ab5fb87419367af823185ae92fe15663.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/ 13 KB
3 KB 169ms
94ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/tnt.comment.ab5fb87419367af823185ae92fe15663.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9186752fbc16321f99c98fb41db4058c9caf24529c0070d53d61f609e14dc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5209392
cross-origin-resource-policy: cross-origin
last-modified: Fri, 03 Feb 2023 14:56:37 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63dd20a5-3480"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d7c8114-ORD
expires: Sat, 10 Feb 2024 17:10:48 GMT

GET
H2 200 tnt.emoticons.2048520c3a5ad423f37d8d4ac8c790a9.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/ 3 KB
931 B 167ms
92ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/tnt.emoticons.2048520c3a5ad423f37d8d4ac8c790a9.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc728ed832fc895e2c5dc2e4cb961913ad05496eeed776d568370bb065e85f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4943412
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137058-a8f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d848114-ORD
expires: Wed, 27 Mar 2024 11:48:19 GMT

GET
H2 200 ie.grid.placement.8d31e32afeebe4520bfab9638ef91435.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 2 KB
840 B 99ms
64ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ie.grid.placement.8d31e32afeebe4520bfab9638ef91435.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe3e81abfe1b82b22c0afec5ceb1400456a6c4d6ecec4f94ef6f5da1e74e666

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5009547
last-modified: Mon, 07 Jan 2019 16:40:30 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5c3380fe-754"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fc48114-ORD
expires: Thu, 21 Mar 2024 07:54:55 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 112ms
78ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3183696
cross-origin-resource-policy: cross-origin
last-modified: Mon, 03 Jul 2023 14:54:48 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64a2e138-db8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fc58114-ORD
expires: Fri, 05 Jul 2024 19:22:56 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 103ms
69ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 247062
cross-origin-resource-policy: cross-origin
last-modified: Thu, 06 Apr 2023 14:32:51 GMT
x-vcache: MISS
server: cloudflare
etag: W/"642ed813-1ba0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fc68114-ORD
expires: Tue, 09 Apr 2024 20:59:56 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 206ms
40ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 10:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Aug 2024 10:52:08 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 208ms
42ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 08:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 08:00:08 GMT

GET
H2 200 messaging.js Show response
www.henryherald.com/shared-content/art/tncms/api/ 2 KB
1 KB 87ms
54ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:41:16 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 20:49:22 GMT
x-vcache: HIT
age: 196
etag: W/"64d54d52-9cb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 885
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
399 B 161ms
90ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5009548
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"642468af-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7181d888114-ORD
expires: Wed, 03 Apr 2024 07:50:08 GMT

GET
H2 200 tracking.js Show response
www.henryherald.com/shared-content/art/tncms/ 3 KB
1 KB 146ms
146ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:41:15 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 20:49:22 GMT
x-vcache: HIT
age: 196
etag: W/"64d54d52-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 89ms
56ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 75935
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f59d71a0bac2243-ORD

GET
H2 200 fontawesome.b2419fcc3201a1f4e3293248c643da08.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
97 KB 145ms
113ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.b2419fcc3201a1f4e3293248c643da08.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4567198
cross-origin-resource-policy: cross-origin
last-modified: Thu, 15 Jun 2023 22:03:56 GMT
x-vcache: MISS
server: cloudflare
etag: W/"648b8acc-430b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fc78114-ORD
expires: Wed, 19 Jun 2024 19:02:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 239ms
74ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e15fc01517c5add690632a6929bd7a349f96f987cbd29eb21926e1f21eaa12e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50868
x-xss-protection: 0
server: cafe
etag: 232280404347326688
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:44:32 GMT

GET
H/1.1 200
OK jquery.smartbanner.css
s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/ 4 KB
4 KB 258ms
65ms Stylesheet
text/css 52.217.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/jquery.smartbanner.css
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.106.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73fedefec9a793510e7041b5e6275ba26c135ef44682c504bd2a0b940fbed0ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 12 Aug 2023 15:44:33 GMT
Last-Modified: Tue, 17 Sep 2019 15:35:22 GMT
Server: AmazonS3
x-amz-request-id: A789A8XA86ZT994N
ETag: "347384d39f5b6dbcedaf5d3711f27d6d"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4105
x-amz-id-2: Khx0Sd52KfOIG/vTL7a0mw3dTb8bCWKomnfgP8Py9B6xziajQknHUUlRG0Lg7NXvuo/jTPtJy8w=

GET
H2

200

https://d3uvwl4wtkgzo1.cloudfront.net/8a9003e0-58e0-4430-ad2d-f4cfb40e4f89.js
https://app.otto-js.com/
https://app.otto-js.com/auth/auth0?audience=https://api.devconops.com
https://otto-js.us.auth0.com/authorize?audience=https%3A%2F%2Fapi.devconops.com&client_id=70hPbpttuUICXMQjf8l93nhybIVB3UGa&redirect_uri=http%3A%2F%2Fapp.otto-js.com%2Fauth%2Fauth0%2Fcallback&respon...
https://otto-js.us.auth0.com/u/login?state=hKFo2SBzeExKemx5MjlwVmI1bG85d1MwRnh6a3kxZWpDQXpabqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFVsUzNsZzV6enhxWXZwOHFLdDUtTGs0b3V6dUc0LU5io2NpZNkgNzBoUGJwdHR1VUlDWE1Ram...

0
0

128ms
124ms

Script
text/html

2606:4700::6810:5367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otto-js.us.auth0.com/u/login?state=hKFo2SBzeExKemx5MjlwVmI1bG85d1MwRnh6a3kxZWpDQXpabqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFVsUzNsZzV6enhxWXZwOHFLdDUtTGs0b3V6dUc0LU5io2NpZNkgNzBoUGJwdHR1VUlDWE1RamY4bDkzbmh5YklWQjNVR2E
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Server: 2606:4700::6810:5367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
tracestate: auth0-request-id=7f59d720cfc02324,auth0=true
x-auth0-requestid: 2332e1046f3a027f79b7
alt-svc: h3=":443"; ma=86400
content-length: 212
pragma: no-cache
server: cloudflare
ot-tracer-sampled: true
traceparent: 00-00000000000000003964d9a608d82f70-219950742a6b15f9-01
ot-tracer-traceid: 3964d9a608d82f70
vary: Accept, Accept-Encoding
x-ratelimit-remaining: 99
content-type: text/plain; charset=utf-8
location: /u/login?state=hKFo2SBzeExKemx5MjlwVmI1bG85d1MwRnh6a3kxZWpDQXpabqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFVsUzNsZzV6enhxWXZwOHFLdDUtTGs0b3V6dUc0LU5io2NpZNkgNzBoUGJwdHR1VUlDWE1RamY4bDkzbmh5YklWQjNVR2E
cache-control: no-store, max-age=0, no-transform
x-ratelimit-reset: 1691855074
x-ratelimit-limit: 100
ot-baggage-auth0-request-id: 7f59d720cfc02324
cf-ray: 7f59d720cfc02324-ORD
ot-tracer-spanid: 219950742a6b15f9

GET
H2 200 tracker.js Show response
www.henryherald.com/shared-content/art/stats/common/ 9 KB
3 KB 100ms
100ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.henryherald.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:43:39 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2023 14:02:33 GMT
x-vcache: HIT
age: 52
etag: W/"641b0a79-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 acea4f66-00ae-11ee-bb03-07ff5a614590.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 6 KB
7 KB 97ms
67ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/acea4f66-00ae-11ee-bb03-07ff5a614590.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58fa2158df0d62fb6cd500195fc63b30e2ade951a0eb047571b516f6baf4a8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 3806435
cf-polished: qual=85, origFmt=jpeg, origSize=11677
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="acea4f66-00ae-11ee-bb03-07ff5a614590.webp"
content-length: 6478
cf-bgj: imgq:85,h2pri
last-modified: Thu, 01 Jun 2023 19:01:12 GMT
server: cloudflare
x-vcache: MISS
etag: "6478eaf8-2d9d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71a2fc88114-ORD
expires: Thu, 27 Jun 2024 14:56:46 GMT

GET
H2 200 6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 33 KB
33 KB 109ms
79ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 227550
cf-polished: qual=85, origFmt=jpeg, origSize=87079
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6e60e716-5af3-11ed-9011-df0559fb2f5d.webp"
content-length: 33456
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 21:15:09 GMT
server: cloudflare
x-vcache: MISS
etag: "6362dddd-15427"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71a2fc98114-ORD
expires: Thu, 08 Aug 2024 17:44:58 GMT

GET
H2 200 76145f42-5af3-11ed-a02e-c7e09e864ee7.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 33 KB
33 KB 128ms
98ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/76145f42-5af3-11ed-a02e-c7e09e864ee7.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 7547571
cf-polished: qual=85, origFmt=jpeg, origSize=87079
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="76145f42-5af3-11ed-a02e-c7e09e864ee7.webp"
content-length: 33456
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 21:15:22 GMT
server: cloudflare
x-vcache: MISS
etag: "6362ddea-15427"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71a2fca8114-ORD
expires: Fri, 10 May 2024 04:42:40 GMT

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 90 KB
34 KB 290ms
89ms Script
application/javascript 108.139.29.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201258278
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-105.jfk50.r.cloudfront.net
Software: envoy /
Resource Hash: 7b187cf1ed92d64679384dd200bb369638a056dfcc35fe2b2d22ed578405422f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
via: 1.1 76d4de5b65bdf749a3f97445d1b9f4d2.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: JFK50-P2
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 4
x-amz-cf-id: XkMvFKNjVAB2g1jNswvYJE85qxy-unDHdsbSVzKgdsywY-6e47mEEQ==

GET
H2 200 64d77c9cc8921.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/49/d49fc8dd-52d3-5f6b-82cf-f5d34d1879eb/ 39 KB
39 KB 148ms
118ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/49/d49fc8dd-52d3-5f6b-82cf-f5d34d1879eb/64d77c9cc8921.image.jpg?resize=620%2C413

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9ba27d787035ce0bb66e3ac4d2207e29eaab9343144273ebeb25fceb990635b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=40241, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 12 Aug 2023 12:35:40 GMT
server: cloudflare
x-vcache: MISS
etag: "3aa08ac4b8f5fc21d075447eef967ae3"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fcb8114-ORD
expires: Sun, 11 Aug 2024 13:01:16 GMT

GET
H2 200 widget_v3.js Show response
cdn.whizzco.com/scripts/widget/ 7 KB
3 KB 191ms
45ms Script
application/javascript 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
via: 1.1 0d686860a571e09f23ba7586948f0628.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD52-C2
age: 2766
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 05 Mar 2023 13:26:38 GMT
server: cloudflare
etag: W/"af75195749ffac29c536aae88fdbda39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kt5%2BjyNT36kalGd9ab876SEM6BId52hWvolFIXzSN2HY%2FXLOj7i7gxp4MX%2BrlWn05NSnWz7Z87axdaEoNF4GYtfEs5UyS18fq15%2BwDTXfuLhMIl%2FxmHPAGbrmPwDyKGDeYf2VGJY4ESnDlVwR8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f59d71abd8b1048-ORD
x-amz-cf-id: g9kxAVdHxIXZ9fbe3Qg-8LCIo5N5Tatl2yWmPWaMKFyBRXX7J7jhpw==

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
1 KB 184ms
33ms Script
application/x-javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cityspark.com/wid/get.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (cha/8181) /
Resource Hash: 2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
content-md5: 8ouzdXeMpGxUBMAUF/mhkg==
age: 76263
x-cache: HIT
content-length: 1002
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 10 Mar 2023 18:25:29 GMT
server: ECAcc (cha/8181)
etag: "0x8DB2194D3ACD75C+gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8ecf2e7c-001e-00cd-2c82-ccc8e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2014-02-14

GET
H2 200 widgey-dug.php Show response
japfg-trending-content.appspot.com/ 10 KB
2 KB 208ms
82ms Script
text/html 2607:f8b0:4006:816::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/widgey-dug.php?s=10238&v=1&q=3&i=1
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2014 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 513b875dfdbd01736f9143c26d7bc6fb72d85787bbcd83764e9bac35159b848c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 0ec6a63a-25ad-11ee-93e4-2396fb252bb7.png
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 46 KB
46 KB 139ms
110ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/0ec6a63a-25ad-11ee-93e4-2396fb252bb7.png?resize=540%2C439

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8b28b7266de6eb92e4c2a43e5ede874fbfa5288aeddd80c2aeb85ed7c66cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2070001
cf-polished: origFmt=png, origSize=51860
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="0ec6a63a-25ad-11ee-93e4-2396fb252bb7.webp"
content-length: 47258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Jul 2023 20:52:50 GMT
server: cloudflare
x-vcache: HIT
etag: "c3bb39a43346917df7aed181c7cf517d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71a2fcc8114-ORD
expires: Wed, 17 Jul 2024 20:57:17 GMT

GET
H2 200 5bdc62fa-26e7-11ec-810b-9323e7ece3d6.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 11 KB
11 KB 130ms
102ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/5bdc62fa-26e7-11ec-810b-9323e7ece3d6.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6aff64ea75b644ed94b83d5be24eb844b45eb597d62d00f7e61dc4af689a68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 24861119
cf-polished: qual=85, origFmt=jpeg, origSize=19597
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="5bdc62fa-26e7-11ec-810b-9323e7ece3d6.webp"
content-length: 10908
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Oct 2021 20:52:46 GMT
server: cloudflare
x-vcache: MISS
etag: "615e0c9e-4c8d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71a2fcd8114-ORD
expires: Sat, 28 Oct 2023 20:44:19 GMT

GET
H2 200 78a056fe-85ba-11eb-b4cf-4b99c2b48529.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 7 KB
7 KB 124ms
97ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/78a056fe-85ba-11eb-b4cf-4b99c2b48529.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

354d7d76ac9a080b675d3bf921353b30e9c3aa1668f439604bfa58ec85148592

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 4349801
cf-polished: qual=85, origFmt=jpeg, origSize=11134
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="78a056fe-85ba-11eb-b4cf-4b99c2b48529.webp"
content-length: 7258
cf-bgj: imgq:85,h2pri
last-modified: Mon, 15 Mar 2021 18:15:49 GMT
server: cloudflare
x-vcache: MISS
etag: "604fa455-2b7e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71a2fcf8114-ORD
expires: Sat, 08 Jun 2024 16:46:51 GMT

GET
H/1.1 200
OK jquery.smartbanner.js Show response
s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/ 15 KB
16 KB 64ms
63ms Script
application/javascript 52.217.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/v4.static.shoutem.com/popup_scripts/jquery.smartbanner.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.106.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b53cc35f15a6e6c3e31df71e326e646d6989aec3917c656962a9736a5586297

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 12 Aug 2023 15:44:33 GMT
Last-Modified: Tue, 17 Sep 2019 15:35:22 GMT
Server: AmazonS3
x-amz-request-id: A78692AGN7WYERQ6
ETag: "16ae42f55aca69b21a9f0aae52342967"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 15650
x-amz-id-2: d4dGlVdsSQDgXYBhpUoQ+maAu5/A/HNEnILpWB4zcAWEhvHAhjMw0TsZwULyY3eVT6CAHt7wAPk=

GET
H2 200 tnt.access.3.1.a6e0068e9b5fdd5e841934cf8157498c.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 8 KB
3 KB 73ms
34ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 332477
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-1e2a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff808114-ORD
expires: Wed, 07 Aug 2024 19:01:40 GMT

GET
H2 200 tnt.access.protected.2c7fd105f0fc78f1cb3925a4fe7c2e6e.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 847 B
517 B 65ms
28ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58100be69e56838f83661d92f6804ccd5c5602c305005b7eee0faa9de1279e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 7075839
cross-origin-resource-policy: cross-origin
last-modified: Fri, 19 May 2023 18:36:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6467c1ba-34f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff828114-ORD
expires: Tue, 21 May 2024 18:10:04 GMT

GET
H2 200 tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
881 B 63ms
26ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 24525223
cross-origin-resource-policy: cross-origin
last-modified: Thu, 27 Oct 2022 20:59:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"635af11f-832"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff848114-ORD
expires: Wed, 01 Nov 2023 19:01:48 GMT

GET
H2 200 tnt.access.user.modal.f7354dab6768ba975cd14f2e3a8933e7.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
801 B 72ms
35ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79243ba9d4f951345916f75842d1108f38686a192b7849486fab98ab0626650c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 17264512
cross-origin-resource-policy: cross-origin
last-modified: Thu, 19 Jan 2023 22:31:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63c9c4ac-820"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff858114-ORD
expires: Wed, 24 Jan 2024 20:01:15 GMT

GET
H2 200 tnt.access.user.modal.wall.96af7a0aadcaa7eec78ad43f589298ca.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 28 KB
7 KB 76ms
39ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef6165b53e3b1fdd9ab2d8562c4159f447c3e7802c7fac59692c4fb44630061

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 333499
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-6ee8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff878114-ORD
expires: Wed, 07 Aug 2024 19:02:10 GMT

