www.heraldnet.com Open in urlscan Pro
104.198.41.198 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-...
Submission Tags: falconsandbox
Submission: On March 26 via api (March 26th 2022, 3:48:46 pm UTC) from US — Scanned from DE

Summary HTTP 285 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 65 IPs in 11 countries across 48 domains to perform 285 HTTP transactions. The main IP is 104.198.41.198, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.heraldnet.com. The Cisco Umbrella rank of the primary domain is 179001.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.

This is the only time www.heraldnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.198.41.198 104.198.41.198	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
41	108.161.188.228 108.161.188.228	33438 (STACKPATH) (STACKPATH)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	34.192.73.232 34.192.73.232	14618 (AMAZON-AES) (AMAZON-AES)
1	108.157.4.127 108.157.4.127	16509 (AMAZON-02) (AMAZON-02)
33	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:225... 2600:9000:225a:7200:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.127 143.204.98.127	16509 (AMAZON-02) (AMAZON-02)
1 1	13.250.84.106 13.250.84.106	16509 (AMAZON-02) (AMAZON-02)
2	185.93.2.243 185.93.2.243	60068 (CDN77 ^_^) (CDN77 ^_^)
1	104.111.214.80 104.111.214.80	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
11	3.234.170.180 3.234.170.180	14618 (AMAZON-AES) (AMAZON-AES)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	52.25.128.56 52.25.128.56	16509 (AMAZON-02) (AMAZON-02)
1	2.22.34.3 2.22.34.3	16625 (AKAMAI-AS) (AKAMAI-AS)
7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	34.196.36.29 34.196.36.29	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	143.204.98.122 143.204.98.122	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.68 143.204.98.68	16509 (AMAZON-02) (AMAZON-02)
8	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	143.204.98.53 143.204.98.53	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	64.202.112.223 64.202.112.223	23352 (SERVERCEN...) (SERVERCENTRAL)
5	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	104.90.148.43 104.90.148.43	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3 7	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 4	92.122.147.230 92.122.147.230	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
14	94.31.29.29 94.31.29.29	33438 (STACKPATH) (STACKPATH)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
1	143.204.98.117 143.204.98.117	16509 (AMAZON-02) (AMAZON-02)
2	54.72.0.164 54.72.0.164	16509 (AMAZON-02) (AMAZON-02)
2	99.83.181.31 99.83.181.31	16509 (AMAZON-02) (AMAZON-02)
285	65

1 104.198.41.198 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 198.41.198.104.bc.googleusercontent.com

www.heraldnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 108.161.188.228 (United States)

ASN33438 (STACKPATH, US)

2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.73.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-73-232.compute-1.amazonaws.com

everett-tpweb.newsengin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-127.dus51.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225a:7200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-127.fra50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.84.106 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-84-106.ap-southeast-1.compute.amazonaws.com

go.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.93.2.243 (Paris, France)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-93-2-243.datapacket.com

b2cdn.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-80.deploy.static.akamaitechnologies.com

www.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.234.170.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-170-180.compute-1.amazonaws.com

soundpublishing.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.25.128.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-128-56.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.22.34.3 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-34-3.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.36.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-36-29.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap7ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-53.fra50.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 64.202.112.223 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify-imp.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1t-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.148.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-148-43.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.122.147.230 (Milan, Italy) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-230.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 94.31.29.29 (Maida Vale, United Kingdom)

ASN33438 (STACKPATH, US)
PTR: 94.31.29.29.IPYX-077437-ZYO.above.net

tj6w5.flx10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
k3vzn.flx10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Hamburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.247 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signal-metrics-collector-beta.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1147 widget-pixels.outbrain.com — Cisco Umbrella Rank: 1428 odb.outbrain.com — Cisco Umbrella Rank: 1329 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 4647 mv.outbrain.com — Cisco Umbrella Rank: 3061 amplify-imp.outbrain.com — Cisco Umbrella Rank: 4426	166 KB
41	netdna-ssl.com 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com — Cisco Umbrella Rank: 360590	660 KB
20	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	181 KB
14	flx10.com tj6w5.flx10.com — Cisco Umbrella Rank: 37086 k3vzn.flx10.com — Cisco Umbrella Rank: 41475	309 KB
14	googlesyndication.com 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	72 KB
13	gstatic.com fonts.gstatic.com	213 KB
12	blueconic.net cdn.blueconic.net — Cisco Umbrella Rank: 6647 soundpublishing.blueconic.net — Cisco Umbrella Rank: 225068	205 KB
10	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594 gslbeacon.lijit.com — Cisco Umbrella Rank: 8346 vap7ams1.lijit.com — Cisco Umbrella Rank: 62971 pxdrop.lijit.com — Cisco Umbrella Rank: 2587	28 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	39 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 28803 hal900015.redintelligence.net — Cisco Umbrella Rank: 191605	56 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	352 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
6	zemanta.com b1-nydc1.zemanta.com — Cisco Umbrella Rank: 4571 b1t-nydc1.zemanta.com — Cisco Umbrella Rank: 4055	762 B
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	1 KB
6	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 3759 log.outbrainimg.com — Cisco Umbrella Rank: 1961 zem.outbrainimg.com — Cisco Umbrella Rank: 2613	224 KB
6	userway.org cdn.userway.org — Cisco Umbrella Rank: 4449 api.userway.org — Cisco Umbrella Rank: 4375	34 KB
6	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 2783 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3383 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 3503 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 2379 signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 2271	22 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	198 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 10909 www.i.matheranalytics.com — Cisco Umbrella Rank: 11778	41 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18655 api.webgains.io — Cisco Umbrella Rank: 47350	52 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	3 KB
3	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 7646 obs.cheqzone.com — Cisco Umbrella Rank: 4536	20 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	315 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	100 KB
3	automatad.com 1 redirects go.automatad.com — Cisco Umbrella Rank: 25626 b2cdn.automatad.com — Cisco Umbrella Rank: 20814	86 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 571	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 524	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 697 s.tribalfusion.com — Cisco Umbrella Rank: 1995	1 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 35662	2 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 162635	6 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 39406	1 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2955	71 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266	75 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	577 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 557	191 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 64653	312 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 292583	409 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 202756	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 39676	607 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	7 KB
1	accuweather.com www.accuweather.com — Cisco Umbrella Rank: 14253	813 B
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2249	40 KB
1	newsengin.com everett-tpweb.newsengin.com — Cisco Umbrella Rank: 678100	2 KB
1	heraldnet.com www.heraldnet.com — Cisco Umbrella Rank: 179001	34 KB
0	newzware.com Failed everettweb.newzware.com Failed everett.newzware.com Failed
285	48

	Domain	Requested by
41	2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com	www.heraldnet.com 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
32	widgets.outbrain.com	www.heraldnet.com widgets.outbrain.com
13	fonts.gstatic.com	fonts.googleapis.com
12	k3vzn.flx10.com	www.heraldnet.com tj6w5.flx10.com
11	soundpublishing.blueconic.net	cdn.blueconic.net
8	www.googletagmanager.com	www.heraldnet.com www.googletagmanager.com adv.office-partner.de
7	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com www.heraldnet.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
7	fonts.googleapis.com	ajax.googleapis.com hal900015.redintelligence.net tj6w5.flx10.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.heraldnet.com
6	pagead2.googlesyndication.com	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	mcdp-nydc1.outbrain.com	widgets.outbrain.com
6	ap.lijit.com	get.s-onetag.com ap.lijit.com www.heraldnet.com
5	tpc.googlesyndication.com	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	hal900015.redintelligence.net	1 redirects 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com hal900015.redintelligence.net
4	hal9000.redintelligence.net	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com hal900015.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	www.heraldnet.com 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
4	stats.g.doubleclick.net	www.google-analytics.com
4	c.amazon-adsystem.com	2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com c.amazon-adsystem.com
4	connect.facebook.net	www.heraldnet.com connect.facebook.net soundpublishing.blueconic.net
4	cdn.userway.org	www.heraldnet.com cdn.userway.org
3	b1t-nydc1.zemanta.com	widgets.outbrain.com
3	b1-nydc1.zemanta.com	widgets.outbrain.com
3	amplify-imp.outbrain.com	widgets.outbrain.com
3	zem.outbrainimg.com	www.heraldnet.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.de	www.heraldnet.com
3	www.facebook.com	www.heraldnet.com connect.facebook.net
3	www.googletagservices.com	www.heraldnet.com 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	track.webgains.com	www.heraldnet.com 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	tj6w5.flx10.com	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com tj6w5.flx10.com
2	googleads.g.doubleclick.net	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com www.heraldnet.com
2	vap7ams1.lijit.com	www.heraldnet.com
2	log.outbrainimg.com	widgets.outbrain.com
2	obs.cheqzone.com	ob.cheqzone.com www.heraldnet.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	www.i.matheranalytics.com	www.heraldnet.com
2	api.userway.org	cdn.userway.org
2	js.matheranalytics.com	1 redirects www.heraldnet.com
2	cdn.onesignal.com	www.heraldnet.com cdn.onesignal.com
2	b2cdn.automatad.com	www.heraldnet.com go.automatad.com
2	ajax.googleapis.com	www.heraldnet.com
1	signal-metrics-collector-beta.s-onetag.com	signal-beacon.s-onetag.com
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	analytics.webgains.io	track.webgains.com
1	ssbsync.smartadserver.com	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
1	s0.2mdn.net	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
1	s.tribalfusion.com	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	ad-server.eu	245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
1	futalis.de	hal900015.redintelligence.net
1	adv.office-partner.de	hal900015.redintelligence.net
1	pb.media01.eu	hal900015.redintelligence.net
1	mv.outbrain.com	widgets.outbrain.com
1	pxdrop.lijit.com	www.heraldnet.com
1	gslbeacon.lijit.com	ap.lijit.com
1	odb.outbrain.com	widgets.outbrain.com
1	cdnjs.cloudflare.com	go.automatad.com
1	ob.cheqzone.com	widgets.outbrain.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	widget-pixels.outbrain.com	www.heraldnet.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	www.accuweather.com	www.heraldnet.com
1	go.automatad.com	1 redirects
1	get.s-onetag.com	www.heraldnet.com
1	cdn.jwplayer.com	www.heraldnet.com
1	cdn.blueconic.net	www.heraldnet.com
1	everett-tpweb.newsengin.com	www.heraldnet.com
1	www.heraldnet.com
0	everett.newzware.com Failed	www.heraldnet.com
0	everettweb.newzware.com Failed	2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com www.heraldnet.com
285	81