GET
H2 200 tnt.access.denied.4.0.offers.3838af3fd4bd9949036725cb7bad51e6.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 12 KB
4 KB 74ms
37ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 332477
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-2e05"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff888114-ORD
expires: Wed, 07 Aug 2024 19:01:40 GMT

GET
H2 200 jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 20 KB
7 KB 75ms
38ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 12295208
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6413705e-512b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff8a8114-ORD
expires: Thu, 21 Mar 2024 07:54:55 GMT

GET
H2 200 additional-methods.54cac72c4ecc4fe6191818374fa8d218.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 15 KB
4 KB 72ms
36ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada9d82a1291abeb8fe95fb82359767ce8d18b87553c624d3049368e93d28c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 29652033
cross-origin-resource-policy: cross-origin
last-modified: Wed, 03 Aug 2022 16:43:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62eaa5bb-3a2f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff8b8114-ORD
expires: Thu, 24 Aug 2023 06:22:12 GMT

GET
H2 200 jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 7 KB
2 KB 76ms
38ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.77562065896d6b48f0405363b8758736.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4567115
cross-origin-resource-policy: cross-origin
last-modified: Thu, 11 May 2023 04:31:44 GMT
x-vcache: MISS
server: cloudflare
etag: W/"645c6fb0-1ce5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d719ff928114-ORD
expires: Wed, 19 Jun 2024 19:02:36 GMT

GET
H2 200 iframe-v1.min.js Show response
core.spreedly.com/iframe/ 79 KB
79 KB 185ms
30ms Script
text/javascript 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/iframe-v1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b0abd4d98b8caa39813a38bf0cabf2619bb93b786335ea6c560b83b3ee7816b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: FHAZ64VZ6J6VVPEA
age: 2957
x-cache: MISS, HIT
content-length: 80642
x-amz-id-2: pcrIYGx0U1IlecN1xPDRjJ+N49OIlYUfPxekduOZiCMcJzbt0kC4/waJPpGo7aKEj/VfZw/PQSY=
x-served-by: cache-chi-kigq8000060-CHI, cache-chi-klot8100061-CHI
last-modified: Thu, 03 Aug 2023 13:28:59 GMT
server: AmazonS3
x-timer: S1691855072.440374,VS0,VE0
etag: "e6b4dc033bef175680549e6ad43a967c"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 0, 59

GET
H2 200 tnt.access.log.gtm.22dbd70d9641f10d0559ebd1a1327e07.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 3 KB
767 B 77ms
39ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 332477
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-ce5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a0f948114-ORD
expires: Wed, 07 Aug 2024 19:01:40 GMT

GET
H2 200 tnt.access.log.legacy.8de26295ce9ca025da0008f10ecacd2d.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 4 KB
901 B 77ms
40ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 332477
cross-origin-resource-policy: cross-origin
last-modified: Fri, 04 Aug 2023 13:15:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64ccfa0e-f6a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a0f958114-ORD
expires: Wed, 07 Aug 2024 19:01:40 GMT

GET
H2 200 tnt.access.output.subscription.245e49413d8c36773b4034b7970cc61e.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
1 KB 97ms
60ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 6903711
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 May 2023 17:14:29 GMT
x-vcache: MISS
server: cloudflare
etag: W/"646e45f5-9bc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fb08114-ORD
expires: Thu, 23 May 2024 18:02:41 GMT

GET
H2 200 tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
1 KB 96ms
59ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 29652033
cross-origin-resource-policy: cross-origin
last-modified: Wed, 03 Aug 2022 16:43:31 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62eaa5b3-9cd"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fb28114-ORD
expires: Thu, 24 Aug 2023 15:09:39 GMT

GET
H2 200 tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
709 B 95ms
58ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 29652033
cross-origin-resource-policy: cross-origin
last-modified: Wed, 03 Aug 2022 16:43:31 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62eaa5b3-638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fb48114-ORD
expires: Thu, 24 Aug 2023 15:09:39 GMT

GET
H2 200 asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 941 B
616 B 100ms
63ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 20849053
last-modified: Fri, 01 Apr 2022 13:29:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe3d-3ad"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fb58114-ORD
expires: Sun, 23 Apr 2023 12:14:07 GMT

GET
H2 200 tnt.ads.core.d91ab8192eb2e0c528d28cee4c41618f.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 13 KB
5 KB 140ms
103ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.d91ab8192eb2e0c528d28cee4c41618f.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7ff2c9a63f2e7b19c7edae86ba2427ea589eb8a81f6291fd4400049940698ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 938166
cross-origin-resource-policy: cross-origin
last-modified: Wed, 26 Jul 2023 20:07:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64c17cf0-337a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fb68114-ORD
expires: Wed, 31 Jul 2024 19:02:12 GMT

GET
H2 200 maillist_signup.deacc71a82fe583ccc361b42498ff614.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 4 KB
1 KB 97ms
61ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/maillist_signup.deacc71a82fe583ccc361b42498ff614.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d13f3ca71d7f8936fa6132de0d7b79b479d0eb9615df43fde4f31b2d43c79fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 5009547
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:33:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246876-fe1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fb88114-ORD
expires: Wed, 03 Apr 2024 07:50:15 GMT

GET
H2 200 sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 4 KB
2 KB 102ms
66ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3807748
cross-origin-resource-policy: cross-origin
last-modified: Tue, 27 Jun 2023 15:24:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"649aff12-1008"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fba8114-ORD
expires: Fri, 28 Jun 2024 14:02:00 GMT

GET
H2 200 tnt.regions.b44801b45845a81b995eeaad12f4f276.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 98ms
62ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4480445
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 May 2023 17:14:24 GMT
x-vcache: MISS
server: cloudflare
etag: W/"646e45f0-1015"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a1fbb8114-ORD
expires: Sat, 25 May 2024 10:17:12 GMT

GET
H2 200 tnt.dfp.67d0a486dc140d1d2cb8ada29f073694.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_dfp/resources/scripts/app/ 3 KB
939 B 97ms
61ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/ads_dfp/resources/scripts/app/tnt.dfp.67d0a486dc140d1d2cb8ada29f073694.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ef629a418b88359cc408d7c0405988ee4bf48ee25bab28b00bde52a3fee6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 824006
last-modified: Wed, 03 Nov 2021 19:36:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6182e4d6-a14"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fbc8114-ORD
expires: Sat, 15 Jun 2024 01:16:46 GMT

GET
H2 200 discovery.a427fcfa0d809ff13284b67ca35ce270.js Show response
bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 41 KB
7 KB 105ms
69ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/discovery.a427fcfa0d809ff13284b67ca35ce270.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8553b1709344a015fa39fa7fbf19df7b6fe016c4800fe76bd7da3e972a07f65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 27549322
cross-origin-resource-policy: cross-origin
last-modified: Wed, 24 Aug 2022 20:53:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63068fb8-a3b4"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d71a2fbf8114-ORD
expires: Wed, 27 Sep 2023 19:01:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
75 KB 331ms
70ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41667626bb51a778105649188cfb794b54ec2b89682db3974e9578d1a0ec9723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76467
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Aug 2023 15:44:32 GMT

GET
H2 200 1a738972-e4d4-469f-bbe4-6865f50be316.json Show response
cdn.cookielaw.org/consent/1a738972-e4d4-469f-bbe4-6865f50be316/ 3 KB
2 KB 106ms
49ms XHR
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1a738972-e4d4-469f-bbe4-6865f50be316/1a738972-e4d4-469f-bbe4-6865f50be316.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5020fa905fc2bd4925699ac59add6e6f34672d11b12d1e654714faab92627129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 54660
content-md5: XYry19H+gBqyk6lBUxuwVw==
content-length: 1133
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 20:14:49 GMT
server: cloudflare
etag: 0x8D8FACAF6433F66
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 71c10b1e-d01e-0150-16e1-5a81bb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f59d719adad13f5-ORD
expires: Sun, 13 Aug 2023 15:44:32 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 438 KB
177 KB 283ms
50ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=signupVkCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180114
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 15:06:33 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 290ms
57ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:12:51 GMT
content-encoding: gzip
via: 1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront), 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 21:28:56 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 1902
x-amz-server-side-encryption: AES256
etag: W/"93708b50a97059783aafdf3c6548167d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: k5eTNADphS4AweJ-KmSIr4jcRWRh6RlI6ueRruGtAknGYtuHBxzWSQ==

GET
H2 200 tracker.gif
www.henryherald.com/shared-content/art/stats/common/ 0
145 B 82ms
81ms Image
image/gif 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.henryherald.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=169185507227216001200647144539051&tnms_dt=How%20a%20Supreme%20Court%20ruling%20helped%20get%20a%20cannabis%20smoker%20out%20of%20prison%20%7C%20Henry%20Herald%20The%20Street%20Partner%20Content%20%7C%20henryherald.com&tnms_upage=1&tnms_do=www.henryherald.com&tnms_uri=/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html&tnms_ref=&rt=1691855072321
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 41ms
41ms Script
application/javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 41552
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 60dab1df-d01e-005f-07e1-5a2a18000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f59d71a1bd12243-ORD

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 224ms
84ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=PT+Serif:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:31:05 GMT
x-content-type-options: nosniff
age: 339207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 17:31:05 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 280ms
141ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=PT+Serif:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 07:20:01 GMT
x-content-type-options: nosniff
age: 289471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 07:20:01 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 296ms
156ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=PT+Serif:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:45:37 GMT
x-content-type-options: nosniff
age: 25135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 08:45:37 GMT

GET
H2 200 64d77c9cc8921.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/49/d49fc8dd-52d3-5f6b-82cf-f5d34d1879eb/ 6 KB
6 KB 94ms
60ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/d/49/d49fc8dd-52d3-5f6b-82cf-f5d34d1879eb/64d77c9cc8921.image.jpg?resize=200%2C133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801affbb0a733e299e7c6dee1b79b9f554d92c636d0cea08912f5941ca8e3537

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=6214, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 6067
cf-bgj: imgq:85,h2pri
last-modified: Sat, 12 Aug 2023 12:35:40 GMT
server: cloudflare
x-vcache: MISS
etag: "7f68f4e8cd505a7b7fd41739673db700"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71c4a068114-ORD
expires: Sun, 11 Aug 2024 12:41:00 GMT

GET
H2 200 64d79ae990af8.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/43/a43021ab-2352-526c-80fd-2e89b5d342f6/ 7 KB
8 KB 74ms
40ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/43/a43021ab-2352-526c-80fd-2e89b5d342f6/64d79ae990af8.image.jpg?resize=200%2C133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a50ecbe6aed0155dbe21b988252ddc051042ed22c750441ed201446aee6435e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 3214
cf-polished: degrade=85, origSize=10328, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 7650
cf-bgj: imgq:85,h2pri
last-modified: Sat, 12 Aug 2023 14:44:58 GMT
server: cloudflare
x-vcache: MISS
etag: "3e924ac6aa4d7e41fb4aa67942b4341c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71c4a078114-ORD
expires: Sun, 11 Aug 2024 14:49:17 GMT

GET
H2 200 ym.m5.js Show response
static.yieldmo.com/ 465 KB
130 KB 232ms
62ms Script
application/javascript 2600:9000:24f1:6e00:1b:83f3:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.m5.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:6e00:1b:83f3:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79498e0f7665637647357dce14843ce54619957ff369cc1b7bf3aab65b2d398c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: jJ19482GqqepN9PJuIavtUhk8X9veoGl
content-encoding: gzip
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
date: Sat, 12 Aug 2023 00:59:32 GMT
x-amz-cf-pop: JFK50-P4
age: 53101
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Jul 2023 15:20:17 GMT
server: AmazonS3
etag: W/"451bf6cd3f16a26a676a77d59bd7dfec"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: rQr9tBsIufccWX-rSvKM5Mzzqit2RBl9lh_riPW0iCE2Qk4ta40jWg==

GET
H2 200 widget_v3.js Show response
cdn.whizzco.com/scripts/widget/ 7 KB
3 KB 81ms
48ms Script
application/javascript 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:32 GMT
via: 1.1 0d686860a571e09f23ba7586948f0628.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD52-C2
age: 2766
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 05 Mar 2023 13:26:38 GMT
server: cloudflare
etag: W/"af75195749ffac29c536aae88fdbda39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJxpiAbis0oWVHldrckoozf1NEbn7%2BM6Mq4JF4SHSROWkGjqsmPijlSKNsIaixcm3wkszdfa25AzS2apYyae%2FZeCXk1NxiQOfQLaAjs1l%2FuIpjfPtTqAceqoKH80mMrsnpKdlphlyNYVeE%2BNfx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f59d71c4f8c1048-ORD
x-amz-cf-id: g9kxAVdHxIXZ9fbe3Qg-8LCIo5N5Tatl2yWmPWaMKFyBRXX7J7jhpw==

GET
H2 200 r4pE499dQd7ydX8TN9SUr6KgmcimmUeILNWVtqehkfqTr1054uv1Z0ybwYvARfJMzeK5ymEkERGVZToWxgmiBkdC9tmAELLgF8J80I0=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 897 B
1 KB 186ms
46ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/r4pE499dQd7ydX8TN9SUr6KgmcimmUeILNWVtqehkfqTr1054uv1Z0ybwYvARfJMzeK5ymEkERGVZToWxgmiBkdC9tmAELLgF8J80I0=s42-p-rj-l68-e365

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c4f94bf35858b24e164b7abb239f64e52e0b3461d7015d04e24a3575d73f646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 14:37:39 GMT
x-content-type-options: nosniff
age: 4014
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 897
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:37:39 GMT

GET
H2 200 -Tik0wngeOCxpdxafoi8r-DfWyRDGNn9jCn6XkG9X30CEoKgYo1pQquJhIbw4BoRPwBuZziftN2gM-M4w3ReO3JoaetbazgAQUBfI5Q=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 906 B
996 B 265ms
125ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-Tik0wngeOCxpdxafoi8r-DfWyRDGNn9jCn6XkG9X30CEoKgYo1pQquJhIbw4BoRPwBuZziftN2gM-M4w3ReO3JoaetbazgAQUBfI5Q=s42-p-rj-l68-e365

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56cbc44bc2987d82174b4a9877de409f06cfd60e62c62cab11cd0820c6eb8a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 14:12:15 GMT
x-content-type-options: nosniff
age: 5538
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Sun, 11 Aug 2024 14:12:15 GMT

GET
H2 200 n2ZATtXDAFbDgKnpDYZUiajE1SBSkgd0sZt_glPFV6_3zD6M1oZx46VPuHiVq1KhOseQpc9XfYLPgXdAQUHbfCdg1R1mG6sJGZAXhQ=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 980 B
1 KB 263ms
124ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/n2ZATtXDAFbDgKnpDYZUiajE1SBSkgd0sZt_glPFV6_3zD6M1oZx46VPuHiVq1KhOseQpc9XfYLPgXdAQUHbfCdg1R1mG6sJGZAXhQ=s42-p-rj-l68-e365

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a2a2ba81afe3bcc0f46ed33488c3e132be8e07e58e280f9eff1b5c5ca158408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:18:28 GMT
x-content-type-options: nosniff
age: 1565
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 980
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Sun, 11 Aug 2024 15:18:28 GMT

GET
H2 200 sprite_icons_6dc7d94.png
www.justapinch.com/images/ 22 KB
22 KB 144ms
28ms Image
image/png 130.211.10.17
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.10.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:33:34 GMT
via: 1.1 google
last-modified: Tue, 25 Jul 2023 14:57:38 GMT
server: nginx
age: 1311059
x-who: gcloud-web-2
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22292
expires: Sat, 27 Jul 2024 11:33:34 GMT

GET
H2 200 jvfEgxa3AMfl4FlOLur64JgSqI3E5lZU_aVSnv115rwHL6JIT_dYFCe3Ey23J1Y5x__xz2WrREiHDYXb0MQI-AMhIk6plkA=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 16 KB
16 KB 198ms
82ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jvfEgxa3AMfl4FlOLur64JgSqI3E5lZU_aVSnv115rwHL6JIT_dYFCe3Ey23J1Y5x__xz2WrREiHDYXb0MQI-AMhIk6plkA=w300-h170-p-rj-l75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49ad4f04c52487871ad40e7840e4907338f81b281d573d926b3ef646991899b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 12:58:13 GMT
x-content-type-options: nosniff
age: 9980
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16580
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Aug 2023 12:58:13 GMT

GET
H2 200 z5r7PZDNFQk7A3KQfwO7kxxcYTARNDymsUTEslzS9Ix8cN7kHuCQVg6SHPX_wdB4Uar99pPuvD-G_Y5BwAv1rbmrlXp5NXiNH34OKAATt_7J=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 15 KB
16 KB 214ms
100ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/z5r7PZDNFQk7A3KQfwO7kxxcYTARNDymsUTEslzS9Ix8cN7kHuCQVg6SHPX_wdB4Uar99pPuvD-G_Y5BwAv1rbmrlXp5NXiNH34OKAATt_7J=w300-h170-p-rj-l75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