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
www.pnwcareers.com
secure.adpay.com
everettweb.newzware.com
www.facebook.com
twitter.com
reddit.com
lpost.org
www.jpost.com
www.reckonsoft.org
www.outbrain.com
www.instagram.com
www.soundpublishing.com

Subject Issuer	Validity	Valid
www.heraldnet.com R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-21` - `2023-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.newsengin.com Amazon	`2021-08-31` - `2022-09-29`	a year	crt.sh
*.blueconic.net Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
jwplayer.com Amazon	`2021-12-29` - `2023-01-25`	a year	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.accuweather.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-09-16`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-03` - `2022-04-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
api.userway.org Amazon	`2021-11-02` - `2022-11-30`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.cheqzone.com Amazon	`2022-01-22` - `2023-02-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
b2cdn.automatad.com R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
cert1.a2.atm.aqfer.net R3	`2022-03-25` - `2022-06-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
view.flexitive.com GoGetSSL RSA DV CA	`2022-02-17` - `2022-12-02`	9 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
adv.office-partner.de R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.futalis.de R3	`2022-02-21` - `2022-05-22`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2021-07-17` - `2022-07-17`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.flx10.com GoGetSSL RSA DV CA	`2021-05-14` - `2022-06-14`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-08-29`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Frame ID: 87A95A34AF0F71EC6F3146438F5D33F6
Requests: 162 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Frame ID: 2CD7581F5E90FD669EB8D779ADADCFFD
Requests: 9 HTTP requests in this frame

Frame: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DC02B4E333E17ACB574403E4936CE8A8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7F79FECC29F35EDEF0C2B94341F4B068
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=m_658444_708359ece48a4acda522b373080e3d14&rand=3027&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&v=1.2
Frame ID: 77928890D9406A11515A972C22591DCB
Requests: 1 HTTP requests in this frame

Frame: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E2314FE944350F1CD4EE5F23C31D94C0
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXboF4X68fVvpTGkm4ouBm9xdhT4wS2IIHrZO7mLCofKxFXXFO50gjC2CwuOlTanuHk-BKf9Oy-p46qj4oDmNGPD37R91WpMaLtwf2DVqG9GVMBAh3oA2bAKVnBhTdxe7HTVWSXAqQn7VHCSW1dGRo27ucLDZ5qK45XbmvXA-9oTEs72xo
Frame ID: 6FAF0D14F5E601D9D253B610F34CD371
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 32E64A89173159DACB4DFD454E95A238
Requests: 3 HTTP requests in this frame

Frame: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A5D59865A7A2996587076942C9642E5F
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31447600120403400710616011910015&actionid=981741&produktid=&dt_url=
Frame ID: B6919DC59086253036A7B77FF8618810
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 6711B50EA43BB187B7993DC41C1A9CB6
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1292636162
Frame ID: AF840CA4E639737285E9AFF8EEB58A86
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47
Frame ID: C5BE418A77AFA03CD5D7170AEFAA5D89
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7362EC8E70BD6C1E271B376F2892612F
Requests: 9 HTTP requests in this frame

Frame: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Frame ID: 5BD66F2A9095DAF067FECF500EFE1AAF
Requests: 23 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: D8D4E40B56AF260ADEB651FF5041213B
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: CBC05F583F7B0866A74D37FD5D18C171
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2CA4C4D464989E354686C2A1F7B9E498
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2E185410B31DF33BDA60CF588CF564B9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 8E31EDACDBCC658FA9FA35B43FAB3E7D
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2E7AEE1148CD031E5F2AE06FFBEBD827
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: ABD2F1162D6C89FAB09B24570E56BC8C
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: D633095D21224900CE40B726756D795E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 42926134A00F52B48F3AD192E2C33767
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7AC077FC9701C535D6CEB9B184BA3A94
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 86118814C6C14B442E7F2229C593CFF7
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 26970AF1FCE884DB2DDBFBCBD0AF50ED
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: EFD21D7FFDAA898EE9129B96D321CCC8
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 3F48E273F20713055799ABF8BFC75E8E
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 769B409494D4FEF3C662179CFD7C9B0E
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 6924F06A08E72DFF04EA42192FF9F66C
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: CEEAA103FD2AABE656572CD92D4828C6
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 4097F311366B668EDC2E8C05285934F6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

King Cobra Gummies Reviews (Scam or Legit) - Pros, Cons, Side effects and How It works | HeraldNet.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

285
Requests

93 %
HTTPS

38 %
IPv6

48
Domains

81
Subdomains

65
IPs

11
Countries

3319 kB
Transfer

8806 kB
Size

41
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.legacy.com/obituaries/heraldnet/
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.pnwcareers.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/searchresultsdisplay.aspx?p=8895&procid=8e66edb6-0c7e-4555-b6ad-a1f31bdd4720&searchCategory=2287&Asearch=&searchZip=98370&searchDistance=1000&filtercatid=423609,423610,423611,423612,341536
Title: Legal notices

Search URL Search Domain Scan URL

URL: https://everettweb.newzware.com/ss70v2/everett/common/template.jsp
Title: Manage your account

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?text=King+Cobra+Gummies+Reviews+%28Scam+or+Legit%29+%E2%80%93+Pros%2C+Cons%2C+Side+effects+and+How+It+works+-+https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F

Search URL Search Domain Scan URL

URL: http://reddit.com/submit?url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&title=King+Cobra+Gummies+Reviews+%28Scam+or+Legit%29+%E2%80%93+Pros%2C+Cons%2C+Side+effects+and+How+It+works

Search URL Search Domain Scan URL

URL: http://lpost.org/go/king-cobra-us/
Title: MUST SEE: (SPECIAL SAVINGS) Click Here to Get King Cobra Gummies For an Exclusive Discounted Price

Search URL Search Domain Scan URL

URL: https://www.jpost.com/promocontent/mens-miracle-health-reviews-pros-cons-side-effects-and-how-it-works-685335
Title: health

Search URL Search Domain Scan URL

URL: http://lpost.org/
Title: muscle building

Search URL Search Domain Scan URL

URL: https://www.jpost.com/promocontent/testotin-au-and-uk-reviews-does-testotin-really-work-or-scam-shocking-side-effects-reveals-686947
Title: endurance

Search URL Search Domain Scan URL

URL: https://www.reckonsoft.org/
Title: https://www.reckonsoft.org/

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeraldNet/

Search URL Search Domain Scan URL

URL: https://twitter.com/everettherald/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/everettherald/

Search URL Search Domain Scan URL

URL: http://www.soundpublishing.com/
Title: Sound Publishing, Inc.

Search URL Search Domain Scan URL

URL: https://everettweb.newzware.com/ss70v2/everett/common/template.jsp?rpage=https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Title: Register today!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://go.automatad.com/geo/FtSDHt/afihbs.js HTTP 301
https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js

Request Chain 59

https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1590 HTTP 301
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yj81wkeoHZL2uzih6ELP.gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1&google_hm=2

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOKJ8XnkY4Q1uayx-1FewFc&google_cver=1

Request Chain 168

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzc0MzkzOTA3OTI1ODYzOA%3D%3D

Request Chain 173

https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 180

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=31447600120403400710616011910015&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31447600120403400710616011910015&actionid=981741&produktid=&dt_url=

Request Chain 182

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=31447600120403400710616011910015&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1292636162

Request Chain 185

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=31447600120403400710616011910015 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 196

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAaL9-yktmOhqoFXKszGyEI&google_cver=1&google_push=AYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAaL9-yktmOhqoFXKszGyEI&google_cver=1&google_push=AYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 199

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEELnYRqZjUg62CWPuBjY__g&google_cver=1&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0GIIyIhK3bRiveYazLvbDAy_e7uAA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEELnYRqZjUg62CWPuBjY__g&google_cver=1&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0GIIyIhK3bRiveYazLvbDAy_e7uAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ3NjEwMTc2NTIzNTI1OTM5NQ&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0GIIyIhK3bRiveYazLvbDAy_e7uAA

Request Chain 200

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENejuRCImcVY196CdKTcBYs&google_cver=1&google_push=AYg5qPIbVjIGH33FJi-YsrU-jVOE0XDJtzfA6-R3pPI4EfCYNLNDS7LdlUPn4pCe0DoQoMb-R9IRa3OxY6_CY1-LyCl6LzZjvrkA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENejuRCImcVY196CdKTcBYs&google_cver=1&google_push=AYg5qPIbVjIGH33FJi-YsrU-jVOE0XDJtzfA6-R3pPI4EfCYNLNDS7LdlUPn4pCe0DoQoMb-R9IRa3OxY6_CY1-LyCl6LzZjvrkA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2VyBT2SgSFCqy_IfYBuNuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbVjIGH33FJi-YsrU-jVOE0XDJtzfA6-R3pPI4EfCYNLNDS7LdlUPn4pCe0DoQoMb-R9IRa3OxY6_CY1-LyCl6LzZjvrkA