754b31e85775f5a94ee69de84aa8cc120483903f381f06188d5dcb814ca606ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 14:12:13 GMT
x-content-type-options: nosniff
age: 5540
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15794
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Aug 2023 14:12:13 GMT

GET
H2 200 DR8vOohx-qBmtzeidRzM0C3o1BJ_vFRsi23Fw05IAqP1R7TrtsENteeA7SlGiNlua7YogoKw5CtF8KZO8A0DSbkX5aKxiAugWhPTU-_GT78=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 19 KB
19 KB 157ms
48ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/DR8vOohx-qBmtzeidRzM0C3o1BJ_vFRsi23Fw05IAqP1R7TrtsENteeA7SlGiNlua7YogoKw5CtF8KZO8A0DSbkX5aKxiAugWhPTU-_GT78=w300-h170-p-rj-l75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2c854b14b1ded294b8409bfe04907807ac85485ae7c568d6cbbde35872fdaa4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 14:12:19 GMT
x-content-type-options: nosniff
age: 5534
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19521
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Aug 2023 14:12:19 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 78 B
256 B 146ms
55ms Script
text/javascript 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5843a8c571898978910ecb53fb5e51c9007850630b128818ef93a79d00516306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 7f59d71ecbd410b3-ORD
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 33 KB
33 KB 50ms
49ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/6e60e716-5af3-11ed-9011-df0559fb2f5d.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 227551
cf-polished: qual=85, origFmt=jpeg, origSize=87079
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6e60e716-5af3-11ed-9011-df0559fb2f5d.webp"
content-length: 33456
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Nov 2022 21:15:09 GMT
server: cloudflare
x-vcache: MISS
etag: "6362dddd-15427"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d71e4c028114-ORD
expires: Thu, 08 Aug 2024 17:44:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
51 KB 118ms
60ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RCBKLD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4337f42c2f626ae5210c7523585794b83b498ad21c4cbc009bb27b27a6416c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52480
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Aug 2023 15:44:33 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 rtads Show response
api.whizzco.com/demand/v1/ 502 B
795 B 206ms
205ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7bcc386d2ef8dd0d159accfbdb048f66de0364d1d995f508ee566c58ff226af

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaZytr8Q3kChHprNSv74%2FHL1zq8c5%2Fafa5x5Ki%2BmUZrKniIwYO20Jp2ZNsAFT99BVERtLVZqmQ9uMDH0FT5QtGM2FvwbkNyHXw8BdPwN%2B60tl6rbhDZEtOfwlryrU58LvuXB1h1U2Yh%2B6vjMaQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d71fcdebe287-ORD
alt-svc: h3=":443"; ma=86400
priority: u=1,i

POST
H3 200 rtads Show response
api.whizzco.com/demand/v1/ 595 B
780 B 214ms
213ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf6a9e377285862ea32467ceba9d83409d283276f8fedd2a15e65a35fac4e7e

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flqr8AwucZ56oDpgtz%2B1UJjSxAdNcE1rbCjm7X6P3zfn0BcAEdwVxxvTsQ59PqCL56DyfQFIMt9RB1vCoNfL9Fdad%2Foi%2FoIROzsmUM8seZgNSUkZPI7Qeswx0gXHh3eoXfJy95NLr8PktzSfSOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d71fcde9e287-ORD
alt-svc: h3=":443"; ma=86400
priority: u=1,i

POST
H3 200 rtads Show response
api.whizzco.com/demand/v1/ 315 B
671 B 213ms
213ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3376d480ea0b1ae4bc7db8d850655d7d0a365963bf6071cc1c0c4446889e03fe

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmqqZ37YOMKWNkPnDi555QSL5e8Ux9b0HJqWBitTfjsLyMlh%2Fz2zSSJSQyrtgaS48hSNsVqg76cPSUlxfWnuP7bhKL6EjDimXyFzuvf4tu6SQvICxSvBSAg%2BCnm41uMiLnfat4hReoqDnWFos9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d71fcdeae287-ORD
alt-svc: h3=":443"; ma=86400
priority: u=1,i

POST
H3 200 rtads Show response
api.whizzco.com/demand/v1/ 315 B
672 B 210ms
209ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cebcf32604ee32788e792bab69edf0127091713fe3556b054f104d9ad9383211

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YTERSQMMAtJ0CJ6CTOttazBBn4mVkVJtVzedevzot%2FcldsJ9PHoFkFnxySspNSxyoYjdcDicYxfzSF2MWj4%2FGoYdrD35fpyea6gKC3mDEknV9Km47AEyBKxadF6VS0XGDQy4yX%2BNPk6vGB0DAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d7202e68e287-ORD
alt-svc: h3=":443"; ma=86400
priority: u=1,i

GET
H2 200 10578.jsx Show response
cdn-p.cityspark.com/wid/ 30 KB
30 KB 196ms
64ms Script
application/json 2a02:b48:9001::1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-p.cityspark.com/wid/10578.jsx?b=1691855073005&on=aHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tL2FyZW5hL3RoZXN0cmVldC9ob3ctYS1zdXByZW1lLWNvdXJ0LXJ1bGluZy1oZWxwZWQtZ2V0LWEtY2FubmFiaXMtc21va2VyLW91dC1vZi1wcmlzb24vYXJ0aWNsZV80ODllMzI0OS05YzU1LTU5MjQtYWYxOC1iNTllMDgyMWRlNzEuaHRtbA==&callback=jsonp10578

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:b48:9001::1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d6ddca5aa985ec16e626acbb8797affe88facfccc5c3891eb9a6ff4b69f92ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sat, 12 Aug 2023 17:44:33 GMT
date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7200
x-proxy-cache: HIT

OPTIONS
H2 200 rtads
api.whizzco.com/demand/v1/ Frame 0
0 219ms
95ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d71f3e022315-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eP%2FhUzfaaYJgtNR%2FUEYFIS%2BsG8UwYGsvsthNnztuFmsRlQG2bbt75O7Eck6rIn1BnXMrGSsQHVEfIw1RSCNSTtk%2BXuMqdyFtc8F7%2BDeSb3s7p%2F6VRnrXhCO58KM4A9ZwvmbetBrwVvR0upq5AjM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 rtads
api.whizzco.com/demand/v1/ Frame 0
0 214ms
91ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d71f3e032315-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63sHscJ81KfztfsqHI1QY3VCHLSrHlne%2BELIQ0zBmaEcjm6mRJDNgqPNl4vFfm%2FjSr0ToR%2BKHZSUUF1Q82ys876r9pASAn0pP4ud2nMamYJYxCKDwfVuO3f8MTyYD%2FdvC9zLU%2Ffbggg3UhUvUbo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 rtads
api.whizzco.com/demand/v1/ Frame 0
0 213ms
92ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d71f3e042315-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwsFcRE1iVmjs7fyHa1Fj5RQQ7MHyw9Ude10OmOXaUZaTp2V2p7PF%2Frh8QHVAu2xRmSo3jrP3qMX3xZS%2FiFDKo8iPa4nEKVJ8keDJlpNgNkCJMZTU%2FBeGN9MACCe8wdmKk%2FkalnErRQ%2FkGQPGmA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 rtads
api.whizzco.com/demand/v1/ Frame 0
0 275ms
156ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d71f3e052315-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76jZbHPUTmPgYdJjn2bNcmC5C4kCnJS%2FgLOO78niySmr3hi3057sq8VUtyIZqOF8G%2FHkLhEc%2Fbl%2BdJV1aWmPIkZnEr6uItIp%2FrLcBfCt1HmZ56U6pHcViTBrHhiQRZ8Hx08OShvxSd7i%2BW%2Br%2F8g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/ 400 KB
126 KB 70ms
49ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 08:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25587
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129196
x-xss-protection: 0
server: cafe
etag: 4052064757744512332
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 11 Aug 2024 08:38:06 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 372 KB
126 KB 123ms
121ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5817fb41adf33e035b815ca01976c0c0cb3333dc86eceb62d65b2bb6c33213d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128565
x-xss-protection: 0
server: cafe
etag: 10213211848857179321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:44:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame AB37 10 KB
5 KB 160ms
43ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 54209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 00:41:04 GMT
etag: 12368291122986407432
expires: Sat, 26 Aug 2023 00:41:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://idsync.rlcdn.com/712559.gif?partner_uid=2f4eb3db-beed-4d8b-bd52-e949c19c88ee
https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDJmNGViM2RiLWJlZWQtNGQ4Yi1iZDUyLWU5NDljMTljODhlZRAAGg0I4dHepgYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&rand=00634406
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&rand=00634406&expected_cookie=831d6c1c-ee10-42fd-b50b-0921bcea346c

0
142 B

124ms
123ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&rand=00634406&expected_cookie=831d6c1c-ee10-42fd-b50b-0921bcea346c
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7CEBC51932794A41A8259FE263EB69A6 Ref B: CHGEDGE1414 Ref C: 2023-08-12T15:44:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCu7S9R2egJ+zcQiEdYg==

Redirect headers

date: Sat, 12 Aug 2023 15:44:34 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 150FFB943CFE48FAA70874D0E107663B Ref B: CHGEDGE1414 Ref C: 2023-08-12T15:44:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: /db_sync?pid=10339&puuid=0ffa19d804bcdb9ca90a3065aaab6c1e06bd119636af886e090d08a23ca1545b791426b5417dce21&rand=00634406&expected_cookie=831d6c1c-ee10-42fd-b50b-0921bcea346c
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCu7S20RFMl4t5QqcDPQ==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1a738972-e4d4-469f-bbe4-6865f50be316/21f75449-dbbc-422d-a982-f28be0903717/ 25 KB
7 KB 65ms
60ms Fetch
application/x-javascript 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1a738972-e4d4-469f-bbe4-6865f50be316/21f75449-dbbc-422d-a982-f28be0903717/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f6899460df38bed5a246b64518ace77e11d20054cdc0dd878072c99595c63af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 78430
content-md5: CKepu/rFmjd3conR8uacmg==
content-length: 7170
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 20:14:51 GMT
server: cloudflare
etag: 0x8D8FACAF73BFEF9
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0faec0be-b01e-0022-64e1-5ab6d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f59d71ffcfa13f5-ORD
expires: Sun, 13 Aug 2023 15:44:33 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 598 B
958 B 49ms
46ms XHR
application/json 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.henryherald.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 14:31:39 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 4374
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.henryherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 598
x-amz-cf-id: LWUhJhpnwTSU3oU2H9Sun3QDEjxi43tdkGz2KiqJXQ0dobh8YYdkEQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 166ms
47ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 22:36:33 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 264f765d2ad734b490f4728d6de8ce04.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 61681
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 9WJ3onKDV4FmFieI6xVzXEyVxcWnOfUuMIwr24UfDjzix_VOeLo-dw==

POST
H2 204 beacons
p.flipp.com/ 0
0 208ms
56ms Fetch 18.164.116.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201258278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-73.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
x-amz-cf-id: jqkdK_GoNhxt74n4VbcDNWdvKQqmCoZ5xorcbg8tGv_ymCPeylUHbw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 185ms
46ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Aug 2023 14:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 12 Aug 2023 16:40:55 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
61 KB 80ms
75ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ae5590e588f92eb6faa49d93c2aa5142d144940f72b77d0b57d9b6d9391ef1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61996
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Aug 2023 15:44:33 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
65 KB 79ms
74ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a5675ce55867113f678489a3ace11da371ca81bfffb0b8ff14a99897bddbe50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66222
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Aug 2023 15:44:33 GMT

GET
H2

200

rid Show response
match.adsrvr.org/track/
Redirect Chain

https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json

109 B
530 B

177ms
50ms

XHR
application/json

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 5034fd18f45804eb2baba5045c5a0cc63837ed91fe431143314070e3e50a5238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Mon, 11 Sep 2023 15:44:33 GMT

Redirect headers

date: Sat, 12 Aug 2023 14:46:39 GMT
via: 1.1 f391dfb0806f29cccc5f1df3e1ae836e.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 3475
vary: Origin
access-control-allow-methods: GET
x-cache: Hit from cloudfront
location: https://match.adsrvr.org/track/rid?ttd_pid=yieldmo&fmt=json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: f4epYfuF9EPukj7Qu_0pMKW8v_VpqU921ATLKlsH6HiXCsg2jJWaZw==

GET
H2 204 ads Show response
ads.yieldmo.com/v002/t_ads/ 0
228 B 170ms
40ms XHR
text/plain 18.208.29.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v002/t_ads/ads?bust=1691855073417&_s=1&e=0&v=9.18.16-500&page_url=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&p=1068060637405756184&description=The%20Mississippi%20man%20had%20been%20sentenced%20to%20nearly%20four%20years%20in%20prison.&title=How%20a%20Supreme%20Court%20ruling%20helped%20get%20a%20cannabis%20smoker%20out%20of%20prison%20%7C%20Henry%20Herald%20The%20Street%20Partner%20Content%20%7C%20henryherald.com&dnt=false&scrd=1&h=1200&w=1600&lane=ym.m5&pft=1691855073417&ct=1691855073347&connect=4g&bwe=9.3Mb%2Fsec&rtt=0&sd=false
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.m5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.29.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-29-47.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://www.henryherald.com
pragma: no-cache
date: Sat, 12 Aug 2023 15:44:33 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 111 KB
26 KB 115ms
43ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: TFWC0NBA6AS11QTW
age: 520
etag: W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f59d7218d0e49f1-ORD
x-amz-id-2: vrZcytmAphFzsGadSaEGUyvYtLleXMPcJc0/nv8hBKd4k15BZ21am+JjgDf6etdn7Ppbr2tj1/c=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C34F 214 KB
76 KB 65ms
60ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9c947708c91c7dd223f9e89cd0aea0302c753066ffdc37cafee22d75204a0b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 15:44:33 GMT

GET
H2 200 WidgetTemplate2.min.css
csp.azureedge.net/cdn/widget/ Frame C34F 4 KB
2 KB 324ms
118ms Stylesheet
text/css 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 23:27:18 GMT
server: Microsoft-IIS/10.0
etag: "1d9b6aabadec0c1"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1712

GET
H2 200 jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js) Show response
cdn.jsdelivr.net/g/ Frame C34F 115 KB
40 KB 111ms
32ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 12 Aug 2023 15:44:33 GMT
age: 8248959
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 40153
x-served-by: cache-fra-eddf8230069-FRA, cache-chi-klot8100047-CHI
etag: W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.fireSlider.min.js Show response
csp.azureedge.net/cdn/js/ Frame C34F 13 KB
5 KB 260ms
55ms Script
application/javascript 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/js/jquery.fireSlider.min.js
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 23:27:18 GMT
server: Microsoft-IIS/10.0
etag: "1d9b6aabadefbd3"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4442

GET
H2 200 rad.js Show response
csp.azureedge.net/cdn/js/ Frame C34F 5 KB
2 KB 260ms
54ms Script
application/javascript 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/js/rad.js
Requested by: Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 23:27:18 GMT
server: Microsoft-IIS/10.0
etag: "1d9b6aabadedc6a"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1892

GET
H2 200 p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame C34F 35 B
373 B 196ms
58ms Image
image/gif 2620:116:800b:21:1456:d0e1:7db4:a56b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 64d79ae990af8.image.jpg
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/43/a43021ab-2352-526c-80fd-2e89b5d342f6/ 10 KB
10 KB 65ms
63ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/assets/v3/editorial/a/43/a43021ab-2352-526c-80fd-2e89b5d342f6/64d79ae990af8.image.jpg?crop=1175%2C1175%2C294%2C0&resize=200%2C200&order=crop%2Cresize

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d963fff6eb059ca89de0f270c9e5f091503365faab54023e949af71de396930

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: degrade=85, origSize=12416, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 12 Aug 2023 14:44:58 GMT
server: cloudflare
x-vcache: MISS
etag: "339a5b5e0f237da385d5b3d5950c59ba"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7f59d7217f0d8114-ORD
expires: Sun, 11 Aug 2024 14:54:12 GMT

GET
H2 200 0ec6a63a-25ad-11ee-93e4-2396fb252bb7.png
bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/ 46 KB
46 KB 41ms
40ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/henryherald.com/content/tncms/custom/image/0ec6a63a-25ad-11ee-93e4-2396fb252bb7.png?resize=540%2C439

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8b28b7266de6eb92e4c2a43e5ede874fbfa5288aeddd80c2aeb85ed7c66cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2070002
cf-polished: origFmt=png, origSize=51860
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="0ec6a63a-25ad-11ee-93e4-2396fb252bb7.webp"
content-length: 47258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Jul 2023 20:52:50 GMT
server: cloudflare
x-vcache: HIT
etag: "c3bb39a43346917df7aed181c7cf517d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7f59d7217f108114-ORD
expires: Wed, 17 Jul 2024 20:57:17 GMT

GET
H2 200 / Show response
www.henryherald.com/tncms/access/rules/ 151 KB
14 KB 57ms
56ms XHR
application/json 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.henryherald.com/tncms/access/rules/

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

497d568cbe2396af019333afae9be8c2264e122719911a40f87f56082272fcd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
X-TNCMS-Access-Version: 2023-07-21 21:25:24
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 10:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20224
content-length: 13680
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 12 Aug 2023 10:07:28 GMT
x-vcache: HIT
etag: W/63e4481b66225032d0097552ebc19400
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-Version, Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.70.8; app6; 0.34s; 2.9M
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H2 200 number-frame-1.110.html Show response
core.spreedly.com/v1/embedded/ Frame 2AAA 2 KB
2 KB 29ms
28ms Document
text/html 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/number-frame-1.110.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

57514ad406f26bcc8590845f4733a4ec2a9138563967cbc3456488857fad892a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2951
content-length: 1973
content-type: text/html
date: Sat, 12 Aug 2023 15:44:33 GMT
etag: "9d3da7e31ac9ee4965e05eb7a5a8ce64"
last-modified: Thu, 03 Aug 2023 13:29:04 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: p5psR9ZKYkIgbyVH2wF1ICJpKdsHIhdoI/OUnvQA+1pu0y3IgHVAyA/FX+0BmesXfJHRsa+X4sY=
x-amz-request-id: FHAXGK0QJ7WZAMDE
x-amz-version-id: null
x-cache: MISS, HIT
x-cache-hits: 0, 45
x-served-by: cache-chi-klot8100115-CHI, cache-chi-klot8100061-CHI
x-timer: S1691855074.633294,VS0,VE0

GET
H2 200 cvv-frame-1.110.html Show response
core.spreedly.com/v1/embedded/ Frame E0FB 5 KB
5 KB 37ms
36ms Document
text/html 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/cvv-frame-1.110.html

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/iframe/iframe-v1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2951
content-length: 4842
content-type: text/html
date: Sat, 12 Aug 2023 15:44:33 GMT
etag: "023107333aa836578a0fa9f40d953431"
last-modified: Thu, 03 Aug 2023 13:29:02 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: dcLUYDJ0TiAR0QB/8UkHv6BlMgQhUfBMUziYk9JNG6aty+TCBgrClGGtxHbGr8ImbeNoyW7L2QQ=
x-amz-request-id: AQBCP68SB6TWBACB
x-amz-version-id: null
x-cache: MISS, HIT
x-cache-hits: 0, 47
x-served-by: cache-chi-kigq8000091-CHI, cache-chi-klot8100061-CHI
x-timer: S1691855074.639494,VS0,VE0

GET
H2 200 ajs.js Show response
cdn2.decide.dev/_js/ 7 KB
3 KB 154ms
31ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.decide.dev/_js/ajs.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 3dffa84e13fbc367c907ff31e293923484de18c4c06cac97109e4b9a1b19752c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 09 Aug 2023 05:41:55 GMT
etag: W/"1a71-189d8d0e24b"
x-hw: 1691855073.cds259.ch4.hn,1691855073.cds227.ch4.c
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2973

POST
H3 200 tshow Show response
api.whizzco.com/dtracking/v1/ 15 B
486 B 98ms
98ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mwAw62IRHoUBpVN3nPM3jsk8SuoqObEZ9Y8l7BNBcK9Zo7oKLYjABaXaBAtBnY7Cxp1T6ZTudsCcJE5usQhTLQTfoCLWbYwiNnlsOLKO13Lk6YPxNC5ZgZ%2FQbbupJZHGYR%2B1cRbNcCGmBThwow%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d722ef8ae25b-ORD
alt-svc: h3=":443"; ma=86400
content-length: 15
priority: u=1,i

OPTIONS
H2 200 tshow
api.whizzco.com/dtracking/v1/ Frame 0
0 91ms
89ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d722599a2315-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rq5naxil2VZAcH0kcA88L6YRmuyhYZBl42nbo6Uo3e1fpPcXAVszGD%2FxVIuiXf1qYaE9mmdiwTp%2BbaBq0oBkkAEI6z1TDbHzEzqFZIPOEF1sc77QkKJL3G24qx9hESh3vjXxv1K4UUGYTFm%2FA0I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 delivery.js Show response
assets.netizen.co/master/ 162 KB
52 KB 189ms
28ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.netizen.co/master/delivery.js
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: fe8b3c376366178fa7b6f712cfa3adbd234eaa467b606dd2ac739a5d2f6e4c82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 16:52:58 GMT
server: AmazonS3
x-amz-request-id: 7ZX41VH4DQT1WVMG
etag: "1b3c42c13a9be80d5847f3d41c06367f"
x-amz-server-side-encryption: AES256
x-hw: 1691855073.cds237.ch4.hn,1691855073.cds245.ch4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 52486
x-amz-id-2: wnwZSPH7rpdQlJBNY85eZO+SqZjwy36HwrnLv4EQKwzjDG0VPw/+b9ulSwe3Jv1ZCmyQTXk72Ig=

GET
H3 200 widget_v3.js Show response
cdn.whizzco.com/scripts/widget/ 7 KB
3 KB 64ms
50ms Script
application/javascript 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
via: 1.1 11f2bbed05b5b40cdf20119c85254bce.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ORD52-C2
age: 3501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 05 Mar 2023 13:26:38 GMT
server: cloudflare
etag: W/"af75195749ffac29c536aae88fdbda39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGtNKJGvPOKMezwU85CNcvBp2m2PBP%2FSwvHBIumzt58WNQXJo462gvVWJVYDg03uC1ztIltBJFVlefqXc08OPcEmOWn%2B7VtswVFYpFPT4QP4ApPVtWqk5%2Fjg%2Bo20%2FmZ5zF50TtSRiM5u3YP3CFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f59d72298ede287-ORD
x-amz-cf-id: Hffeb4qtuokROdqdAA-ogMCzRGDLXZk8WbTzpO1MzuY0Bfo3qEunzg==
priority: u=3,i=?0

POST
H3 200 tshow Show response
api.whizzco.com/dtracking/v1/ 15 B
452 B 152ms
151ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fOLUIY%2FK6qZzNpjwipVq7nSbz79uARsCK6dHW7uGJFm5Hj8t082sVs8Fr6HIcoVc0LOUWB9%2FSovm3sdqj5UuzMbzPD%2BwVlGkK3BXM9jbqrT3xKd1%2BRjwxeZ4BtQjm4sTUBQbYWGAt61iZm7Iho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d7237816e25b-ORD
alt-svc: h3=":443"; ma=86400
content-length: 15
priority: u=1,i

OPTIONS
H2 200 tshow
api.whizzco.com/dtracking/v1/ Frame 0
0 165ms
158ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d72299f42315-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wc07aHRigBMOLTj5rZERCsrohI8qTqsZWmgILW3aoj2WjIaF58PM7uFtXxXPfhu2%2FjZ5VsBxC0gKWrsyfsOXv2bJCAHZh4sf9Nen4hXo8qSwJvBCzrqmv57qvgtuqthaBSOqfdnGV%2BSThE5tuE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H2 200 tshow
api.whizzco.com/dtracking/v1/ Frame 0
0 111ms
109ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d72299f72315-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1dNqxIS0a7F75blW8wp12wyaBTkXfSo32ItbGE%2FjJL5It7q3wwu9X4un9t761jZVHXOW%2BFfBCdC%2FClhpQYk1ePBWyopSHOlEEPg%2F6iJuMyG4WBpSttb5H52RpEaIm2kH2PCClRdIjZc9x6g2WM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 henryherald.com.1496662.js Show response
jsc.mgid.com/h/e/ 3 KB
2 KB 144ms
48ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/h/e/henryherald.com.1496662.js
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d71ce6c35fb10e25ce3257f05c70f2c298533713765ff8158acb36a69902600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
x-amz-version-id: YNR_1yxRiyWd4_e6u59XM9VYmLK9sacj
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: RGG8W4EH5FXWS5F7
age: 6743
cf-polished: origSize=2692
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Qahvg6gzmR50B/lDluITSECFIuVYYaakNlPuZg2y780gnqd8G4+MbQctBRqhKUhw2GlK0NSHPKjbV9qJn1KL2g==
cf-bgj: minify
last-modified: Wed, 02 Aug 2023 07:53:32 GMT
server: cloudflare
etag: W/"2f882f18c05190c6e443752671adf8e9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7f59d7231a8310d7-ORD
expires: Sat, 12 Aug 2023 18:44:33 GMT

POST
H3 200 tshow Show response
api.whizzco.com/dtracking/v1/ 15 B
450 B 162ms
162ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgJCi00gi1eUsgx2yRLkYUM%2FY25SVKLONC1ucBcf37rGvVnrDjGLe15dstxFNy6XFve17mlUQoLwHxmlI1Q%2FuDfy9PSLCmaeKzCKIVXpVRLSZyzRVfaWc9miSG9CWILoiRjmZuI02r87FGw0kl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d7232fcfe25b-ORD
alt-svc: h3=":443"; ma=86400
content-length: 15
priority: u=1,i

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 191ms
52ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 12:15:10 GMT
content-encoding: gzip
via: 1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 12564
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 5fRbpw7ZOiYjvm6Vy0sGXC1nWBMYUvkTQ_RsJ1FljpTWkJW1hpiyFQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 209ms
129ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 697514ace3f341cb55eafa93e72ebfb4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 173ms
44ms Script
text/javascript 2600:9000:2511:d400:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:d400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 12 Aug 2023 09:10:38 GMT
Via: 1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
Age: 23636
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: NaJfjP5vntI1DPyfxfZc-bGVmc5BdQqsVe1QrR-uF9YRoUz-FotLNQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
26 KB 42ms
40ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: 402MRH3GV6RQBV4V
age: 867
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f59d7233ec249f1-ORD
x-amz-id-2: VZY1o34njVieETuFg0B4AS9WJKQXSKPiV9Wurh9YYHS/3UomVju6XE1MoGDZXNBB7ztkN8DCrpEVXgoHw5JrkA==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
623 B 31ms
30ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 12 Aug 2023 15:44:33 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15858
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-chi-klot8100047-CHI
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 176ms
79ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Aug 2023 15:44:33 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 142ms
47ms Script
application/javascript 104.18.25.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 169804
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f59d723df4b1156-ORD
expires: Tue, 15 Aug 2023 15:44:33 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 118ms
30ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:18:08 GMT
content-encoding: gzip
age: 1254385
x-guploader-uploadid: ADPycdsOm-RJVGmUcKa1_5A63vp3ViUzBlWBpi1b4ee5BQovYaaGxMgp9qDNIbIUUYcGyLVuDhT8UOjd7IX4UqWgdZTkPQGaMQCH
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 28 Jul 2024 03:18:08 GMT

POST
H3 200 tshow Show response
api.whizzco.com/dtracking/v1/ 15 B
450 B 96ms
95ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2exzdU14GYeiSLJBCayX76oFSHqXHYwCFYOihsfjejUw%2FhzzyRxmqMgVCjkjXhFwiWkTyKLK6L5ZDaS4kfCePnvwrkOUSJTzL6JKYluuo5b4tvmkAJae2im44WLMAO%2FkMcRojvj5GQx0j1c4Q6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d72418b8e25b-ORD
alt-svc: h3=":443"; ma=86400
content-length: 15
priority: u=1,i

OPTIONS
H3 200 tshow
api.whizzco.com/dtracking/v1/ Frame 0
0 98ms
96ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d723780be25b-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDLPPQhFlLYPFnYmTlQ0OL5qMABjJehSrcJQw2Cjmc%2FskEr5LkgFzS6PZhmJti%2BvaNp2%2FSwHS%2F6CVgVMmRxhTFIX1Cp3h4QamgDbHwOFTIBbWfJzCrnERhhTXI7gUERcNT0KKqTF6t%2F7hJuEjA0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 161ms
48ms Preflight 3.227.250.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-191.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Sat, 12 Aug 2023 15:44:33 GMT
x-amzn-RequestId: cbebfe26-59ce-1d12-96ba-55078005bba3

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ 133 B
569 B 54ms
53ms XHR
application/x-amz-json-1.1 3.227.250.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.m5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-191.compute-1.amazonaws.com
Software: /
Resource Hash: 92a105897d0f37bbdc2fce455426b651d574900ee11ba3d4e7f186f3c4a252d2

Request headers

Pragma: no-cache
accept-language: en-US,en;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230812/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=290ace55bb3f2885a026073354ed3adbf302bc8fd5ec7f947c613e29a7e58c33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 80c6038c0024db1b3eb4a7f0b60a8cbacf4ccf44f1cf903e02b32e750726b782
Cache-Control: no-cache
Referer: https://www.henryherald.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20230812T154433Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Sat, 12 Aug 2023 15:44:34 GMT
x-amzn-RequestId: f2c34986-cdc1-7991-af92-e2a4140adf20
Content-Length: 133
x-amz-id-2: /1PL7r+o/87hBBEhaC8plJ5Dh3JGFkkMvUhcsHAOBLElUrXxqjMjWvsRih7BxXncXCve/TJvVPS7574VGIZ/bVfSlxuuVSvm
Content-Type: application/x-amz-json-1.1

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ 133 B
569 B 56ms
56ms XHR
application/x-amz-json-1.1 3.227.250.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.m5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-191.compute-1.amazonaws.com
Software: /
Resource Hash: 82162e4258e91c9c7edbbf6681977eadb6f11d0752666185ef94f643b8229d97

Request headers

Pragma: no-cache
accept-language: en-US,en;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20230812/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0d9d905d8ee9caf3ad29dec827ed422cfdabf075a5f61841d7b67cd0b097908a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 37be83d6772b830bd11893897a5293f25c59ffa752d9b0cfc18eb92730cfbcf8
Cache-Control: no-cache
Referer: https://www.henryherald.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20230812T154433Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Sat, 12 Aug 2023 15:44:34 GMT
x-amzn-RequestId: ce314bf6-12f5-fa3a-9360-e0d48cb305a2
Content-Length: 133
x-amz-id-2: 7/71wZMGoWiZgDUtWSJYV4TKNAdyqU31W0X+N46P1GyuZoZ3fhuI5L6yfLdYRSArejMYA+ZApxmVzFq1Uhs00j8Ww48FjsZl
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 157ms
51ms Preflight 3.227.250.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-191.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Sat, 12 Aug 2023 15:44:34 GMT
x-amzn-RequestId: ea285b10-576f-af10-b779-f032c9295088

GET
H2 200 number-frame-1.110.min.js Show response
core.spreedly.com/iframe/ Frame 2AAA 111 KB
111 KB 32ms
29ms Script
text/javascript 151.101.66.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/number-frame-1.110.min.js?restricted=true

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/v1/embedded/number-frame-1.110.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

54fd102422570ac2dcdc2ba2eb0c4a9d72d2279b9934e4bfce2e64c3035e5263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.spreedly.com/v1/embedded/number-frame-1.110.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Sat, 12 Aug 2023 15:44:33 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: AQB11X275SEGM4W5
age: 2945
x-cache: MISS, HIT
content-length: 113361
x-amz-id-2: ddHMXphKS85IljDTYk2sNfXEjbwHbej96pJwajCQWwQOtGYv3jO1MDw9IkfwU/w7juqPpA5+7uQ=
x-served-by: cache-chi-klot8100108-CHI, cache-chi-klot8100061-CHI
last-modified: Thu, 03 Aug 2023 13:28:59 GMT
server: AmazonS3
x-timer: S1691855074.897447,VS0,VE0
etag: "ea1ddc3731caa7bc928aab55863da34a"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 0, 46

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 50ms
45ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 78422
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C572DA86E8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc06a9f5-501e-00a0-1fbf-a51780000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f59d7243a8013f5-ORD

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 62 KB
15 KB 39ms
37ms Fetch
application/json 2606:4700::6812:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 12 Aug 2023 15:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YaY1oSnUSTaZJLZwfr9VDQ==
age: 35322
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14978
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C5734D5AA0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8740a18d-001e-0134-41e1-5a311b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f59d7243a8513f5-ORD

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
608 B 155ms
58ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.henryherald.com&callback=_gfp_s_&client=ca-pub-3129558407352269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

559c96569c95bcacf8120f02d104653eb3923b771c50f92ec4351f942733dac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE3A 0
188 B 147ms
146ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3129558407352269&output=html&adk=1812271804&adf=3025194257&lmt=1691881772&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691855073100&bpp=18&bdt=1246&idt=862&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2436571313534&frm=20&pv=2&ga_vid=1044184676.1691855074&ga_sid=1691855074&ga_hid=136177701&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31076469%2C44759875%2C44759926%2C44759837%2C31076804%2C31076924%2C21065724&oid=2&pvsid=3576657166846134&tmod=1565548349&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=940

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 15:44:34 GMT
expires: Sat, 12 Aug 2023 15:44:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C34F 12 KB
961 B 61ms
60ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Requested by

Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://csp.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:37:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Aug 2023 15:44:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C34F 7 KB
804 B 60ms
60ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Requested by

Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11b8776d0e99221a9cea315566e7599938ff94dbf8b48f18fe21e1ae34e7f60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://csp.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 13:54:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Aug 2023 15:44:34 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 566C 51 KB
28 KB 110ms
107ms Document
text/html 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=7m5jy7csh9lb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce075926799f57b8163390fd68f54665e015f37865dd92b84ec3ff7c55b6ffab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FmHotPIpw5xlEpMdse-xTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28342
content-security-policy: script-src 'report-sample' 'nonce-FmHotPIpw5xlEpMdse-xTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 12 Aug 2023 15:44:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
www.henryherald.com/tncms/access/user/ 694 B
936 B 77ms
76ms XHR
application/json 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.henryherald.com/tncms/access/user/

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

c052e65c44a0f30997cddd139024afa728f68cf2c991f61c4b866fb724046224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TNCMS-Access-User: anonymous
Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 338
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-User, X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.70.8; app14; 0.02s; 1M
cache-control: private, max-age=3600, must-revalidate
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
371 B 184ms
70ms XHR
application/json 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.henryherald.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
60 KB 58ms
58ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b766427dcfecd0489163fd40bb01dbc97769b67787a9ca3b315dde7861afd63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61461
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Aug 2023 15:44:34 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 105 KB
29 KB 191ms
52ms Script
text/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 889f22c89985d5d524e22a4a3ba00effd6d587d1598c027e2c942f29df388a34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: VADLHxqLAcnHe94X1oIImE1OR.p_UIR0
content-encoding: gzip
via: 1.1 7a9ee72a0b48ca2cabd7b6a48922db46.cloudfront.net (CloudFront)
date: Sat, 12 Aug 2023 15:43:55 GMT
x-amz-cf-pop: JFK51-C1
age: 39
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Jun 2023 00:53:37 GMT
server: AmazonS3
etag: W/"fa900885fd8fc4fb0c5173e831cc6174"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 3N4n0fmMjXaIRH3aCrAZUrf9EN7QMDsX8Vq4pUApmczSH3qLvYJ4Mw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
84 KB 59ms
58ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

928f31f82abb2e790c7d12fd2483bfa03660931b3a46c7e36f24fa3ac0423787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 15:44:34 GMT

POST
H2 200 campaigns Show response
gateflipp.flippback.com/flyer-locator-service/ 6 KB
2 KB 248ms
112ms Fetch
application/json 52.22.33.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gateflipp.flippback.com/flyer-locator-service/campaigns
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201258278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.33.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-33-131.compute-1.amazonaws.com
Software: envoy /
Resource Hash: dceaed29fce7a693280860ae39b4a6b5f902efd53eb1244f2f361bfe01e96b1c

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-trace-id: cjbqhoiq3bosvl0r63m0
date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
server: envoy
vary: Origin,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 62
content-length: 1883

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C34F 15 KB
16 KB 45ms
43ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 10:45:32 GMT
x-content-type-options: nosniff
age: 277142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:45:32 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame C34F 15 KB
15 KB 48ms
47ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 07:38:03 GMT
x-content-type-options: nosniff
age: 115591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 07:38:03 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame C34F 15 KB
15 KB 51ms
50ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 10:48:56 GMT
x-content-type-options: nosniff
age: 276938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:48:56 GMT

GET
H2 200 icomoon.woff
csp.azureedge.net/cdn/widget/fonts/ Frame C34F 2 KB
2 KB 192ms
57ms Font
application/font-woff 2600:141b:13::17d7:82ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
Requested by: Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27

Request headers

Referer: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Origin: https://www.henryherald.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
last-modified: Fri, 14 Jul 2023 23:27:18 GMT
server: Microsoft-IIS/10.0
etag: "1d9b6aabadec8dc"
x-powered-by: ASP.NET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2012

GET
H2 200 henryherald.com.1496662.es6.js Show response
jsc.mgid.com/h/e/ 309 KB
94 KB 53ms
50ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/h/e/henryherald.com.1496662.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/h/e/henryherald.com.1496662.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d94236088c537f7d17beb5c6843a9a90d7bfca50c1ed0435ce3c59305d9427ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
x-amz-version-id: mBbpK6XzGORCy8sSjQf436UB.x9loGMc
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4SNWQN34ES57V0DH
age: 6738
cf-polished: origSize=316368
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1qBSF9W5qyBoB5DqBXJWDZrxpLuqYJ2/uPhIAKs6KhbvqeNQPns4EYFC3uzfoyEl+In7QCGGpZw=
cf-bgj: minify
last-modified: Wed, 02 Aug 2023 07:53:32 GMT
server: cloudflare
etag: W/"0cc396a4b647f05e28a3e03fdd01356f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7f59d7279f7c10d7-ORD
expires: Sat, 12 Aug 2023 18:44:34 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 566C 55 KB
24 KB 44ms
43ms Stylesheet
text/css 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=7m5jy7csh9lb

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 07:14:19 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 566C 438 KB
176 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180114
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 15:06:33 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
406 B 424ms
133ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a0302f34ce45a30ea09eecbf4445dc766c63ca7b9f1010705aab3e893b2d1d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.henryherald.com
date: Sat, 12 Aug 2023 15:44:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 204 collect
www.google-analytics.com/g/ Frame C34F 0
174 B 59ms
58ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je3890&_p=1901755780&cid=1713860850.1691855075&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dp=%2Fwidget%2FHenryHerald%2F10578%2FLocal%20Events%2F2a6287a6292a%2F&sid=1691855074&sct=1&seg=0&dl=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&dr=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&dt=Local%20Events&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hostname=p.cityspark.com
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 539ms
130ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.henryherald.com
date: Sat, 12 Aug 2023 15:44:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 198ms
44ms Script
application/javascript 23.77.173.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-173-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=35784
accept-ranges: bytes
content-length: 68444
expires: Sun, 13 Aug 2023 01:40:58 GMT

GET
H2 200 widget-rtdx.php Show response
japfg-trending-content.appspot.com/ 5 KB
2 KB 117ms
116ms Script
text/html 2607:f8b0:4006:816::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://japfg-trending-content.appspot.com/widget-rtdx.php?s=10238
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2014 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 757d02e72f62d42261f6ffc0e283dcf42bfbe56f8da0837e3b520ce58f03809a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 138 KB
30 KB 181ms
43ms Script
text/javascript 2606:4700::6812:4a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RCBKLD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4667cf44b981c5da04b62159e8b59d83dad2de7eaab1a03e0909eb6003d271a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 12:10:00 GMT
server: cloudflare
x-amz-request-id: KZ107HPGY41WSHA8
age: 134
etag: W/"c39195861dcf07e6a6b98b6d11f0d146"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7f59d7299895e20f-ORD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gpv7gYu8H0BHM3ywb5bowE8BvZtrXhXPv8e6q2hmmrl3lMv3sZlQWo9FGIn4EU2a7iBfXFnBnCQ=

POST
H3 200 rtads Show response
api.whizzco.com/demand/v1/ 926 B
937 B 212ms
210ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c10d6c035991f8fb8daea3256900d1590c89f3620255ee6ac4e8ec9b926fad2

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLj6wQSNfeuv%2B7G4akX5dkWraRHzZVcV1rgBQRNEsUPFDOZoUmE6hulN%2BffKGs%2Bf2dkMa%2BQlQAyARnp6VsVPMBO5mW3lbT7mBoa%2FWFfQrwx2QEeg4Y9LDy59yAj0yTQcOCdqcRB9y0G1pJb3WFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d7299845e287-ORD
alt-svc: h3=":443"; ma=86400
priority: u=1,i

OPTIONS
H3 200 rtads
api.whizzco.com/demand/v1/ Frame 0
0 112ms
112ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/demand/v1/rtads
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d728df73e25b-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOHzzEkvuaJ6vClfcTCbbZMZ5H25tvzavgC4FPEH0Sd1qIVsyNpbI9QWQ6%2BcN3FqRaKNgwd1HhJikIDxjyoB1E7GVQ63GuOWE%2Bj3z1arTD%2FPI67mDnwkdubZahdIL46Su%2FubzD75QrZoMai01MU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 204 beacons
p.flipp.com/ 0
0 98ms
98ms Fetch 18.164.116.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201258278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-73.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
x-amz-cf-id: 2LiEPvx8NRCJ38xKtLP0FPI1jN5oxdR0A51mFqg2h7chwkin-5jKpg==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
49 KB 97ms
96ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5KTN97

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

810c7bb5576cb84f4960f4ad0062807f9495223d3d5b794df5572b8dea7b2f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50476
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 12 Aug 2023 15:44:34 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
www.henryherald.com/tncms/access/meter/ 416 B
793 B 64ms
63ms Fetch
application/json 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.henryherald.com/tncms/access/meter/

Requested by

Host: www.henryherald.com
URL: https://www.henryherald.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

35decc19756ad00d9c16d2303d4e1af9a5c94e1dd4cef9eb6fd41ad263784929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 263
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
x-tncms: 1.70.8; app1; 0.01s; 0.9M
cache-control: private, no-cache, no-store, max-age=0
vary: X-IPCountry, Accept-Encoding
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 58ms
57ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=136177701&t=pageview&_s=1&dl=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&dp=%2Farena%2Fthestreet%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&ul=en-us&de=UTF-8&dt=How%20a%20Supreme%20Court%20ruling%20helped%20get%20a%20cannabis%20smoker%20out%20of%20prison%20%7C%20Henry%20Herald%20The%20Street%20Partner%20Content%20%7C%20henryherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgUABAAQCACAAI~&jid=986901564&gjid=2044429889&cid=1044184676.1691855074&tid=UA-54716522-7&_gid=525297679.1691855075&_slc=1&gtm=45He3890n71PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.thestreet.com%2Fretail%2Fcourt-grants-weed-smoker-freedom&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=489e3249-9c55-5924-af18-b59e0821de71&cm1=396&z=1721982118

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 138ms
49ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=1044184676.1691855074&jid=986901564&gjid=2044429889&_gid=525297679.1691855075&_u=YChAgUABAAQCAGAAI~&z=1311838234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 12 Aug 2023 15:44:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 59ms
57ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=136177701&t=pageview&_s=1&dl=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&dp=%2Farena%2Fthestreet%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&ul=en-us&de=UTF-8&dt=How%20a%20Supreme%20Court%20ruling%20helped%20get%20a%20cannabis%20smoker%20out%20of%20prison%20%7C%20Henry%20Herald%20The%20Street%20Partner%20Content%20%7C%20henryherald.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAAUABAAQCAGAAIAB~&jid=1563370699&gjid=218543178&cid=1044184676.1691855074&tid=UA-59155304-6&_gid=525297679.1691855075&_r=1&_slc=1&gtm=45He3890n71PDQV3N&z=1161318316

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14870740986191206 Show response
decide.dev/lad/ Frame EB26 1 KB
2 KB 147ms
77ms Document
text/html 34.149.139.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://decide.dev/lad/14870740986191206?pubid=ld-6820-1947&pubo=https%3A%2F%2Fwww.henryherald.com&rid=&width=1006&path=%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html
Requested by: Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 129.139.149.34.bc.googleusercontent.com
Software: /
Resource Hash: f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 1342
content-type: text/html; charset=utf-8
date: Sat, 12 Aug 2023 15:44:35 GMT
via: 1.1 google

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
619 B 208ms
71ms XHR
application/json 3.228.223.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.223.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-223-152.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9558651647586f13e5dc9e7a91a972a19604479ddd755a896e679d5897b918cb

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:35 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache
x-server: 10.40.43.201
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 2 KB
1 KB 153ms
46ms Fetch
application/json 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: YuYoQpBFarPpw2CxRZbQUfespfEfBf9J
content-encoding: gzip
via: 1.1 27f14fa3828b5a3937a29b10d6b5aa0e.cloudfront.net (CloudFront)
date: Sat, 12 Aug 2023 13:44:41 GMT
x-amz-cf-pop: JFK51-C1
age: 7195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Jun 2023 15:03:19 GMT
server: AmazonS3
etag: W/"fca6ee85f752e2683415f90d79146a75"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: 9FZzOibIVWjRtDZ2qmBBym2Z7zCwk1bQYgj4VZY5G4ZL8O8M3l0vEw==

GET
H2 200 latest Show response
shopper.flipp.com/static/1.2.0/ Frame D11B 397 KB
116 KB 221ms
83ms Document
text/html 54.230.163.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.flipp.com/static/1.2.0/latest
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201258278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-108.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 879d00a0e9ec1b85bcb977937d626ede6cb02c86eda64c3d61f7bd8367d8228a

Request headers

Referer: https://www.henryherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Sat, 12 Aug 2023 15:44:36 GMT
etag: W/"9b5148b2b2e52831e151f0ef19a4e6a5"
last-modified: Thu, 03 Aug 2023 19:47:43 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
x-amz-cf-id: bI93qLtUew6en1bYP-WTq2Mvpd7aOBz1BqMtUcX_y0RMWCoT7FWbaw==
x-amz-cf-pop: EWR53-C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 475ms
153ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je3890&_p=136177701&_gaz=1&cid=1044184676.1691855074&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=How%20a%20Supreme%20Court%20ruling%20helped%20get%20a%20cannabis%20smoker%20out%20of%20prison&dl=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&sid=1691855075&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.content_id=489e3249-9c55-5924-af18-b59e0821de71&ep.content_type=article&ep.content_publish_date=2023-08-12T08%3A00%3A00-04%3A00&ep.content_group=%2Farena%2Fthestreet&ep.canonical_url=https%3A%2F%2Fwww.thestreet.com%2Fretail%2Fcourt-grants-weed-smoker-freedom&ep.townnews_crm_group_id=295&ep.generator=BLOX&ep.generator_version=1.70.8&ep.iptc_mediatopics=%5B%2220000095%22%2C%2220000137%22%2C%2220000632%22%5D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 52ms
50ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1044184676.1691855074&gtm=45je3890&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 50ms
50ms XHR
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-59155304-6&cid=1044184676.1691855074&jid=1563370699&gjid=218543178&_gid=525297679.1691855075&_u=YCjAAUABAAQCAGAAIAB~&z=144746417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 12 Aug 2023 15:44:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cS80LyewtYRM22sg29jylmwKbZLzqJCWKHY1DUAyVIgGDmDDOpZLXXxeMP5iLk32jYkw6H89IlBx_n-73q4BCqSvIRSOxWkBOoW9yEESi4f4p4GqV5s=w600-h400-p-rj-l68-e365
lh3.googleusercontent.com/ 53 KB
53 KB 48ms
47ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/cS80LyewtYRM22sg29jylmwKbZLzqJCWKHY1DUAyVIgGDmDDOpZLXXxeMP5iLk32jYkw6H89IlBx_n-73q4BCqSvIRSOxWkBOoW9yEESi4f4p4GqV5s=w600-h400-p-rj-l68-e365

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

944482801a838cf7a42db06161d8a0aba386e019ec16eb150c4eed47fb9b205f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:18:29 GMT
x-content-type-options: nosniff
age: 1566
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54278
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Sun, 11 Aug 2024 15:18:29 GMT

GET
H2 200 TrXa8EhEJ4fsD5TGW9W6LXGUKH6nqO5tFff9UFMugEIayfBDvc6tJnbB5VzBTNoUupkjtovSpvvY-ke4gHIm_EawzPfpe4T-ppIGdJM=s42-p-rj-l68-e365
lh3.googleusercontent.com/ 1 KB
1 KB 46ms
46ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TrXa8EhEJ4fsD5TGW9W6LXGUKH6nqO5tFff9UFMugEIayfBDvc6tJnbB5VzBTNoUupkjtovSpvvY-ke4gHIm_EawzPfpe4T-ppIGdJM=s42-p-rj-l68-e365

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64d82df4a06418f72e0f7cd5758080bcb1341273d059985618970fe593636ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:18:29 GMT
x-content-type-options: nosniff
age: 1566
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1055
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
expires: Sun, 11 Aug 2024 15:18:29 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 566C 2 KB
2 KB 74ms
73ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 23:30:57 GMT
x-content-type-options: nosniff
age: 144818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 17 Aug 2023 23:30:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 566C 15 KB
15 KB 75ms
74ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 07:41:31 GMT
x-content-type-options: nosniff
age: 115384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 07:41:31 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 566C 15 KB
15 KB 76ms
74ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 10:39:53 GMT
x-content-type-options: nosniff
age: 277482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 10:39:53 GMT

POST
H/1.1 200 914.json Show response
id5-sync.com/g/v2/ 277 B
841 B 846ms
128ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/914.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

8580f36356fd0d426dc0ad71874ec5907907fb760a9327320e43e7d72c974b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 12 Aug 2023 15:44:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.henryherald.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

POST
H2 204 beacons
p.flipp.com/ 0
0 61ms
60ms Fetch 18.164.116.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201258278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-73.jfk50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
x-amz-cf-id: an7_tcTY4ylVuEqtNfTsedu3H5MfDJjm-2p1finHIpxyvZTSlzLnLA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
82 KB 66ms
66ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YV9PEL9JN5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ab07f3de9c79a32f8428b886368defa2230082a69dae4f2302bb1abd6c8911f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 12 Aug 2023 15:44:35 GMT