Request Chain 201

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4&google_cver=1&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4

285 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/ 248 KB
34 KB 1285ms
842ms Document
text/html 104.198.41.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.41.198 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.41.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 43625e257a720becbb8c961a70c1423b110698f9ddd9c95a843f4c5e3ec7ad17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 26 Mar 2022 15:48:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://www.heraldnet.com/wp-json/>; rel="https://api.w.org/" <https://www.heraldnet.com/wp-json/wp/v2/posts/750676>; rel="alternate"; type="application/json" <https://www.heraldnet.com/?p=750676>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
content-encoding: br

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 149ms
51ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52608-71

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e04869623e7d55cea9b9c5708ad71f3578cc21c7ce8173ef9555eb0def6dae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37550
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Mar 2022 15:48:15 GMT

GET
H2 200 marketplace.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/css/ 6 KB
2 KB 54ms
6ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/css/marketplace.css?ver=1.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f08ec3ed6fd0ebe53f6f4f9015acfb7443f1221ed76d9d575d2757d9db760a6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:54:03 GMT
server: NetDNA-cache/2.2
etag: W/"620a892b-1794"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 weather-bug.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/weather-bug/css/ 1 KB
689 B 53ms
7ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/weather-bug/css/weather-bug.css?ver=5.9.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5da32ead21ee2f8124a0e0a6884c9a0b4cf31cdaecd23fde4e527a7cc01b187d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 22:59:08 GMT
server: NetDNA-cache/2.2
etag: W/"611ee23c-4a0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.ui.all.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/ 37 KB
9 KB 56ms
11ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/jquery.ui.all.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-9420"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 epass-css.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/ 3 KB
1 KB 56ms
11ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/css/epass-css.css?ver=1.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-a20"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 57ms
13ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 19:42:26 GMT
server: NetDNA-cache/2.2
etag: W/"620ea522-145a9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wpba-frontend.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/ 852 B
653 B 58ms
15ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-better-attachments/assets/css/wpba-frontend.css?ver=1.3.11
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:20:53 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2f85-354"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/maxmegamenu/ 196 KB
16 KB 60ms
18ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/maxmegamenu/style.css?ver=9b7c04
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1b0e4dde65e1477fecf4e8f8e86133194652d7f773da8bfad5f7f219a998b5c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 07:11:47 GMT
server: NetDNA-cache/2.2
etag: W/"623d6b33-30ea9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
expires: Sun, 24 Apr 2022 07:12:21 GMT

GET
H2 200 dashicons.min.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/ 58 KB
35 KB 61ms
19ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/css/dashicons.min.css?ver=5.9.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: NetDNA-cache/2.2
etag: W/"603ffca6-e688"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foundation.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/ 270 KB
41 KB 66ms
25ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 51c405ed49b86d5366bfd0e71cc09f7b94c5ca0abb6d61ff513aebfd983447cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 19:03:21 GMT
server: NetDNA-cache/2.2
etag: W/"61ddd479-4385c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 site-enhancements.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/ 2 KB
870 B 69ms
29ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/site-enhancements.css?ver=1.0.22
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0e6758fd59ce0b800d1ad9c0be911b62b945655f897e7edc01e2b8c74dea43c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 20:31:07 GMT
server: NetDNA-cache/2.2
etag: W/"6217eb0b-966"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/ 2 KB
816 B 55ms
16ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 21:00:20 GMT
server: NetDNA-cache/2.2
etag: W/"59e91264-765"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/ 3 KB
1 KB 68ms
29ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/slick/slick-theme.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 21:00:20 GMT
server: NetDNA-cache/2.2
etag: W/"59e91264-d28"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 teamplayer-theme.css
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/ 191 B
358 B 69ms
30ms Stylesheet
text/css 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/css/teamplayer/teamplayer-theme.css?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 22:26:56 GMT
server: NetDNA-cache/2.2
etag: W/"59e926b0-bf"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 config.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 28 KB
8 KB 89ms
51ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/config.js?ver=3.5
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 16:58:59 GMT
server: NetDNA-cache/2.2
etag: W/"601ad653-70a2"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 site-min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 47 KB
6 KB 81ms
43ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/site-min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-bc57"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-1.7.2.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 93 KB
33 KB 83ms
46ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-1.7.2.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-1727a"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.ui.core.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 4 KB
2 KB 81ms
44ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery.ui.core.min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-1113"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-ui.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 197 KB
51 KB 70ms
34ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/jquery-ui.min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-31480"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 nwJQuery.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 35 B
269 B 74ms
39ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/nwJQuery.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: "5e540ecf-23"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35

GET
H2 200 e-pass-min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 82 KB
13 KB 67ms
32ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/e-pass-min.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 17:58:39 GMT
server: NetDNA-cache/2.2
etag: W/"5e540ecf-146bc"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend-gtag.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/google-analytics-premium/assets/js/ 12 KB
3 KB 74ms
40ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.4.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ad94ea1bc50aaf3b69323cbcc73629348c0abf5796d15ed15238ac4e01b81680

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 23:57:46 GMT
server: NetDNA-cache/2.2
etag: W/"6227ed7a-2e19"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 136ms
43ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js?ver=2.1.0

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 04:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29478
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Mar 2023 04:46:03 GMT

GET
H2 200 ai-jquery.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ 18 B
252 B 66ms
32ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ai-jquery.js?ver=5.9.2+2.5.10
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
last-modified: Wed, 08 Jan 2020 21:04:07 GMT
server: NetDNA-cache/2.2
etag: "5e1643c7-12"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18

GET
H2 200 hb-amzn-uam.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/ 3 KB
1 KB 54ms
50ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:21:38 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2fb2-c02"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 picturefill.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/app/ 12 KB
5 KB 62ms
31ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/wp-retina-2x/app/picturefill.min.js?ver=1646783947
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 23:59:07 GMT
server: NetDNA-cache/2.2
etag: W/"6227edcb-2e37"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 slick.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/ 86 KB
15 KB 72ms
43ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/slick.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 20:59:37 GMT
server: NetDNA-cache/2.2
etag: W/"59e91239-15986"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 header.js Show response
everett-tpweb.newsengin.com/tpweb/web/js/ 4 KB
2 KB 319ms
97ms Script
application/javascript 34.192.73.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://everett-tpweb.newsengin.com/tpweb/web/js/header.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.73.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-73-232.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
x-cacheable: YES
age: 0
x-cache: HIT
x-unsetcookies: TRUE
content-length: 1290
access-control-allow-origin: *
last-modified: Fri, 21 Feb 2020 17:23:59 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "f9e-59f1949826d94-gzip"
vary: Accept-Encoding
x-varnish: 66722363 64019955
via: 1.1 varnish (Varnish/6.0)
cache-control: max-age=60
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 teamplayer-local.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/ 679 B
540 B 59ms
31ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/teamplayer/teamplayer-local.js?ver=1.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 22:29:27 GMT
server: NetDNA-cache/2.2
etag: W/"59e92747-2a7"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 13 KB
6 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.9.2

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5480
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 19:12:54 GMT

GET
H2 200 webfontloader.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 146 B
369 B 58ms
31ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/webfontloader.js?ver=1.0.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2017 01:34:13 GMT
server: NetDNA-cache/2.2
etag: W/"598bb815-92"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 opencomments.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 268 B
461 B 57ms
30ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/opencomments.js?ver=1.0.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 40e0b1381eb74784690a674838c4139c0006221c5d2d0d8be4563a33f55ccbc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:15 GMT
content-encoding: gzip
last-modified: Wed, 10 Jan 2018 21:10:37 GMT
server: NetDNA-cache/2.2
etag: W/"5a56814d-10c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 marketplace.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/js/ 5 KB
2 KB 55ms
50ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/marketplace-shortcode-block/js/marketplace.js?ver=1.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a24c905619988e3cb9b56c51b3cd6597a6f5757624afa14e893fe44d6821ae17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 17:37:17 GMT
server: NetDNA-cache/2.2
etag: W/"620a934d-130f"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 soundpublishing.js Show response
cdn.blueconic.net/ 134 KB
40 KB 50ms
11ms Script
text/javascript 108.157.4.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/soundpublishing.js

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-127.dus51.r.cloudfront.net

Software

- /

Resource Hash

1b0fb9fa09f426abbe7e5d50761008a3a45b7489b8137620eb45153dbfb1fef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 88
x-cache: Hit from cloudfront
content-length: 40631
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Mar 2022 16:25:45 GMT
server: -
etag: "2167d-5dad11098aaf0-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: DUS51-P2
accept-ranges: none
x-robots-tag: noindex, nofollow
x-amz-cf-id: qTDwDKPBzzOfpkhxoqBCThUpX4IWARCeLKnZFkwuZ7BaMGROTMYcww==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 197 KB
68 KB 75ms
12ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d83858231e5c1aed4e645c0e3168d312e106136741342c8289642b652bc06cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:37:03 GMT
etag: "16-JlbAR8YS6KqHoiyOz3qPvpK0Rqg"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: d90042a66ebf20c0822c4f3b5773995a
timing-allow-origin: *, *
content-length: 69508