OPTIONS
H3 200 tshow
api.whizzco.com/dtracking/v1/ Frame 0
0 343ms
342ms Preflight 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://www.henryherald.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f59d72bba20e25b-ORD
content-length: 0
date: Sat, 12 Aug 2023 15:44:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yruXbv4h3JAJWUSa1IyVLwGRLTmo2RDbvsdAfi9X0xUq5n6toue8dL%2B5dsETna%2FtTxangwkDPLxFoT3SEcX2diiFPVeMXukn4o8zHs2QH34xnqvOc%2F%2F449bvt9P4GPZ0PECCbBp1sPqzw3ojZU4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 tshow Show response
api.whizzco.com/dtracking/v1/ 15 B
451 B 96ms
96ms XHR
application/json 2606:4700:e6::ac40:cf23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.whizzco.com/dtracking/v1/tshow
Requested by: Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRCAXz0Uy2iGv2sZoL4tz5B13XbBSyjt5CpZN0XQHUxsvVGn8CZPtXUUuEFVNAMvo%2BiYpEjf4F54Z%2BBUwsSTxbYLdoKfR2SExBiAuAhe9QIllnv49cNJNMBdP3W2DTSrEzsnRiYXMwOPM6EOzF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
cf-ray: 7f59d72dec90e25b-ORD
alt-svc: h3=":443"; ma=86400
content-length: 15
priority: u=1,i

GET
H2 200 si
capi.connatix.com/tr/ 0
311 B 414ms
68ms Image
application/json 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=91b8c198-3e71-46bb-a3e7-5b54b98eb3ff&cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7f59d72deccc291f-ORD
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 251 KB
77 KB 85ms
68ms Script
application/javascript 2606:4700::6812:4a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 13:26:13 GMT
server: cloudflare
x-amz-request-id: K9QKGFD97K3XSQ1K
age: 2068654
etag: W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7f59d72bfb17e20f-ORD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6UUwTOfuzejrZAZmZTsBck/PH/16L+jG/ukiqtjf3kMDy1YG0p641CCkIX04PzexA/ZCdTVfYAg=

GET
H2 200 diberp-tcx-v7.13.0.js Show response
www.americanhometownmedia.com/static/ 328 KB
103 KB 462ms
31ms Script
text/javascript 34.120.58.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 62.58.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 19:32:10 GMT
content-encoding: gzip
age: 850345
x-guploader-uploadid: ADPycdtfq7J36KtudfsDIpU412GlfTN75z29ZFc4JaWSp11FJReKmyYMxTWyeAbTVmP9chplQZJpB1mrEmx6GBeWAC0M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104504
last-modified: Mon, 29 Aug 2022 14:20:21 GMT
server: UploadServer
etag: "f085c7609fb7c47fb72fd768d721373e"
vary: Accept-Encoding,Origin
x-goog-generation: 1661782821233427
x-goog-hash: crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 104504
accept-ranges: bytes
expires: Thu, 01 Aug 2024 19:32:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 85 KB
28 KB 442ms
103ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29e1919428e8af40eb2abe996b8bda41026e8081f69e8da9fdd2f846dfe769de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28610
x-xss-protection: 0
server: cafe
etag: 6 / 19581 / m202308030102 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:44:35 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 566C 102 B
134 B 144ms
143ms Other
text/javascript 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=3kTz7WGoZLQTivI-amNftGZO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuaGVucnloZXJhbGQuY29tOjQ0Mw..&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=invisible&cb=7m5jy7csh9lb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 12 Aug 2023 15:44:35 GMT

GET
H2 200 / Show response
trends.netizen.co/api/demand/ 52 B
315 B 198ms
55ms Fetch
application/json 34.233.227.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/api/demand/?w=268115&us_privacy=1YYN&wlw=netizen.co

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.227.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-227-88.compute-1.amazonaws.com

Software

envoy /

Resource Hash

8c43efa509b57e1f4f8f42768e907afbd4192e9def7c2a609393d833794ce72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Sat, 12 Aug 2023 15:44:35 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
content-length: 52

GET
H2 200 sync Show response
trends.netizen.co/ 62 B
565 B 193ms
51ms Fetch
application/json 34.233.227.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.netizen.co/sync?us_privacy=1YYN
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.227.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-227-88.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 739acd61b3b02fc8b013717a63fc3b3620925e761fbca474f54134499f368021

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Sat, 12 Aug 2023 15:44:35 GMT
server: envoy
etag: "86365b18-98d5-4646-9240-3c784dbc3a17"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://www.henryherald.com
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
cache-control: max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 62

GET
H2

200

connatix.player.js Show response
cds.connatix.com/p/313168/ Frame DCB0
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a
https://cds.connatix.com/p/313168/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a&tier=1

1 MB
290 KB

76ms
49ms

Script
application/javascript

104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/313168/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a&tier=1
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25ff9a0fd66caa743afcbf62e458c341f885809b024aa47196e9ff3b9b528199

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
x-amz-version-id: Wt.pKolwbVxUEg2L6Yr3bKdn_xVhYfKZ
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 11 Aug 2023 15:48:36 GMT
server: cloudflare
etag: W/"0e8a571832ca4e19d3a21f044df30ffd"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7f59d72f8c9e2309-ORD
access-control-allow-headers: range
expires: Sun, 11 Aug 2024 15:44:35 GMT

Redirect headers

date: Sat, 12 Aug 2023 15:44:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/313168/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a&tier=1
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7f59d72e7b6c2309-ORD
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame EB26 45 KB
17 KB 57ms
52ms Script
text/javascript 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: decide.dev
URL: https://decide.dev/lad/14870740986191206?pubid=ld-6820-1947&pubo=https%3A%2F%2Fwww.henryherald.com&rid=&width=1006&path=%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://decide.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Aug 2023 15:05:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2321
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Sat, 12 Aug 2023 17:05:54 GMT

GET
BLOB 200
OK 8725b954-f48d-40ca-8cdb-f4d2a9c53517
https://www.henryherald.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.henryherald.com/8725b954-f48d-40ca-8cdb-f4d2a9c53517
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 0174ac45-dea0-41bb-80ba-7fc6dbf6e1fb
https://www.henryherald.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.henryherald.com/0174ac45-dea0-41bb-80ba-7fc6dbf6e1fb
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK d2820459-d7b6-4e27-9463-4d750e5e83f6
https://www.henryherald.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.henryherald.com/d2820459-d7b6-4e27-9463-4d750e5e83f6
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 59cc72bd-9905-46ef-b009-5308b10a3c2e
https://www.henryherald.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.henryherald.com/59cc72bd-9905-46ef-b009-5308b10a3c2e
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/ 91 KB
20 KB 36ms
36ms Script
text/javascript 2606:4700::6812:4a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/3YAuFpM-Bh5lZY_ZLdSxFknzxv8/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5KTN97
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adadd91cfa743f084742b5f2281d4893dca4c0ccad138e171dbadbdcfe964626

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 15:15:11 GMT
server: cloudflare
x-amz-request-id: 8WG9H4X7SX364BBF
age: 87
etag: W/"48292cfdcc9cbe54a3efe8962dff5a4a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7f59d72eaf942b24-ORD
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T9bsGJRtiD/RGn3v1yN8FrubdlL4i/a0ptO4z7yOsZDIu+O8LyitKKC8q3N61hTEMVGDlNcSoIA=

GET
H2 200 ajs-destination.bundle.0f003b5e4b03680982b4.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 47ms
46ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.0f003b5e4b03680982b4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 22:36:12 GMT
x-amz-version-id: RsGKQvvF9Yt9j0mZ1IGFuFjuWHMd3XFe
content-encoding: br
via: 1.1 7a9ee72a0b48ca2cabd7b6a48922db46.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 6196104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Jun 2023 20:07:54 GMT
server: AmazonS3
etag: W/"5c08e208387787e375df16faad0e6cd2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: Ov6UE_nGU7I4JHRd2oKx_fEQApT0axe4sXZIaXNHnJ18cw7SvTAlRw==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 57ms
57ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YV9PEL9JN5&gtm=45je3890&_p=136177701&cid=1044184676.1691855074&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=How%20a%20Supreme%20Court%20ruling%20helped%20get%20a%20cannabis%20smoker%20out%20of%20prison&dl=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&sid=1691855075&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cms_product=BLOX&ep.cms_version=1.70.8&ep.content_group=%2Farena%2Fthestreet&ep.content_type=article&ep.item_id=489e3249-9c55-5924-af18-b59e0821de71&ep.author=Tony%20Owusu&ep.published_time=2023-08-12T12%3A00%3A00Z
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YV9PEL9JN5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2420.jpg
images.wishabi.net/merchants/2420/1507145593/ Frame D11B 16 KB
16 KB 170ms
52ms Image
image/jpeg 13.225.63.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wishabi.net/merchants/2420/1507145593/2420.jpg
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-33.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae5d9e67ce0950f9840168fd06f8e5b8f0f093e2ac27f6f9e8450b75fc9b4165

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper.flipp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 03:41:20 GMT
via: 1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
last-modified: Wed, 04 Oct 2017 19:33:19 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 43397
etag: "9a39f218c682fed671d38151933bb865"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 15925
x-amz-cf-id: kybH_M3Nx5tRud26BCDpDsV6lzSRFJeunXiIxL7V_UsfskJsjh-KaQ==

GET
H2 200 / Show response
trends.netizen.co/api/delivery/ 18 KB
10 KB 121ms
120ms Fetch
application/json 34.233.227.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/api/delivery/?is_blocked=undefined&w=268115&width=1600&us_privacy=1YYN&rev_allow_cookies=1&site_url=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&icr_url=&va=0&user_uuid=86365b18-98d5-4646-9240-3c784dbc3a17&time=1691855075880&up=pc&bn=chrome&bv=115&widget_width=1006&style_id=0&an=false

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.227.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-227-88.compute-1.amazonaws.com

Software

envoy /

Resource Hash

a4ffeda50f1a8cf565428f25bcbba63e394eccde4860ad9cb914f69566965049

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Sat, 12 Aug 2023 15:44:35 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 72

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 46ms
46ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 21 May 2023 10:13:19 GMT
x-amz-version-id: h3K108trORsXxC6CMRDM7kc_6pEEYtq5
content-encoding: br
via: 1.1 7a9ee72a0b48ca2cabd7b6a48922db46.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 7191077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 21 May 2023 08:04:35 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 4O3jtr5d54B_FGaJLD1Zo-VB0oIiwyiO2dgcVF1HATvOge8fL9ON2A==

GET
H2 200 19170313a8ecc1e67d68375e344fc76db74407a7128863c80afba763d656040e Show response
cdn-gateflipp.flippback.com/storefront-payload/v2/866628/5841499/ Frame D11B 38 KB
38 KB 170ms
63ms Fetch
application/xml+sfml 108.139.29.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-gateflipp.flippback.com/storefront-payload/v2/866628/5841499/19170313a8ecc1e67d68375e344fc76db74407a7128863c80afba763d656040e?merchant_id=2420&source=offsite

Requested by

Host: shopper.flipp.com
URL: https://shopper.flipp.com/static/1.2.0/latest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.139.29.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-29-105.jfk50.r.cloudfront.net

Software

envoy / Express

Resource Hash

2ec873cb4e97515c2ffa45e6c92061060d7dda6f6569a9f260dedace53643574

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shopper.flipp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:18 GMT
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 18
x-powered-by: Express
x-cache: Hit from cloudfront
sfml-version: 1.0
x-envoy-upstream-service-time: 85
content-length: 38655
server: envoy
x-frame-options: ALLOWALL
access-control-allow-methods: POST, GET
content-type: application/xml+sfml
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 945H3Q4syDojOD6FmUGXYCQIQ4tYECqhMSCskFb5JAv8wqu4utoE1Q==

GET

sync
capi.connatix.com/core/ Frame DCB0
Redirect Chain

https://capi.connatix.com/core/sync?v=313168
https://capi.connatix.com/core/sync?v=313168&final=true

0
0

POST
H2 200 ucl Show response
capi.connatix.com/tr/ Frame DCB0 0
122 B 54ms
53ms XHR
application/x-protobuf 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ucl?v=313168
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7f59d7315f95291f-ORD
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame DCB0 5 KB
1 KB 64ms
63ms XHR
application/x-protobuf 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=313168&cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2de0829e9be813b2310e48a95c0b114abf716e5f5608b5e45d69fa32d5e9509

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7f59d7315f99291f-ORD
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 player.css
cds.connatix.com/p/313168/ 68 KB
12 KB 41ms
39ms Stylesheet
text/css 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/313168/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5cc57b97ed7090094720e46c1afec8dac7d1ae17db4c4648176078dcbe97f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
x-amz-version-id: 9Z3IlMHrSPaz3DNLt6HI102G0a.._lEb
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 11 Aug 2023 15:48:37 GMT
server: cloudflare
etag: W/"c3c2cde925a7a2d0193570f1e290e2ac"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7f59d7315ee02309-ORD
access-control-allow-headers: range
expires: Sun, 11 Aug 2024 15:44:36 GMT

GET
H2 200 /
c.mgid.com/pv/ 0
66 B 93ms
58ms Image
text/plain 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&cbuster=1691855076081928381096&pvid=189ea6bbaf0aeb3b680&implVersion=11&cxurl=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&site=900874&scum=%3F0&scuw=%3F0
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7f59d731cb2010d7-ORD
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 impression
trends.netizen.co/event/ 0
0 157ms
52ms Fetch 34.233.227.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.netizen.co/event/impression

Requested by

Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.233.227.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-227-88.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: us-east-1a
date: Sat, 12 Aug 2023 15:44:36 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://www.henryherald.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
9 KB 121ms
33ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: b4dada34875920e38c6e47a9094052c62bf803594d646189541f25a1e043c22c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 16:52:58 GMT
server: AmazonS3
x-amz-request-id: NX8CFF1M9QHPX3H1
etag: "88f13f635aeac289e56e09d17ae4789e"
x-amz-server-side-encryption: AES256
x-hw: 1691855076.cds241.ch4.hn,1691855076.cds071.ch4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 8351
x-amz-id-2: U8zOf61OeWJZHcSyGg5pv7dBh2YIJmL5JvbzfTPhq9bq294FivoFazDk0vDLq+HDtFlnETscg1HhsuknOQYmi/uJLRn7tJzK9dKaDsghfEg=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 18 KB
7 KB 3119ms
3032ms Script
text/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 9c1aef310beaa7222f49b37ecc8423ce63d8887cc4b78da6db6665a700bfbfce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:39 GMT
content-encoding: gzip
last-modified: Mon, 07 Aug 2023 16:52:58 GMT
server: AmazonS3
x-amz-request-id: NX8EK96NB7H5XVS4
etag: "1c0b96fb514edd484a8075e9bda98afc"
x-amz-server-side-encryption: AES256
x-hw: 1691855076.cds241.ch4.hn,1691855079.cds188.ch4.c
content-type: text/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 6451
x-amz-id-2: 81DKAsWKjZPGhF+ff36xQ7aBrK5llq9y7UUxls/f3rVLMLHnniL52/Lk9APu+L8Jc+jhBmGykaQ=

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 126ms
36ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.henryherald.com
URL: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1691855076.cds099.ch4.hn,1691855076.cds088.ch4.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

GET
H2 200 / Show response
www.henryherald.com/tncms/dmp/segment_audiences/ 117 B
547 B 394ms
393ms Fetch
application/json 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.henryherald.com/tncms/dmp/segment_audiences/?anonymous_id=f39beb3b-3fcf-4658-bed0-44cded9ee7f2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

58ac4338a0ab5f7317835f9d90b37af369705df8c4a34177134d2db9de8b830a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.henryherald.com/arena/thestreet/how-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison/article_489e3249-9c55-5924-af18-b59e0821de71.html
X-Requested-Feature: geoip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 107
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 12 Aug 2023 15:44:36 GMT
x-vcache: MISS
etag: W/14c449a8b62a59f2b73ad4c982e78676
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.70.8; app9; 0.31s; 1M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

GET 3_media.bin
vid.connatix.com/pid-91b8c198-3e71-46bb-a3e7-5b54b98eb3ff/9057f476-0953-45d2-b77f-d49a84d64929/ Frame DCB0 0
0

POST ucl
capi.connatix.com/tr/ Frame DCB0 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 85 KB
28 KB 80ms
80ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae78f2605af1fd606fce8fa35012c791983b74d7ebb5e60d1bb80e0249e09cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28629
x-xss-protection: 0
server: cafe
etag: 577 / 19581 / 31076943 / config-hash: 9566803040182507923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 15:44:36 GMT