GET
H2 200 NOZVn4NA.js Show response
cdn.jwplayer.com/libraries/ 113 KB
40 KB 77ms
24ms Script
text/javascript 2600:9000:225a:7200:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/NOZVn4NA.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:7200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ecd9c33951693d45521124e3665ebe0d553dc14480240c9ef5984282007e4123

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:45:56 GMT
content-encoding: gzip
server: openresty
age: 139
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
x-amz-cf-pop: TXL50-P1
content-length: 40468
via: 1.1 1957d4cc5292a750b93cc06eb79b023e.cloudfront.net (CloudFront)
x-amz-cf-id: Oe92lZRyEiAMo54iLmvylZ1mi8pP1pykYawZWshCW4g4pjObyqCCbg==
expires: Sat, 26 Mar 2022 15:45:47 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/ 30 KB
10 KB 470ms
439ms Script
text/javascript 143.204.98.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-127.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: xj57ez3UnPy2eN1qoVkw.LFL15QiNFIp
content-encoding: gzip
last-modified: Thu, 23 Jul 2020 20:40:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"520479fb1242c9257060bcec5558c41d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
date: Sat, 26 Mar 2022 15:48:17 GMT
x-amz-cf-id: KrWp1EnEPPZCKi4NsoXUMDks75q6HlGhBGXJ2c4qTuSWAa3_th5n8Q==

GET
H2

200

afihbs.js Show response
b2cdn.automatad.com/geo/FtSDHt/all-geo-W/
Redirect Chain

https://go.automatad.com/geo/FtSDHt/afihbs.js
https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js

62 KB
19 KB

241ms
168ms

Script
application/javascript

185.93.2.243
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Server: 185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-93-2-243.datapacket.com
Software: BunnyCDN-FR1-827 /
Resource Hash: 241120e717fa04aad472010465c2e396531bedbcb50b3e0955a55720d1639f74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: br
x-openstack-request-id: txc4e3ed9a4d45494eb487b-006231ef27
cdn-edgestorageid: 827
access-control-allow-origin: *
x-iplb-instance: 28795
cdn-cachedat: 03/16/2022 15:31:21
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: txc4e3ed9a4d45494eb487b-006231ef27
server: BunnyCDN-FR1-827
x-timestamp: 1647439564.72163
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Wed, 16 Mar 2022 14:06:05 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F7:4283_8E2CE366:01BB_6231EF21_26CE95E:0E5B
vary: Accept-Encoding
x-object-meta-mtime: 1647439526.202372798
cdn-cache: REVALIDATED
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: c2a641850edba9d83994f4c9c3ca7670
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Sat, 26 Mar 2022 15:48:16 GMT
server: nginx/1.17.8
content-type: text/html; charset=utf-8
location: https://b2cdn.automatad.com/geo/FtSDHt/all-geo-W/afihbs.js
cache-control: no-cache
x-automatad-country: DE
content-length: 93
expires: Sat, 26 Mar 2022 15:48:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 57ms
53ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109002081-1

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64694e17360f0d3cfb8b1c878db18070088cea291dcb891aa2cb6c5bde408af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37603
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H2 200 7.svg
www.accuweather.com/images/weathericons/ 1 KB
813 B 75ms
13ms Image
image/svg+xml 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.accuweather.com/images/weathericons/7.svg

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-80.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

1ecb3bc08c83c9843ac1f2d087850e435e90b774f4150b06662b315012b57b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
last-modified: Sat, 05 Mar 2022 18:12:38 GMT
server: Akamai Resource Optimizer
etag: "8a8e7eafd58874beb6cad04751117055:1646411587.571757"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
cache-control: max-age=37324
server-timing: edge; dur=20
accept-ranges: bytes
content-length: 540
expires: Sun, 27 Mar 2022 02:10:20 GMT

GET
H2 200 nwpagetrac.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 3 KB
1 KB 9ms
8ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/nwpagetrac.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 20ba629d938b494afcc23b5b4eef49fcbeea07e1ac3627723bcdbe65b2275ae0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Tue, 15 Feb 2022 18:04:30 GMT
server: NetDNA-cache/2.2
etag: W/"620beb2e-b93"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 204ms
6ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f1c91af6c538d12340c0cae717a55e26e68e3e079cb768f86e9f0c3495107c62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 26 Mar 2022 15:48:16 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-77-nzt-ray: qO5+HL3QVO0
age: 122
x-77-cache: HIT
x-cache: HIT
x-age: 2217
content-encoding: br
x-77-nzt: AcO1ryzOOH3/qQgAAA
x-accel-expires: @1648311079
last-modified: Sat, 26 Mar 2022 15:00:51 GMT
server: CDN77-Turbo
etag: W/"a1d2ccc2dad6bf99c2c55ba4f63473d2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fp722snDY47EM1O-lpRN2rhcTbVvugO6xm0xir2PjCViglaeOtuYcA==

GET
H2 200 marketplace-dofollow.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 206 B
404 B 54ms
51ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/marketplace-dofollow.min.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7505468536f0cc99279960b2e9380a1da3b766dbe27440f3562be6e974512e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 17:23:34 GMT
server: NetDNA-cache/2.2
etag: W/"60c8e216-ce"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 epass.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ 3 KB
1 KB 7ms
7ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-paywall-newzware/javascript/epass.js?ver=2.5
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 22:10:31 GMT
server: NetDNA-cache/2.2
etag: W/"5f46ddd7-dda"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foundation.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/ 963 KB
263 KB 13ms
8ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/foundation.js?ver=2.9.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2017 04:14:29 GMT
server: NetDNA-cache/2.2
etag: W/"59cc7725-f0b74"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tag-styles.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/custom/ 2 KB
954 B 52ms
47ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/custom/tag-styles.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4ed55f464aa6a905c3dc6939c5629f1f323d447483590e754141ddec2e4e2208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 20:00:31 GMT
server: NetDNA-cache/2.2
etag: W/"6202cbdf-6bd"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 subscriber-sign-in.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/custom/ 473 B
571 B 53ms
47ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/javascript/custom/subscriber-sign-in.js?ver=1.0.0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5c06b132c1ef6e46355586f7c837c1faf71776a9f7310aa208a8d962fd32f76a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 19:49:23 GMT
server: NetDNA-cache/2.2
etag: W/"6202c943-1d9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.sonar.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/ 1 KB
969 B 53ms
48ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js?ver=0.6.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:22:17 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2fd9-580"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lazy-load.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/ 902 B
707 B 53ms
48ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/lazy-load/js/lazy-load.js?ver=0.6.1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 02:22:17 GMT
server: NetDNA-cache/2.2
etag: W/"5c9c2fd9-386"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hoverIntent.min.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
956 B 54ms
48ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 491ee20092ce969e6785601ae4595748d4ac5ee4df19012b19b77de6c9dfd357

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 15:03:18 GMT
server: NetDNA-cache/2.2
etag: W/"61d31036-5dc"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 maxmegamenu.js Show response
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/megamenu/js/ 30 KB
5 KB 54ms
49ms Script
application/javascript 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.5
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 17:35:51 GMT
server: NetDNA-cache/2.2
etag: W/"61ddbff7-7741"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 44ms
17ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.2
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3177
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6f2107918c479a2f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Mar 2022 15:48:16 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 139ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28043
x-xss-protection: 0
server: sffe
etag: "1169 / 865 of 1000 / last-modified: 1648245909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52608-71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6210
date: Sat, 26 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 26 Mar 2022 16:04:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 143ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.9.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1659fa9643badfeb288ce6e5e39f8e4001c18818c5940a59a2d72ccb0c72be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:48:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 15:48:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
33 KB 71ms
69ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDKHNZ4

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f759d83fbcd36613d335ed0caebdfeaf3228cccd28fbd8749a3edef80e4346a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33744
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
45 KB 96ms
94ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBNW4C

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aff48fe7764c9635cc445bdcee90991586b072211a7dca611266849b5388f568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46095
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
39 KB 120ms
117ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWBBMFL

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eef3ecfd98946a83434a3b7f21198b9ac78de0cfa45d82e6e686797250f1dc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39897
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Mar 2022 15:48:16 GMT

POST
H2 200 354 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 66 KB
12 KB 395ms
191ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-03-26T15%3A48%3A15%2B00%3A00&ts=1648309695543

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

b31e191ed9af0cd3bd9091e16cb7d5d542a658c7f1f3d8e17a1923c4b8509f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 11115
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma13246/715673500/2/
Redirect Chain

https://js.matheranalytics.com/s/ma13246/715673500/ml.js?cb=1590
https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js

140 KB
41 KB

16ms
15ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 18:18:25 GMT
via: 1.1 google
last-modified: Fri, 12 Mar 2021 20:56:34 GMT
server: nginx
age: 77391
etag: "a1715eaf03a833c065ff7e0c37e0c3ec"
vary: Accept-Encoding
x-cache: HIT Mon, 15 Mar 2021 15:20:27 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
content-encoding: br
alt-svc: clear
content-length: 41569

Redirect headers

date: Sat, 26 Mar 2022 15:48:16 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma13246/715673500/2/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 7-gc-euw1-10929

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: 4c4i5+D5o++o08x8UJcuJ3rq3itOAgpmSzZH4U+c5VCwqE0jNXkpoFcqRkJUJvyBGN0mbE9obf6IysmsFo68Xg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 26 Mar 2022 15:48:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET jquery.ui.all.css
everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/ 0
0

GET nwpagetrac.jsp
everettweb.newzware.com/ss70v2/common/ 0
0

GET
H3 200 869459273124027 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 212ms
194ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/869459273124027?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

469842e8b5a16750bfe4c51325641d947f4ae57c5e9a3aa3ca928bd3389791a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: nb1S1qkJWS2oI5bMzhJ/HRw0KfHXHPloaW3anYRnabtXn2xQO8DnndX/T5I0B3Rw4d1pvUlWnz7Gxh87rvDnSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 26 Mar 2022 15:48:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget_app_base_1648306702464.js Show response
cdn.userway.org/widgetapp/2022-03-26/ 108 KB
30 KB 15ms
14ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-03-26/widget_app_base_1648306702464.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 667ca4cb7cc0c21ac218c29d41366c4d0e168ad65e3f3d2193ada22788bc7eb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 26 Mar 2022 15:48:16 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-77-nzt-ray: tErfi4tC1ME
age: 93
x-77-cache: HIT
x-cache: HIT
x-age: 2244
content-encoding: br
x-77-nzt: AcO1ryxRVRj/xAgAAA
x-accel-expires: @1674227452
last-modified: Sat, 26 Mar 2022 15:00:50 GMT
server: CDN77-Turbo
etag: W/"77a63adcf5460f5109c392951aaf38a5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6BmNgMlqA7y8gjuekR1VNxPriC1T78HWrgnIVjHsvqyShBoJUwVHpQ==

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 fontawesome-webfont.woff2
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/ 75 KB
76 KB 20ms
6ms Font
font/woff2 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/themes/SoundPress/assets/stylesheets/foundation.css?ver=2.9.1
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
last-modified: Tue, 19 Sep 2017 19:17:53 GMT
server: NetDNA-cache/2.2
etag: "59c16d61-12d68"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 27582026_web1_M1-EDH-20211220-1280xwide-king-1200x814.jpg
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/ 47 KB
47 KB 686ms
685ms Image
image/jpeg 108.161.188.228
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/27582026_web1_M1-EDH-20211220-1280xwide-king-1200x814.jpg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9310328a2452fb4b9e16e3d9d93ea6c7cb9dc794372c30cad57e71ae2dcae031

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 26 Mar 2022 15:48:16 GMT
last-modified: Sat, 01 Jan 2022 07:12:01 GMT
server: NetDNA-cache/2.2
etag: "31a91b7eb1bb06c9b3cedda67ce2ff2a"
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47909
expires: Mon, 25 Apr 2022 15:48:16 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 29ms
11ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
URL: https://2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com/wp-content/plugins/soundpress-header-bidding-amzn/js/hb-amzn-uam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: .7apL996dsR_ZFPBtTTtY5SRaPfBf8DJ
content-encoding: gzip
etag: 4e3fad24a118a07cea7ce88b2721a583
age: 605
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0B07PX6JG3XPF05B36N8
date: Sat, 26 Mar 2022 15:48:16 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: CW-QoYx3QRyD8UuCqFu4Dawhy2YJuiroSAyQDtHVWNaL5_IKITJe5w==

GET 80.png
everett.newzware.com/newzlib/images/milky-icons/48/ 0
0

GET 23.png
everett.newzware.com/newzlib/images/milky-icons/48/ 0
0

GET 84.png
everett.newzware.com/newzlib/images/milky-icons/48/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 200ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 320589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:45:07 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
30 KB 284ms
126ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:55:47 GMT
x-content-type-options: nosniff
age: 359549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:55:47 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 267ms
109ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 21:33:16 GMT
x-content-type-options: nosniff
age: 238500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 21:33:16 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 298ms
147ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 21:34:13 GMT
x-content-type-options: nosniff
age: 238443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 21:34:13 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 282ms
138ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 21:39:39 GMT
x-content-type-options: nosniff
age: 238117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19780
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 21:39:39 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 145ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2957
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6f210794a831693f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Mar 2022 15:48:16 GMT

GET
H2 200 fe2748ae297beac360acc6bc2eb65499 Show response
soundpublishing.blueconic.net/plugin/plugin/ 183 KB
44 KB 97ms
97ms Script
text/javascript 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/plugin/plugin/fe2748ae297beac360acc6bc2eb65499

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

eac56592bcbf66d0da592c536e16330288fb0d47cead2fc5350589ab1cfd006c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Mar 2022 15:48:16 GMT
server: -
etag: fe2748ae297beac360acc6bc2eb65499
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 44123
x-xss-protection: 1; mode=block
expires: Sun, 26 Mar 2023 15:48:16 GMT

POST
H2 200 HEcDOP2vLC Show response
api.userway.org/api/tunings/ 755 B
1 KB 518ms
170ms XHR
application/json 52.25.128.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/HEcDOP2vLC
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-03-26/widget_app_base_1648306702464.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.128.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-128-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e453c5b4e6aa1d59a153e0e3dba7a2fd7f650af717505adc848f8da64f9ba89d

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
etag: W/"2f3-C0heGtYdsyHZfdHO233/LKC55Ug"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 755
x-service-version: uw-pr

GET
H/1.1 200
OK d3d3LmhlcmFsZG5ldC5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
461 B 109ms
28ms XHR
application/json 2.22.34.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmhlcmFsZG5ldC5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.34.3 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-34-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:16 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=28188
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 326a5b28f0567b17569e5a12f70f76b
Content-Length: 15
Expires: Sat, 26 Mar 2022 23:38:04 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 40ms
8ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.4809684255487423
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 25 Apr 2022 15:48:16 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
20 KB 169ms
95ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i%7CMontserrat:400,500,600,700,800,900%7COpen+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 22:03:32 GMT
x-content-type-options: nosniff
age: 236684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19900
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:23:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 22:03:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 92ms
46ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=120539578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=34739010&gjid=514441015&cid=1978181241.1648309696&tid=UA-52608-71&_gid=772993816.1648309696&_r=1&gtm=2ou3e0&cd1=Wire%20Service&cd2=National%20Marketplace&cd3=untagged&cd4=post&did=dZGIzZG&gdid=dZGIzZG&z=821763675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 128ms
39ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 11:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Mar 2023 11:28:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 236 B
773 B 137ms
50ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

0498512a69bfa3f071a9693410eaf239abffad22455ce40a76e2127cf5af4358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 175 KB
64 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2WM1N458VT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52608-71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8792edce8bc57c9da1fe3788a0c68a3c7911ab01c24685142b9c4a40040273a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65628
x-xss-protection: 0
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 9ms
9ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heraldnet.com&pubid=f4e5f220-2efc-45a1-869f-0b293f8aec73
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 12:02:10 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
server: Server
age: 13565
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.heraldnet.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: x6bzf15aqkAIXHwttEPbLcuccVqqEinkFWg_u-JTscbARB3HYuri4Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
494 B 56ms
55ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&pid=pCzFOJ5yjBYRj&cb=0&ws=1600x1200&v=7.74.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-gpt-2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit2%22%7D%2C%7B%22sd%22%3A%22div-gpt-3%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit3%22%7D%2C%7B%22sd%22%3A%22div-gpt-4%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit4%22%7D%2C%7B%22sd%22%3A%22div-gpt-5%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit5%22%7D%2C%7B%22sd%22%3A%22div-gpt-6%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit6%22%7D%2C%7B%22sd%22%3A%22div-gpt-7%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit7%22%7D%2C%7B%22sd%22%3A%22div-gpt-8%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit8%22%7D%2C%7B%22sd%22%3A%22div-gpt-9%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit9%22%7D%2C%7B%22sd%22%3A%22div-gpt-10%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit10%22%7D%2C%7B%22sd%22%3A%22div-gpt-11%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit11%22%7D%2C%7B%22sd%22%3A%22div-gpt-12%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit12%22%7D%2C%7B%22sd%22%3A%22div-gpt-13%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit13%22%7D%2C%7B%22sd%22%3A%22div-gpt-14%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1036994%2FadUnit14%22%7D%5D&pubid=f4e5f220-2efc-45a1-869f-0b293f8aec73&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: ANCGYMKH3ACVREA2Q5Y7
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _mAmwP09sbcu86DFlQm_yMvxnovRjF2kMfKzzPfzGdLcU5P8F3Ap0A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 27ms
11ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 44602
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 17 Mar 2022 02:21:48 GMT
server: AmazonS3
date: Sat, 26 Mar 2022 03:24:55 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hFIu9ZI6oCLRE9dS1gY1YvE0Lp4VbtHNqLlkq9-JiHHCgRzmzvJrRg==

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 417ms
100ms Image
image/gif 34.196.36.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sec=National%20Marketplace&artpubt=1639992600&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&tid=117bc16f-621b-4102-8674-ebd1156b93ee&pid=3779c487-88a2-47d6-81f8-f7478ec95656&dtm=1648309696104&qnm=_matherq&visible=1&tabid=2bd4a021-93a6-4a51-a450-40e154e98f06&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&vp=1600x1200&ds=1600x6781&tofa=1648309696&vid=1&lvidt=1648309696&duid=634a955f3c947650&fp=540708920&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0ODMwOTY5Mzc4NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNS4ybWIiLCJoZWFwVCI6IjE3LjFtYiIsImZzdFBhaW50IjoiMjA0MyIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIxMDYiLCJjb25uUyI6IjEwNiIsImNvbm5FIjoiNDQ0Iiwic3NsUyI6IjIxOCIsInJlcXVTIjoiNDQ0IiwicmVzcFMiOiIxMjg1IiwicmVzcEUiOiIxMzkyIiwiZG9tTG9hZCI6IjEyOTAiLCJkb21JbnRlciI6IjIwNDIiLCJkb21Mb2FkUyI6IjIwNDYiLCJkb21Mb2FkRSI6IjIxMTcifSwia2V5d29yZHMiOlsiaGVhZGxpbmVzIl0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTk3ODE4MTI0MSIsInJlZlRpbWUiOiIxNjQ4MzA5Njk2MTAzIn1dfQ
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.36.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-36-29.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
64 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BHJYZD7VVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52608-71