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DCB0 0
0

GET
H3 200 lit.ui.js Show response
cds.connatix.com/p/313168/ 152 KB
37 KB 43ms
43ms Script
application/javascript 104.18.1.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/313168/lit.ui.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe81d7-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.1.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce5f9ae0b4c2ba6914d4be0163264c401896a6806b07c1972389a9e649a97d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.henryherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
x-amz-version-id: Ht0k28aIrkr1S1v.CiHwU5cSjd7P.8rM
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 11 Aug 2023 15:48:37 GMT
server: cloudflare
etag: W/"4ac5201c2b44f0994435dac5b150da74"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7f59d732cc83635a-ORD
access-control-allow-headers: range
expires: Sun, 11 Aug 2024 15:44:36 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
177 B 327ms
92ms Fetch
application/json 35.81.90.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-90-104.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.henryherald.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.henryherald.com
date: Sat, 12 Aug 2023 15:44:36 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST /
pl.connatix.com/ Frame DCB0 0
0

GET
BLOB 206
Partial Content 207cdf59-9f69-43f1-823b-3fe042924deb
https://www.henryherald.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.henryherald.com/207cdf59-9f69-43f1-823b-3fe042924deb
Requested by: Host: blank
URL: about:blank
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content a4a26b01-3b49-4b4f-a138-1c1fa8ea4d91
https://www.henryherald.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.henryherald.com/a4a26b01-3b49-4b4f-a138-1c1fa8ea4d91
Requested by: Host: blank
URL: about:blank
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 75ms
41ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: KZHG8W3F9TBRMAND
age: 1399
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7f59d734ee8910d7-ORD
expires: Sun, 13 Aug 2023 15:44:36 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
812 B 75ms
42ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:36 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YRQRQGQP9DZNZ14S
age: 2695
alt-svc: h3=":443"; ma=86400
x-amz-id-2: prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7f59d734ee8610d7-ORD
expires: Sun, 13 Aug 2023 15:44:36 GMT

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 323ms
54ms Preflight 52.5.49.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.49.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-49-175.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.henryherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.henryherald.com
content-length: 0
date: Sat, 12 Aug 2023 15:44:36 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 5
x-rc-region: us-east-1a

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 52ms
52ms Fetch 52.5.49.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.netizen.co
URL: https://assets.netizen.co/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.5.49.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-49-175.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: us-east-1a
access-control-allow-origin: https://www.henryherald.com
date: Sat, 12 Aug 2023 15:44:36 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

GET
H2 200 arj Show response
justapinch-com-d.openx.net/w/1.0/ 190 B
609 B 194ms
64ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://justapinch-com-d.openx.net/w/1.0/arj?ju=about%3A%2F%2Fabout%3Ablank&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2be4a190-d230-45b2-975a-0362e4544376&nocache=1691855077974&gdpr_consent=&gdpr=0&us_privacy=1YYN&schain=1.0%2C1!americanhometownmedia.com%2C00031%2C1%2C%2C%2C&aus=300x250&divids=ahm_widg_id_0&aucs=&auid=556409868
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7ec41df9431af5711def74a22bec7577096a4077afe3cd292a9cb8d6a8170e76

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:38 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.henryherald.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content bid Show response
ap.lijit.com/rtb/ 0
303 B 189ms
58ms XHR
text/plain 63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.henryherald.com
Date: Sat, 12 Aug 2023 15:44:38 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 200ms
200ms XHR
text/plain 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3576657166846134&correlator=443007488793857&eid=31076624%2C31076923%2C31076944%2C31075594%2C21065724&output=ldjh&gdfp_req=1&vrg=202308090102&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=281191609%3A21907768150%2Ccityspark_southerncomm&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5fd2acf7d7b58406-22230f0997e300db%3AT%3D1691855074%3ART%3D1691855074%3AS%3DALNI_Mam0DBKil0kFLXhJcikzXnpSw1bpg&gpic=UID%3D00000d8a9f2d9898%3AT%3D1691855074%3ART%3D1691855074%3AS%3DALNI_MbaWda2l-egJe8PzqRdYI2cEWXpRQ&abxe=1&dt=1691855079836&lmt=1691881772&adxs=-9&adys=-9&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=about%3Ablank&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1044184676.1691855074&ga_sid=1691855074&ga_hid=136177701&ga_fc=true&ga_cid=1713860850.1691855075&dlt=1691855071855&idt=1836&prev_scp=frstlk%3Dtrue&cust_params=browser%3DChrome%26asset_id%3D489e3249-9c55-5924-af18-b59e0821de71%26k%3Dthe%2520street%252Claw%252Cchemistry%252Cpolitics%252Ccriminal%2520law%252Ccrime%252Cweapons%252Clegislation%252Carmed%2520forces%252Csecurity%2520and%2520public%2520safety%26page%3Dasset%252Carticle%252Capp-editorial%26amznbid%3D0%26amznp%3D0&adks=4043212310

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac35f42d7590440e549636d0c84cbe11d395161f2da529e3a84463720a4afb7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12403
x-xss-protection: 0
google-lineitem-id: 6308504833
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437589352
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bid Show response
ap.lijit.com/rtb/ 0
303 B 53ms
52ms XHR
text/plain 63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.henryherald.com
Date: Sat, 12 Aug 2023 15:44:40 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 115 B
718 B 188ms
54ms XHR
application/json 69.166.1.9
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210d583b02812ae%22%3A%22a09a69290503066cfd18%7C300x250%7Cgpid%3D%2F281191609%2C21907768150%2Ftrx_southerncomm%2Fhenryherald.com%2Cc%3Dd%2C%22%2C%2211ce043b0ae0913%22%3A%22a09a69290503066cfd18%7C300x250%7Cgpid%3D%2F281191609%2C21907768150%2Ftrx_southerncomm%2Fhenryherald.com%2Cc%3Dd%2C%22%7D&ref=about%3A%2F%2Fabout%3Ablank&s=5adedecd-aeeb-4c5e-b2ee-1f1353692ca9&pv=76cfce3d-7d02-4f4d-b5f7-76b37842fdbc&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22about%3A%2F%2Fabout%3Ablank%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200031%22%2C%22hp%22%3A1%7D%5D%7D&us_privacy=1YYN&coppa=0

Requested by

Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

1d9202d83532e39645a93a428040007c78bc2bad4662a07616dbb7644fbd1682

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:40 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-155
content-type: application/json
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 140
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 182ms
53ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.henryherald.com
date: Sat, 12 Aug 2023 15:44:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
justapinch-com-d.openx.net/w/1.0/ 190 B
373 B 62ms
61ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://justapinch-com-d.openx.net/w/1.0/arj?ju=about%3A%2F%2Fabout%3Ablank&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5c5b8316-ac4b-445f-9f40-df4e0c70a700%2Cf07ead8c-50f8-47e3-89da-55cc7c0a2b37&nocache=1691855080186&gdpr_consent=&gdpr=0&us_privacy=1YYN&schain=1.0%2C1!americanhometownmedia.com%2C00031%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_3%2Cahm_widg_id_12&aucs=%2C&auid=544092592%2C544092592
Requested by: Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8fab2fd31679f9182dc76170b81af123ec186f8fb5e9b84718bf108b7202ae5c

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Aug 2023 15:44:40 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.henryherald.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 180
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
25 KB 208ms
208ms XHR
text/plain 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3576657166846134&correlator=91602037968705&eid=31076624%2C31076923%2C31076944%2C31075594%2C21065724&output=ldjh&gdfp_req=1&vrg=202308090102&ptt=17&impl=fifs&us_privacy=1YYN&iu_parts=281191609%3A21907768150%2Ctrx_southerncomm%2Chenryherald.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D5fd2acf7d7b58406-22230f0997e300db%3AT%3D1691855074%3ART%3D1691855074%3AS%3DALNI_Mam0DBKil0kFLXhJcikzXnpSw1bpg&gpic=UID%3D00000d8a9f2d9898%3AT%3D1691855074%3ART%3D1691855074%3AS%3DALNI_MbaWda2l-egJe8PzqRdYI2cEWXpRQ&abxe=1&dt=1691855081718&lmt=1691881772&adxs=-9%2C-9&adys=-9%2C-9&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=about%3Ablank&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&psts=AOrYGskxWXiOGL6YyzZ-AZZWs3dbkfTH3uUeApdBAaDrzZgLVgKddOa0eWcAu5v2NuHtvZcdjmpJ7T5zr8c7tSo25__cMDJfiv0&ga_vid=1044184676.1691855074&ga_sid=1691855074&ga_hid=136177701&ga_fc=true&ga_cid=1713860850.1691855075&dlt=1691855071855&idt=1836&prev_scp=slotName%3Dldgr1%26pubDom%3Dhenryherald.com%26atab%3Dtrue%26frstlk%3Dtrue%7CslotName%3Dldgr8%26pubDom%3Dhenryherald.com%26atab%3Dtrue%26frstlk%3Dtrue&cust_params=browser%3DChrome%26asset_id%3D489e3249-9c55-5924-af18-b59e0821de71%26k%3Dthe%2520street%252Claw%252Cchemistry%252Cpolitics%252Ccriminal%2520law%252Ccrime%252Cweapons%252Clegislation%252Carmed%2520forces%252Csecurity%2520and%2520public%2520safety%26page%3Dasset%252Carticle%252Capp-editorial%26amznbid%3D0%26amznp%3D0&adks=2486638670%2C4291286921

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308090102/pubads_impl.js?cb=31076944

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48f7d5296f594d5269e23eedeed576030876c9d62b4da7c3e88d7abd76c06475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 15:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25339
x-xss-protection: 0
google-lineitem-id: 5358640239,5358640239
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395963758,138395964508
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.henryherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: capi.connatix.com
URL: https://capi.connatix.com/core/sync?v=313168&final=true

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-91b8c198-3e71-46bb-a3e7-5b54b98eb3ff/9057f476-0953-45d2-b77f-d49a84d64929/3_media.bin

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/ucl?v=313168

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: pl.connatix.com
URL: https://pl.connatix.com/

Verdicts & Comments Add Verdict or Comment

357 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.henryherald.com/	1970-01-20 22:43:11	Name: flipp-uid Value: 2f4eb3db-beed-4d8b-bd52-e949c19c88ee
.rlcdn.com/	1970-01-20 22:43:11	Name: rlas3 Value: C0GC95pUMdQ3qlCc3UdRz/BZM9tkdr8wrTWIuxKVJeE=
.p.flipp.com/	1970-01-20 23:33:35	Name: gid Value: "ABaI+AAGvKC7xhrvBC8BuQ=="
.rlcdn.com/	1970-01-20 15:23:59	Name: pxrc Value: COHR3qYGEgUI6AcQABIFCOhHEAA=
otto-js.us.auth0.com/	1970-01-20 22:43:32	Name: did Value: s%3Av0%3A22293de0-3927-11ee-ad17-a1b010d6724a.YAT2%2FK2aoYs7dnIO83uFR0I0gC90VY76hKNx%2FqI5kzI
otto-js.us.auth0.com/	1970-01-20 14:01:54	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQGIPZmTKrLjkPasiifpc5WB5a9bnqCNknN1DRYC7D8d--gNwMRLYMxFHvO-Q_6rsBsVCI7WH8RB9Zb6ojj24YJ2mY29va2llg6dleHBpcmVz1_9-H5kAZNudYa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.YCJztAtqZYLajqywHHEJbcW2ln4DNHjBOHp7ABoxZso
.quantserve.com/	1970-01-20 23:27:49	Name: mc Value: 64d7a8e1-9e838-9b625-96af3
.mgid.com/	1970-01-20 13:57:36	Name: __cf_bm Value: mLh1zRxsmAw98_nW_3K_p4e88MDYtiHKQxbEPhbbV3g-1691855073-0-ARn7YrJ6nRQhZnnZqeSB3Sn+kYRb1FAMw/nQ5siQYfWIWr2o/zjKQz773o38MJ+nHyta3EAC5Dlpr38TiJhiwKI=
.pippio.com/	1970-01-20 22:43:11	Name: did Value: XcsJ_X9fpM7VOwum
.pippio.com/	1970-01-20 22:43:11	Name: didts Value: 1691855073
.pippio.com/	1970-01-20 15:23:59	Name: nnls Value:
.pippio.com/	1970-01-20 15:23:59	Name: pxrc Value: COHR3qYGEgYIgr0rEAA=
.adsrvr.org/	1970-01-20 22:44:37	Name: TDID Value: 140eb5e6-255a-4bc3-89aa-937e69af4268
www.henryherald.com/	1970-01-20 22:43:11	Name: usprivacy Value: 1YYN
.linkedin.com/	1970-01-20 16:07:11	Name: li_sugr Value: 831d6c1c-ee10-42fd-b50b-0921bcea346c
.linkedin.com/	1970-01-20 22:43:11	Name: bcookie Value: "v=2&48f60faf-c79f-4e89-8a62-e7506962a436"
.linkedin.com/	1970-01-20 13:59:01	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2612:u=1:x=1:i=1691855074:t=1691941474:v=2:sig=AQHuJrIQrH98qvKN-G579CVgxlhrbp1L"
www.henryherald.com/	1970-01-20 23:33:35	Name: csparkW_ga_39CWM68PTE Value: GS1.1.1691855074.1.0.1691855074.0.0.0
www.henryherald.com/	1970-01-20 23:33:35	Name: csparkW_ga Value: GA1.1.1713860850.1691855075
.henryherald.com/	1970-01-20 22:43:11	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Aug+12+2023+05%3A44%3A34+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=6.16.0&hosts=&landingPath=https%3A%2F%2Fwww.henryherald.com%2Farena%2Fthestreet%2Fhow-a-supreme-court-ruling-helped-get-a-cannabis-smoker-out-of-prison%2Farticle_489e3249-9c55-5924-af18-b59e0821de71.html&groups=C0001%3A1%2CBG1%3A0%2CC0002%3A0%2CC0004%3A0
.henryherald.com/	1970-01-20 13:57:38	Name: AMP_TOKEN Value: %24NOT_FOUND
.henryherald.com/	1970-01-20 13:59:01	Name: _gid Value: GA1.2.525297679.1691855075
.henryherald.com/	1970-01-20 13:57:35	Name: _dc_gtm_UA-54716522-7 Value: 1
.henryherald.com/	1970-01-20 13:57:35	Name: _gat_UA-59155304-6 Value: 1
.henryherald.com/	1970-01-20 23:19:11	Name: __gads Value: ID=5fd2acf7d7b58406-22230f0997e300db:T=1691855074:RT=1691855074:S=ALNI_Mam0DBKil0kFLXhJcikzXnpSw1bpg
.henryherald.com/	1970-01-20 23:19:11	Name: __gpi Value: UID=00000d8a9f2d9898:T=1691855074:RT=1691855074:S=ALNI_MbaWda2l-egJe8PzqRdYI2cEWXpRQ
.decide.dev/	1970-01-20 22:43:11	Name: account_id Value: 16384903050633728
.decide.dev/	1970-01-20 22:43:11	Name: login_token Value: %2216384903050633728%7C1699631074964%3A%7Call%7CA69X5NlXrNWMDfHIhfozIvFdiZ3zVZGF4va6X39WltAEUTlDADVDdgTKVz6w7YQZuiRtFOuVgaXU8WvznvBPwA%3D%3D%22
.henryherald.com/	1970-01-20 23:33:35	Name: _ga_4T2EB147B8 Value: GS1.1.1691855075.1.0.1691855075.60.0.0
.henryherald.com/	1970-01-20 23:33:35	Name: _ga Value: GA1.1.1044184676.1691855074
.crwdcntrl.net/	1970-01-20 20:26:20	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 20:26:20	Name: _cc_id Value: 2fb3fa14bef3370d788f81022de2b86e
.henryherald.com/	1970-01-20 20:26:23	Name: _cc_id Value: 2fb3fa14bef3370d788f81022de2b86e
.henryherald.com/	1970-01-20 13:59:01	Name: panoramaId_expiry Value: 1691941475058
www.henryherald.com/	1970-01-20 14:40:47	Name: _pbjs_userid_consent_data Value: 3524755945110770
.netizen.co/	1970-01-20 22:43:11	Name: rcuuid Value: 86365b18-98d5-4646-9240-3c784dbc3a17
.henryherald.com/	1970-01-20 23:33:35	Name: _ga_YV9PEL9JN5 Value: GS1.1.1691855075.1.0.1691855075.0.0.0
.id5-sync.com/	1970-01-20 16:07:11	Name: id5 Value: 0
.netizen.co/	1970-01-20 14:07:39	Name: adb_blk Value: false
.netizen.co/	1970-01-20 23:33:35	Name: __ID Value: da2fb8cbd29d476f8f9c5c450e849a86
.connatix.com/	1970-01-20 14:40:47	Name: cnx_userId Value: 89cfb39489d04dcb83dc14003dd8641b
.henryherald.com/	1970-01-20 22:43:11	Name: ajs_anonymous_id Value: f39beb3b-3fcf-4658-bed0-44cded9ee7f2
.connatix.com/	1970-01-20 13:57:38	Name: perf_timestamp Value: 1691855076203
www.henryherald.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1496662%22%3A%7B%22page%22%3A1%7D%7D
.openx.net/	1970-01-20 22:43:11	Name: i Value: 0f201077-c257-0456-3678-b42e740dd4b1\|1691855078
.doubleclick.net/	1970-01-20 23:33:35	Name: IDE Value: AHWqTUndNNb6iENtCRYfK15TjJomZ8GCUzYapEsdNyP6gNIqVqyOkUxPjA0kZPL9GrA
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86155\|ZNeo6