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

180c24bfd6f8bcf76d8dc91881034d116599fe2d95d07337d46ee38b9a0c6571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65675
x-xss-protection: 0
expires: Sat, 26 Mar 2022 15:48:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 59ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=1762503258&gjid=1122182307&_gid=772993816.1648309696&_u=aGDAgUABAAAAAG~&z=757733133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Mar 2022 15:48:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 49ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-48&cid=1978181241.1648309696&jid=1359519721&gjid=124006590&_gid=772993816.1648309696&_u=aGDAgUABAAAAAG~&z=1466843905

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Mar 2022 15:48:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=120539578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user%20status&ea=undefined&el=logged%20out&_u=aGDAAUABAAAAAG~&jid=143801649&gjid=1638614620&cid=1978181241.1648309696&tid=UA-52608-71&_gid=772993816.1648309696&_r=1&gtm=2wg3e0NBNW4C&z=1265796417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=120539578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABAAAAAC~&jid=1762503258&gjid=1122182307&cid=1978181241.1648309696&tid=UA-52608-71&_gid=772993816.1648309696&gtm=2wg3e0NBNW4C&z=1043800478

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 20:21:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70004
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=120539578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&ul=en-us&de=UTF-8&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABAAAAAG~&jid=1359519721&gjid=124006590&cid=1978181241.1648309696&tid=UA-52608-48&_gid=772993816.1648309696&gtm=2wg3e0NBNW4C&z=1357303452

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 20:21:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70004
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 27ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=869459273124027&ev=PageView&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&rl=&if=false&ts=1648309696159&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648309696157.591913107&it=1648309695607&coo=false&rqm=GET

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 26 Mar 2022 15:48:16 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 56ms
9ms Fetch
application/json 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 09:45:16 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 21780
x-amzn-requestid: f5a9a217-4bf0-4f71-9a0b-70d8e2e242e9
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2, FRA50-C1
x-amz-apigw-id: PlgK6E65CYcF4mg=
content-length: 555
x-amz-cf-id: CWDWG2Vd2VxzcWFtXvHJr8xCZZDXYDcS-Ta7f093VTawjv5a1UsUjQ==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 71ms
8ms Script
application/javascript 143.204.98.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-68.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b246a53f18c2f935ef32ebe685c439e9025821055bfdaa878de13f867640d111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: IHBKHmFccqSy07MT7O11tbgBuymhRfsM
content-encoding: gzip
etag: W/"0d9f6f1d9d521b38efa38109b50e6ba7"
last-modified: Wed, 02 Mar 2022 16:27:18 GMT
server: AmazonS3
age: 49669
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sat, 26 Mar 2022 02:00:28 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Qajx47wh5rR5lG-I1N_AtgGsEMRXo4KcCTHpFMgUNVoosWcyaqg3YQ==

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame 2CD7 5 KB
3 KB 84ms
25ms Script
text/javascript 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:16 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"6197f1ea-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap7ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 51ms
8ms Script
text/javascript 143.204.98.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-53.fra50.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 13:20:25 GMT
content-encoding: gzip
server: Caddy
age: 8872
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA50-C1
content-length: 18458
x-amz-cf-id: OxYERd4ojASKqyawyhJ891u2rTpwt7qo1zZTPPgGnYZKmWzo1Fcprw==
expires: Sun, 27 Mar 2022 01:20:24 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 39ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=34739010&gjid=514441015&_gid=772993816.1648309696&_u=YEBAAUAAAAAAAC~&z=9442360

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Mar 2022 15:48:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 149ms
62ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=1762503258&_u=aGDAgUABAAAAAG~&z=143241934

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 151ms
62ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=1762503258&_u=aGDAgUABAAAAAG~&z=143241934

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=143801649&gjid=1638614620&_gid=772993816.1648309696&_u=aGDAAUABAAAAAG~&z=151214016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Mar 2022 15:48:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 012199ba8833e057e181cd80ecbd9ecd Show response
soundpublishing.blueconic.net/plugin/library/ 329 KB
101 KB 97ms
97ms Script
text/javascript 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/plugin/library/012199ba8833e057e181cd80ecbd9ecd

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

43692b59e1346e121cf086854acbda4788a27b1262e1dd87cb3e0d62fafc3b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Mar 2022 15:48:16 GMT
server: -
etag: 012199ba8833e057e181cd80ecbd9ecd
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: public, no-cache="Set-Cookie", max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 102988
x-xss-protection: 1; mode=block
expires: Sun, 26 Mar 2023 15:48:16 GMT

POST
H2 200 LB-Zone-1 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354/ 2 KB
1 KB 192ms
192ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354/LB-Zone-1?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=&bctempid=6601c81d-eba7-447f-9913-4b77be8dfd1c&overruleReferrer=&time=2022-03-26T15%3A48%3A16%2B00%3A00&ts=1648309696263

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

532eb57ee3560da06005582dd96412961bfaaa86eacb07b327e8830e627b372a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 873
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 111ms
63ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=34739010&_u=YEBAAUAAAAAAAC~&z=129643315

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 130ms
63ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=34739010&_u=YEBAAUAAAAAAAC~&z=129643315

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
45ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2WM1N458VT&gtm=2oe3e0&_p=120539578&sr=1600x1200&gdid=dZGIzZG&ul=en-us&cid=1978181241.1648309696&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sid=1648309696&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2WM1N458VT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 45ms
45ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BHJYZD7VVN&gtm=2oe3e0&_p=120539578&sr=1600x1200&gdid=dZGIzZG&ul=en-us&cid=1978181241.1648309696&_s=1&dl=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&dt=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com&sid=1648309696&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.account_status=null
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BHJYZD7VVN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 114ms
66ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=143801649&_u=aGDAAUABAAAAAG~&z=1808807686

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
62ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52608-71&cid=1978181241.1648309696&jid=143801649&_u=aGDAAUABAAAAAG~&z=1808807686

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 138ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1132ms
1085ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3981531991250141&correlator=58366472429405&eid=31065614&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=1036994%2Cadunit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x250&ifi=1&adks=406828873&sfv=1-0-38&ecs=20220326&fsapi=false&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dnational-marketplace%252Cros&sc=1&cookie_enabled=1&abxe=1&dt=1648309696483&lmt=1648309696&dlt=1648309695074&idt=1341&biw=1600&bih=1200&adxs=303&adys=114&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1024x0&msz=970x0&fws=132&ohw=1600&ga_vid=1978181241.1648309696&ga_sid=1648309696&ga_hid=120539578&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

39ac6dc839328f0af21a1f7b474f346d5603a9754007ac8732f71aabf39cf1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9835
x-xss-protection: 0
google-lineitem-id: 5959528759
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138385637240
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
17 KB 147ms
101ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3981531991250141&correlator=58366472429405&eid=31065614&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=1036994%2CBranded-Series-Sponsor-Custom&enc_prev_ius=%2F0%2F1&prev_iu_szs=186x29%7C320x50&ifi=2&adks=1035641377&sfv=1-0-38&ecs=20220326&fsapi=false&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dnational-marketplace%252Cros&sc=1&cookie_enabled=1&abxe=1&dt=1648309696493&lmt=1648309696&dlt=1648309695074&idt=1341&biw=1600&bih=1200&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1978181241.1648309696&ga_sid=1648309696&ga_hid=120539578&ga_fc=true&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d6897fd0ec8a97d5d9acc1ff5b94eb98d1ccc1641d0446e52b80246fd40024fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16920
x-xss-protection: 0
google-lineitem-id: 5917317597
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381329656
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC02 6 KB
4 KB 163ms
47ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 26 Mar 2022 15:48:17 GMT
expires: Sun, 26 Mar 2023 15:48:17 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 2CD7 80 KB
18 KB 40ms
40ms Script
text/javascript 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=658444&width=320&height=50&iv=ov
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Nov 2021 18:51:37 GMT
Server: nginx
ETag: W/"6197f239-14155"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap7ams1
Expires: Sun, 27 Mar 2022 15:48:17 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 22ms
22ms Fetch
application/json 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 09:45:16 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 21781
x-amzn-requestid: f5a9a217-4bf0-4f71-9a0b-70d8e2e242e9
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2, FRA50-C1
x-amz-apigw-id: PlgK6E65CYcF4mg=
content-length: 555
x-amz-cf-id: nQPhm79AwKus1-Gm2kyRMkTUy5MkKHdekyAQ6ZugIWL2xFPyMuA1fw==

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 319ms
115ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=53821711271269670100122535660502742705001191098822701588657903709061&nc=0&tsf=0&tsfmi=&pv=0&cb=1648309696576&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=437199853&at=&bid=e30%3D&di=W1siZWYiLDQ4MDddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjE3NTUyMzM3NTUsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiMTEsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhKTDg2TDIzQUNHVWhC%0D%0ASXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4NzB1eHFGeCJdLFst%0D%0AMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdp%0D%0AZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02%0D%0ALCJ7XCJ3XCI6W1wiMFwiLFwiY2hyb21lXCIsXCJtaV92ZXJzaW9uXCIsXCJtaV90cmFja191c2Vy%0D%0AXCIsXCJtaV9ub190cmFja19yZWFzb25cIixcImRpc2FibGVTdHJzXCIsXCJfX2d0YWdUcmFja2Vy%0D%0ASXNPcHRlZE91dFwiLFwiaW5kZXhcIixcIl9fZ3RhZ1RyYWNrZXJPcHRvdXRcIixcImdhT3B0b3V0%0D%0AXCIsXCJfX2d0YWdEYXRhTGF5ZXJcIixcIl9fZ3RhZ1RyYWNrZXJcIixcImRhdGFMYXllclwiLFwi%0D%0ATW9uc3Rlckluc2lnaHRzRHVhbFRyYWNrZXJcIixcImd0YWdcIixcIl9fZ2FUcmFja2VyXCIsXCJw%0D%0AaHBfdmFyc1wiLFwibnd2aWV3cG9ydHdpZHRoXCIsXCJud3ZpZXdwb3J0aGVpZ2h0XCIsXCJud1Np%0D%0AdGVcIixcIm53UHViRGF0ZVwiLFwibndQcm90b2NvbFwiLFwibndTZXJ2ZXJcIixcIm53RWRpdGlv%0D%0AblwiLFwibndVc2VyQ2tTdWJzY3JpcERheXNcIixcIm53dXNlckNrRGVmYXVsdERheXNcIixcIm53%0D%0AQ29udGVudElkXCIsXCJud0VDb3B5QWNjZXNzXCIsXCJud0RheVBhc3NBY2Nlc3NcIixcIm53TWV0%0D%0AZXJBY2Nlc3NcIixcIm53TXVzdFJlZ2lzdGVyXCIsXCJud01ldGVyVGhyZXNob2xkXCIsXCJud01l%0D%0AdGVyRGVmYXVsdERheXNcIixcIm53Q29udGVudENhbGxiYWNrXCIsXCJud0lsbGVnYWxDaGFyc1wi%0D%0ALFwibndQYXNzd29yZExlbmd0aFwiLFwibndEb05vblN1YkNoZWNrXCIsXCJud1NraXBDb25maXJt%0D%0AYXRpb25cIixcIm53VGhlbWVcIixcInVpVmVyc2lvblwiLFwibndMYWJlbENvbG9yXCIsXCJud0lu%0D%0AcHV0Rm9udFNpemVcIixcIm53SW5wdXRGb250Q29sb3JcIixcIm53RmFjZWJvb2tcIixcIm53R29v%0D%0AZ2xlXCIsXCJud0RpYWxvZ1dpZHRoXCIsXCJud0RpYWxvZ0hlYWRpbmdcIixcIm53RUNvcHlcIixc%0D%0AIm53RGF5UGFzc1wiLFwibndUZXJtXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFst%0D%0AOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNj%0D%0AcmlwdGlvblwiLFwibmV3c19rZXl3b3Jkc1wiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9u%0D%0AXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCJdfSJdLFstMTIsIm51%0D%0AbGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDA0NDI0Nzc4NzYxMDYxOTQ3fSJdLFstMTUs%0D%0AIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCww%0D%0ALDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIw%0D%0AMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjE5NzgxODEyNDEuMTY0ODMwOTY5NiJdLFst%0D%0AMjEsIkF6ZUNid3ZmIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJd%0D%0ALFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTcxMDAwMDAsXCJ1amhzXCI6MTUyMDAwMDAsXCJq%0D%0AaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjIsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJl%0D%0Abi1VUyJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIs%0D%0AMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIyIl0sWy0zMywiLSJd%0D%0ALFstMzQsIi0iXSxbLTM1LCJbMTY0ODMwOTY5NjU2OSwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8z%0D%0AXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwwLDAsMSwwLDEwNSwzMzgs%0D%0AOTQ4LDY1MCwwLDIwNDMuMywyMDQzLjMsMjc4NiwyNzg2Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiww%0D%0ALFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxz%0D%0AZSxudWxsLDBdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMs%0D%0AIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxb%0D%0ALTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCww%0D%0AIl0sWy00OSwiLSJdLFsiYm5jaCIsNjJdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A431%2C%22y%22%3A6905%2C%22w%22%3A738%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=e14fJ0VraR&sdd=%7B%7D&pto=2795
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 9c48e1fc353b1cce9268a3878d9e6f6974b4b55be1d5ff5780e52d1535653208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1672
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 354 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 2 KB
2 KB 99ms
99ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=6601c81d-eba7-447f-9913-4b77be8dfd1c&bctempid=&overruleReferrer=&time=2022-03-26T15%3A48%3A16%2B00%3A00&ts=1648309696638

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

79e645f1f8b17b090636f01ba6be1f67e490339cbad62e9db1197dad4e19f489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 806
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 354 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 246 B
913 B 96ms
96ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=6601c81d-eba7-447f-9913-4b77be8dfd1c&bctempid=&overruleReferrer=&time=2022-03-26T15%3A48%3A16%2B00%3A00&ts=1648309696667

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

e64f9b7378c58ff4f389bf8a0eb21aaa297d72cc4ba64ddb044976b0bafb2b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 185
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: soundpublishing.blueconic.net
URL: https://soundpublishing.blueconic.net/plugin/plugin/fe2748ae297beac360acc6bc2eb65499

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d94d035ee059c3587c97f407f2a48710b7b6f344e3afa6692c6533dd1ce7b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uhsKHtqC5wsJiiPVlX4LeA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: RGZ311CTmA8V53sxqxYEIFP15Fnkbk02FeE75j1tUDG3x0buzk3ZiQv4gb5dFHUtyg/r4Ub7HYGL/c9kUE/7dQ==
x-fb-content-md5: 1fbd3174c41f7744ea164980a4f01986
x-frame-options: DENY
date: Sat, 26 Mar 2022 15:48:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "434e11684b851b8506ea0471edc06a34"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 26 Mar 2022 16:05:19 GMT

POST
H2 200 354 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 373 B
909 B 140ms
139ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=6601c81d-eba7-447f-9913-4b77be8dfd1c&bctempid=&overruleReferrer=&time=2022-03-26T15%3A48%3A16%2B00%3A00&ts=1648309696675

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

48f61ffc80d0ed351d4f020f7a675c5dc8e1dbf0d7fbd1fe9922a6e8abcb888b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 176
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 354 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 187 B
902 B 142ms
141ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=6601c81d-eba7-447f-9913-4b77be8dfd1c&bctempid=&overruleReferrer=&time=2022-03-26T15%3A48%3A16%2B00%3A00&ts=1648309696676

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

8a813f5974c5c804073c051334b88bbbb33050be5442a75ef9e4c3abd6bdcc57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 166
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 354 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 187 B
900 B 155ms
154ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=6601c81d-eba7-447f-9913-4b77be8dfd1c&bctempid=&overruleReferrer=&time=2022-03-26T15%3A48%3A16%2B00%3A00&ts=1648309696677

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

c4561b08958a46dc3feec476ca41390964583b28686fcd11a6f268b8272941ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 166
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
soundpublishing.blueconic.net/DG/DEFAULT/ 66 B
862 B 153ms
152ms Script
text/javascript 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/cs?bcsessionid=6601c81d-eba7-447f-9913-4b77be8dfd1c&&callback=bc_json355

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

07ddbded318b776a7225b9a9841c6a3614d22273524c505679852ba7e22acb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 2CD7 183 B
554 B 19ms
19ms Script
application/x-javascript 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=658444&tid=536dfdeb5b2346dd9672db73ec45d1229162c0f2&mode=1&dmn=www.heraldnet.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 050ac56af5956ba98f655f5928f353ecd9e91f88dad34566266142c81587f372

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 165

GET
H2 200 prebid_FtSDHt.js Show response
b2cdn.automatad.com/js/ 210 KB
67 KB 33ms
32ms Script
application/javascript 185.93.2.243
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/js/prebid_FtSDHt.js
Requested by: Host: go.automatad.com
URL: https://go.automatad.com/geo/FtSDHt/afihbs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-93-2-243.datapacket.com
Software: BunnyCDN-FR1-827 /
Resource Hash: 67d508a44c5c2487c4541453fcfcc42e691d2dba2a28e4dea0390509287a2f70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: br
x-openstack-request-id: tx8e0b8de46be3468b9e61e-00623af3a3
cdn-edgestorageid: 827
access-control-allow-origin: *
x-iplb-instance: 28795
cdn-cachedat: 03/23/2022 11:54:00
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: tx8e0b8de46be3468b9e61e-00623af3a3
server: BunnyCDN-FR1-827
x-timestamp: 1648030393.46761
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Wed, 23 Mar 2022 10:13:14 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F3:EB19_8E2CE366:01BB_623AF3A3_5B670D8:0E5E
vary: Accept-Encoding
x-object-meta-mtime: 1648030375.992223467
cdn-cache: HIT
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: 21648153299cf03ce515bd2ddf4940de
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sizzle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 19 KB
7 KB 54ms
15ms XHR
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js