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=%201258278(Line 1) Message: Unrecognized feature: 'web-share'.
security	warning	URL: https://shopper.flipp.com/static/1.2.0/latest Message: Mixed Content: The page at 'https://shopper.flipp.com/static/1.2.0/latest' was loaded over HTTPS, but requested an insecure element 'http://images.wishabi.net/merchants/2420/1507145593/2420.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ads.yieldmo.com
ampcid.google.com
analytics.google.com
ap.lijit.com
apex.go.sonobi.com
api.segment.io
api.whizzco.com
app.otto-js.com
assets.netizen.co
assets.revcontent.com
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
c.amazon-adsystem.com
c.mgid.com
capi.connatix.com
cd.connatix.com
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn-p.cityspark.com
cdn.cityspark.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.prod.uidapi.com
cdn.segment.com
cdn.whizzco.com
cdn2.decide.dev
cds.connatix.com
core.spreedly.com
csp.azureedge.net
d3uvwl4wtkgzo1.cloudfront.net
decide.dev
fonts.googleapis.com
fonts.gstatic.com
gateflipp.flippback.com
geolocation.onetrust.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
id5-sync.com
idsync.rlcdn.com
images.wishabi.net
imasdk.googleapis.com
img.revcontent.com
invstatic101.creativecdn.com
japfg-trending-content.appspot.com
jsc.mgid.com
justapinch-com-d.openx.net
kinesis.us-east-1.amazonaws.com
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
match.adsrvr.org
matchadsrvr.yieldmo.com
oa.openxcdn.net
otto-js.us.auth0.com
p.flipp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel.quantserve.com
pl.connatix.com
px.ads.linkedin.com
s3.amazonaws.com
securepubads.g.doubleclick.net
shopper.flipp.com
static.criteo.net
static.yieldmo.com
stats.g.doubleclick.net
tags.crwdcntrl.net
trends.netizen.co
vid.connatix.com
www.americanhometownmedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.henryherald.com
www.justapinch.com
yeet.revcontent.com
capi.connatix.com
imasdk.googleapis.com
pl.connatix.com
vid.connatix.com
104.16.133.24
104.18.1.32
104.18.25.112
104.36.115.111
107.178.254.65
108.138.107.138
108.138.128.28
108.139.29.105
13.225.223.151
13.225.63.33
130.211.10.17
151.101.66.182
151.139.128.10
162.19.138.82
162.19.138.83
18.164.116.73
18.208.29.47
192.104.183.209
23.77.173.8
2600:141b:13::17d7:82ab
2600:9000:21ea:5a00:c:8c50:2440:21
2600:9000:23ca:a200:1e:fdf8:aac0:93a1
2600:9000:24f1:6e00:1b:83f3:bc0:93a1
2600:9000:2511:d400:a:e047:753:6381
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3556
2606:4700:1::6813:864e
2606:4700:3034::6815:880
2606:4700::6810:5367
2606:4700::6812:1d26
2606:4700::6812:4a5
2606:4700::6812:aa72
2606:4700:e6::ac40:cf23
2607:f8b0:4004:c08::9a
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80c::200e
2607:f8b0:4006:816::200e
2607:f8b0:4006:816::2014
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:822::2001
2607:f8b0:4006:824::2002
2620:100:a001::4
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a02:b48:9001::1
2a04:4e42:400::485
3.227.250.191
3.228.223.152
34.102.146.192
34.120.58.62
34.149.139.129
34.233.227.88
34.96.70.87
35.190.60.146
35.244.159.8
35.81.90.104
52.217.106.70
52.22.33.131
52.223.40.198
52.5.49.175
54.230.163.108
63.251.86.50
69.166.1.9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0ae5590e588f92eb6faa49d93c2aa5142d144940f72b77d0b57d9b6d9391ef1a
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
11b8776d0e99221a9cea315566e7599938ff94dbf8b48f18fe21e1ae34e7f60d
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
15ef629a418b88359cc408d7c0405988ee4bf48ee25bab28b00bde52a3fee6a0
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1a2a2ba81afe3bcc0f46ed33488c3e132be8e07e58e280f9eff1b5c5ca158408
1b53cc35f15a6e6c3e31df71e326e646d6989aec3917c656962a9736a5586297
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bc728ed832fc895e2c5dc2e4cb961913ad05496eeed776d568370bb065e85f9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d13f3ca71d7f8936fa6132de0d7b79b479d0eb9615df43fde4f31b2d43c79fe
1d9202d83532e39645a93a428040007c78bc2bad4662a07616dbb7644fbd1682
238331d3bee21cf334365e5e4f91796e9cc156e3c01c4f0f07cb11a4883158ba
25ff9a0fd66caa743afcbf62e458c341f885809b024aa47196e9ff3b9b528199
28168f094d3633fec225e7ecd9982c5405b51f2fceae610016b6ec9cc10606a9
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
29e1919428e8af40eb2abe996b8bda41026e8081f69e8da9fdd2f846dfe769de
2ae78f2605af1fd606fce8fa35012c791983b74d7ebb5e60d1bb80e0249e09cd
2c854b14b1ded294b8409bfe04907807ac85485ae7c568d6cbbde35872fdaa4e
2d71ce6c35fb10e25ce3257f05c70f2c298533713765ff8158acb36a69902600
2e4346aa7f0340066dfb5aa361ff449a438a172d5432719cd405e876a0d7b439
2ec873cb4e97515c2ffa45e6c92061060d7dda6f6569a9f260dedace53643574
30e4d1e0f46d3af24c1b100040fa413fd22cc1e0260bbc63017f6fbd69fa7eb5
3376d480ea0b1ae4bc7db8d850655d7d0a365963bf6071cc1c0c4446889e03fe
33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
354d7d76ac9a080b675d3bf921353b30e9c3aa1668f439604bfa58ec85148592
35decc19756ad00d9c16d2303d4e1af9a5c94e1dd4cef9eb6fd41ad263784929
389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3dffa84e13fbc367c907ff31e293923484de18c4c06cac97109e4b9a1b19752c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3f6899460df38bed5a246b64518ace77e11d20054cdc0dd878072c99595c63af
41667626bb51a778105649188cfb794b54ec2b89682db3974e9578d1a0ec9723
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4502a3093838e13382b726c462761c6f8d75ace126ecccebc1f051f0beb3a11c
4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
48f7d5296f594d5269e23eedeed576030876c9d62b4da7c3e88d7abd76c06475
497d568cbe2396af019333afae9be8c2264e122719911a40f87f56082272fcd7
49ad4f04c52487871ad40e7840e4907338f81b281d573d926b3ef646991899b8
4a50ecbe6aed0155dbe21b988252ddc051042ed22c750441ed201446aee6435e
4b766427dcfecd0489163fd40bb01dbc97769b67787a9ca3b315dde7861afd63
4d8562efd8364015edd8080e72d8bd98f0a92019058f15df14e03f9951e01876
4d963fff6eb059ca89de0f270c9e5f091503365faab54023e949af71de396930
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
4ef6165b53e3b1fdd9ab2d8562c4159f447c3e7802c7fac59692c4fb44630061
5020fa905fc2bd4925699ac59add6e6f34672d11b12d1e654714faab92627129
5034fd18f45804eb2baba5045c5a0cc63837ed91fe431143314070e3e50a5238
513b875dfdbd01736f9143c26d7bc6fb72d85787bbcd83764e9bac35159b848c
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54fd102422570ac2dcdc2ba2eb0c4a9d72d2279b9934e4bfce2e64c3035e5263
559c96569c95bcacf8120f02d104653eb3923b771c50f92ec4351f942733dac5
56cbc44bc2987d82174b4a9877de409f06cfd60e62c62cab11cd0820c6eb8a86
57514ad406f26bcc8590845f4733a4ec2a9138563967cbc3456488857fad892a
58100be69e56838f83661d92f6804ccd5c5602c305005b7eee0faa9de1279e65
5829a4bb2db7aa971395872851eae5fb07ce0196772c09fa9fd1576f5852b0df
5843a8c571898978910ecb53fb5e51c9007850630b128818ef93a79d00516306
58ac4338a0ab5f7317835f9d90b37af369705df8c4a34177134d2db9de8b830a
58fa2158df0d62fb6cd500195fc63b30e2ade951a0eb047571b516f6baf4a8b0
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab07f3de9c79a32f8428b886368defa2230082a69dae4f2302bb1abd6c8911f
5c4f94bf35858b24e164b7abb239f64e52e0b3461d7015d04e24a3575d73f646
5e601d8d6f7a7e9ea77b0779587ac065677343a89df058a6638129e9b0f1ebdd
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
64d82df4a06418f72e0f7cd5758080bcb1341273d059985618970fe593636ec6
67979ecbbaf9bcaeec027f7f805946fbeb1cd2b20cbb14a07c1001d7c079744d
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce5f9ae0b4c2ba6914d4be0163264c401896a6806b07c1972389a9e649a97d8
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
739acd61b3b02fc8b013717a63fc3b3620925e761fbca474f54134499f368021
73fedefec9a793510e7041b5e6275ba26c135ef44682c504bd2a0b940fbed0ed
754b31e85775f5a94ee69de84aa8cc120483903f381f06188d5dcb814ca606ff
757d02e72f62d42261f6ffc0e283dcf42bfbe56f8da0837e3b520ce58f03809a
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
78fabb8840d3fba5bd2a5bd16096e4d255e5da9267f3228efc263bdebf35c088
79243ba9d4f951345916f75842d1108f38686a192b7849486fab98ab0626650c
79498e0f7665637647357dce14843ce54619957ff369cc1b7bf3aab65b2d398c
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b187cf1ed92d64679384dd200bb369638a056dfcc35fe2b2d22ed578405422f
7c10d6c035991f8fb8daea3256900d1590c89f3620255ee6ac4e8ec9b926fad2
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e29e7a53319f0f692a359d1dd23f412bebb653718dd3a9435ff2d12081b8cef
7ec41df9431af5711def74a22bec7577096a4077afe3cd292a9cb8d6a8170e76
801affbb0a733e299e7c6dee1b79b9f554d92c636d0cea08912f5941ca8e3537
810c7bb5576cb84f4960f4ad0062807f9495223d3d5b794df5572b8dea7b2f6e
82162e4258e91c9c7edbbf6681977eadb6f11d0752666185ef94f643b8229d97
8553b1709344a015fa39fa7fbf19df7b6fe016c4800fe76bd7da3e972a07f65e
8580f36356fd0d426dc0ad71874ec5907907fb760a9327320e43e7d72c974b9f
879d00a0e9ec1b85bcb977937d626ede6cb02c86eda64c3d61f7bd8367d8228a
883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c
8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228
889f22c89985d5d524e22a4a3ba00effd6d587d1598c027e2c942f29df388a34
8c43efa509b57e1f4f8f42768e907afbd4192e9def7c2a609393d833794ce72e
8fab2fd31679f9182dc76170b81af123ec186f8fb5e9b84718bf108b7202ae5c
906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb
928f31f82abb2e790c7d12fd2483bfa03660931b3a46c7e36f24fa3ac0423787
92a105897d0f37bbdc2fce455426b651d574900ee11ba3d4e7f186f3c4a252d2
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
944482801a838cf7a42db06161d8a0aba386e019ec16eb150c4eed47fb9b205f
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9558651647586f13e5dc9e7a91a972a19604479ddd755a896e679d5897b918cb
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
9a5675ce55867113f678489a3ace11da371ca81bfffb0b8ff14a99897bddbe50
9bfb4a2c4f974120f57a48cc57f7937f8045abe2bfb1f78b6683dab126091464
9c1aef310beaa7222f49b37ecc8423ce63d8887cc4b78da6db6665a700bfbfce
9d18d08befc5772dede6de7561caa8343ccf34fb088ed85dc152f97ac10bf05c
a0302f34ce45a30ea09eecbf4445dc766c63ca7b9f1010705aab3e893b2d1d32
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4ffeda50f1a8cf565428f25bcbba63e394eccde4860ad9cb914f69566965049
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aa59d2979c85d4fec938c960a0c4e7138cd122db113331b2974113869007dc46
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
ac35f42d7590440e549636d0c84cbe11d395161f2da529e3a84463720a4afb7f
ada9d82a1291abeb8fe95fb82359767ce8d18b87553c624d3049368e93d28c92
adadd91cfa743f084742b5f2281d4893dca4c0ccad138e171dbadbdcfe964626
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
ae5d9e67ce0950f9840168fd06f8e5b8f0f093e2ac27f6f9e8450b75fc9b4165
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0abd4d98b8caa39813a38bf0cabf2619bb93b786335ea6c560b83b3ee7816b7
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b4dada34875920e38c6e47a9094052c62bf803594d646189541f25a1e043c22c
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b7ff2c9a63f2e7b19c7edae86ba2427ea589eb8a81f6291fd4400049940698ff
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc5cc57b97ed7090094720e46c1afec8dac7d1ae17db4c4648176078dcbe97f2
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c052e65c44a0f30997cddd139024afa728f68cf2c991f61c4b866fb724046224
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34
c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05
c6e6da77dacb153a6384cca89b97bef3a39bd73cb3f3b997d0002ff0c1c4dc86
c7bb9b8952386d99c3994cd788dbe1321b970c867b555763efdc9fb06792b036
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
c8b28b7266de6eb92e4c2a43e5ede874fbfa5288aeddd80c2aeb85ed7c66cb8c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce075926799f57b8163390fd68f54665e015f37865dd92b84ec3ff7c55b6ffab
cebcf32604ee32788e792bab69edf0127091713fe3556b054f104d9ad9383211
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
d5040a141549518c773b0d75420b0d4d316b26c029e4c94946d60d5d3afac7cf
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6ddca5aa985ec16e626acbb8797affe88facfccc5c3891eb9a6ff4b69f92ead
d7bcc386d2ef8dd0d159accfbdb048f66de0364d1d995f508ee566c58ff226af
d94236088c537f7d17beb5c6843a9a90d7bfca50c1ed0435ce3c59305d9427ca
d9ba27d787035ce0bb66e3ac4d2207e29eaab9343144273ebeb25fceb990635b
d9c947708c91c7dd223f9e89cd0aea0302c753066ffdc37cafee22d75204a0b7
dab85214b33f45bd9b39ca662039d3683a7c23ad51a54e6ebeca54e3c69cc544
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dceaed29fce7a693280860ae39b4a6b5f902efd53eb1244f2f361bfe01e96b1c
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e15fc01517c5add690632a6929bd7a349f96f987cbd29eb21926e1f21eaa12e0
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
e2de0829e9be813b2310e48a95c0b114abf716e5f5608b5e45d69fa32d5e9509
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4667cf44b981c5da04b62159e8b59d83dad2de7eaab1a03e0909eb6003d271a
e5817fb41adf33e035b815ca01976c0c0cb3333dc86eceb62d65b2bb6c33213d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e87afb07bae07c473cd2c18190936b19be8925b8f47e94ff7cb8f477c3c9ffbc
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb48fcff4e1a4c0fae5f8d80c311991f2b8678217eab00ff8e5d3f3d3353042b
ef545107e05d08ac455ec0a3b36290ef3d3a5e7b49d2ed8f5f1499398b58fc43
f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4
f4337f42c2f626ae5210c7523585794b83b498ad21c4cbc009bb27b27a6416c0
f5069584ce49d3443299d9a275b0924a94f054ec25dabfcbc2118d2425dda672
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d
f6aff64ea75b644ed94b83d5be24eb844b45eb597d62d00f7e61dc4af689a68e
f9186752fbc16321f99c98fb41db4058c9caf24529c0070d53d61f609e14dc2a
fcf6a9e377285862ea32467ceba9d83409d283276f8fedd2a15e65a35fac4e7e
fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba
fe8b3c376366178fa7b6f712cfa3adbd234eaa467b606dd2ac739a5d2f6e4c82
fea3d4b9c89cd2ed84c8336b93cd1c54f43abc9464e0eed56986590b2951ab0f
ffe3e81abfe1b82b22c0afec5ceb1400456a6c4d6ecec4f94ef6f5da1e74e666

www.henryherald.com Open in urlscan Pro 192.104.183.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

262 Requests

94 %HTTPS

49 %IPv6

56 Domains

82 Subdomains

66 IPs

4 Countries

4397 kBTransfer

12342 kBSize

47 Cookies

0 Outgoing links

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.henryherald.com Open in urlscan Pro
192.104.183.209 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

94 %
HTTPS

49 %
IPv6

56
Domains

82
Subdomains

66
IPs

4
Countries

4397 kB
Transfer

12342 kB
Size

47
Cookies

262 HTTP transactions
3 data transactions