Requested by

Host: go.automatad.com
URL: https://go.automatad.com/geo/FtSDHt/afihbs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2485455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6679
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd4-4dc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6dfXSzRvm85SAonHL0KRSAa1%2B4bGnWFJl%2BOtiSns9A7rbvZ%2FdTVH8ilyyY3TcVVodXutxmIqXD%2FV9YH7QpYzI9lF2zwdC69WTHcvF6CxEuT1E6IHDDiAAm%2FTY4s15zViXXEUct9ms6VGyhSUjvmaQRn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f210798dc1e5b6e-FRA
expires: Thu, 16 Mar 2023 15:48:17 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 411ms
91ms XHR
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1648309696717&sessionId=5fe4f723-10b9-92e7-e7d7-f7ebd99796de&url=www.heraldnet.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:17 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 1060fc633e14e2f6db9588bfac63841b
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 12 KB
4 KB 184ms
138ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&idx=0&rand=31652&key=NANOWDGT01&widgetJSId=TF_5&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=5fe4f723-10b9-92e7-e7d7-f7ebd99796de&fdu=www.heraldnet.com&px=431&py=7319&vpd=6119&cw=738&activeTab=true&darkMode=false&settings=true&recs=true&version=2000645&sig=AzeCbwvf&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c1ec22ba6579e94254a4121e4f357ea5ba75b8dedc88417a07bd9fba626d77ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1648309697.429633,VS0,VE132
accept-ranges: bytes
x-served-by: cache-lga21949-LGA, cache-hhn4059-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 3a201eb8c9f9df300a59cc086631251a
content-encoding: gzip
content-length: 3932
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7F79 0
18 B 20ms
10ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.heraldnet.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.heraldnet.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Sat, 26 Mar 2022 15:48:17 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 22ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ba18f7586676cc717911f3cb741b1fa4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

701f4c61adddc1617886e55ef3ca523dc72fedb697fc5e694b2c2508668eadfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.heraldnet.com/
Origin: https://www.heraldnet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: J+Z87Y32L14WeHnQJMMJSw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84111
x-fb-rlafr: 0
x-fb-debug: Mk1BTwlztYNq72QnT4Jw4+sjM+3FRbKF9fOYlZ7lxIkw5eQaK2zfsqkktm0kMyOTcN1HxiEjYA2mz4jhnLkkWQ==
x-fb-content-md5: 6babbda6bd7eacf1dc28b2ca6217fb5b
x-frame-options: DENY
date: Sat, 26 Mar 2022 15:48:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f862281a7a39a2d12b00e05058eb4bbf"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 26 Mar 2023 14:33:23 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 2CD7 261 B
845 B 32ms
27ms Script
application/x-javascript 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=658444&tid=m_658444_708359ece48a4acda522b373080e3d14&cb=undefined&mode=1&ifr=true&od=www.heraldnet.com&time=15%3A48%3A16&fd=1&be=cr&loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&orig_loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=m_658444_708359ece48a4acda522b373080e3d14&iv=ov
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 443eb58bb9fc1db1cdf7aa009b8df3a5bc6c833966bb684fc046b91fbd26d22e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 211

POST
H2 200 354 Show response
soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/ 187 B
902 B 100ms
98ms XHR
application/json 3.234.170.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soundpublishing.blueconic.net/DG/DEFAULT/rest/rpc/354?referer=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&bcsessionid=6601c81d-eba7-447f-9913-4b77be8dfd1c&bctempid=&overruleReferrer=&time=2022-03-26T15%3A48%3A16%2B00%3A00&ts=1648309696771

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/soundpublishing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.170.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-170-180.compute-1.amazonaws.com

Software

- /

Resource Hash

aea6e8c7e4689d4c1b4ef0745977ce004089c64d209b06a46bd92d88ed4e4e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.heraldnet.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 166
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 97ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.heraldnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 95ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.heraldnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
11 KB 308ms
308ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3981531991250141&correlator=726080871905669&eid=31065614&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=21804848220%3A1036994%2Csite%2C300x250&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=830019824&sfv=1-0-38&ecs=20220326&fsapi=false&prev_scp=mod%3Dfi_ap_btf&eri=1&cust_params=brand%3DDailyHerald%26pin%3Dheraldnet.com%26section%3Dnational-marketplace%252Cros&sc=1&cookie=ID%3D0ea11e6eb4a8f4d0-223c4df265cd00e9%3AT%3D1648309697%3AS%3DALNI_Mb0FwTCS-G5J4eNGHX2ZX4efEBP3g&abxe=1&dt=1648309696839&lmt=1648309696&dlt=1648309695074&idt=1341&biw=1600&bih=1200&adxs=650&adys=5858&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=640x250&msz=300x-1&fws=4&ohw=300&ga_vid=1978181241.1648309696&ga_sid=1648309696&ga_hid=120539578&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

02346ed14a17e5637ba289c1d943b8bd69a806cefd896b255b21ccc71eaa5f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11251
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 34ms
34ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1458930781088413&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ba18f7586676cc717911f3cb741b1fa4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: bzQFa9X+fj9I0ndBj54Kpb5i4+83L85Vet1mfbrl5VDKZDmB5ZZN6g7Psw2/PLpTkgaf/deqc9uOYEA1CJUjRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Sat, 26 Mar 2022 15:48:17 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.heraldnet.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content beacon
gslbeacon.lijit.com/ Frame 7792 0
0 81ms
27ms Document
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=m_658444_708359ece48a4acda522b373080e3d14&rand=3027&informer=13413446&type=fpads&loc=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 2CD7 4 KB
4 KB 31ms
31ms Script
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=658444&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 1767b25e798fb33f366623bf4b57dba5a3e3e1200a8ef80a3327790b1d2b6fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:17 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: application/json
Content-Length: 3912
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap7ams1.lijit.com/addelivery/ Frame 2CD7 43 B
552 B 92ms
31ms Image
image/gif 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap7ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=658444&tid=m_658444_708359ece48a4acda522b373080e3d14
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:17 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap7ams1.lijit.com/data/ Frame 2CD7 43 B
169 B 91ms
29ms Image
image/gif 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap7ams1.lijit.com/data/fp?tid=m_658444_708359ece48a4acda522b373080e3d14&zoneid=658444&starttime=1648309696685&adcfg=3&adcfg_response=56&addelivery=61&addelivery_response=165&lgfired=167&beacon=169&container=170&EOL=170&ctstart=0&elapsed_ms=170
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 2CD7 0
199 B 37ms
7ms Script
text/plain 104.90.148.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1/d/t.dhj?dmn=heraldnet.com&GDPR_v2=&pubid=soundpub
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.148.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-148-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sat, 26 Mar 2022 16:48:17 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 2CD7 43 B
169 B 39ms
39ms Image
image/gif 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=m_658444_708359ece48a4acda522b373080e3d14&zoneid=658444&cid=18&geo=DE&all_tags=590%2C604&tss=35&fired_tags=590&count=1&status=1%2C8&elapsed_ms=35
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:17 GMT
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 310ms
92ms XHR
application/json 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1648309696911&sessionId=5fe4f723-10b9-92e7-e7d7-f7ebd99796de&url=www.heraldnet.com&cheqSource=1&cheqEvent=2&responseTime=710
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:17 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a312c6831bfcc291ed951939223ada46
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 97ms
97ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136ee6c435e341839a9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e46042e9e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c0250616e96567ac940a61efc89825d957bd1fad811bc551c8c96dd82a77c3d835d277c581b9a1dbeaea4f79fe7de0eaa9205737bd876594b417b24c4655855e5281d3c38681eb923bce6a88de93a349cd5c5513a2372a9493c01b2483b974aa01b3c91d9622fb7d184c54cc30ed598cc1fb78ecd26b8752a798ccd527d6195178e8121e546e4a70c1a064a209d5c18869a99d73f69d20d98ca6f17e9fb9e04974708be85909d2bc055f4df5e1e224f527cdaf01b2b97bf161e264d30a815394b57f944b7af9f1d07b636a375a6e161c55f5a2913f8d5cf4580d1a7dada91a89ce4d5fbafbc2ebe238dfb5bbbb9ba1ebec0c107ea00499a4457cd7167711d67f4f3339a738f0280bc8eadd71c83cc52fe0aa30ceb80485780d273c01791b80c3e5d82066539a195988d5d9bfacd750039eaca07b96cd1e67ca8100367b8de4cb4a33e5358f5e8308a66e8918dfd401bbef70a4cecaa1c7023cabb96534907ce2cff5fe0a8e2f74040f9425&cb=1648309696911&cri=e14fJ0VraR
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 9ms
8ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
last-modified: Tue, 08 Mar 2022 10:17:27 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1646735198.653837"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Mon, 25 Apr 2022 15:48:17 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 362ms
85ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6b77803b8d50d21241f4ca15a55e16a3_39028_1648309697504&tm=914&eT=0&widgetWidth=738&widgetHeight=37&widgetX=431&widgetY=7578&wRV=2000645&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=187&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
X-TraceId: f2aa733111b4bdf2c852785ce70f15c7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000645/module/ 37 KB
14 KB 14ms
11ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9202a11aa05cd2ff82889ec9e2bad185930db44a17c18acfc1c238b0897d49d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:30 GMT
server: AkamaiNetStorage
etag: "e96dc1cb53e0f4a444425fc1e65d7986:1648020508.055022"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13578
expires: Sat, 26 Mar 2022 19:48:17 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 12 KB
12 KB 10ms
9ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
last-modified: Tue, 08 Mar 2022 10:17:27 GMT
server: AkamaiNetStorage
etag: "65df986ae65cffdf92a926e7c42a25a8:1646735215.245644"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12268
expires: Mon, 25 Apr 2022 15:48:17 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 125 KB
36 KB 1072ms
1054ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&settings=true&recs=true&widgetJSId=TF_5&key=NANOWDGT01&version=2000645&apv=false&sig=AzeCbwvf&format=html&rand=54005&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NmI3NzgwM2I4ZDUwZDIxMjQxZjRjYTE1YTU1ZTE2YTM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11741-81573&layeredTestInfo=11741-81573-&clss=VO4CFvs18NekAGzobAYPdXNuwcsnxQRB1RxZAvZpDuA%2BrGVghNCXZoIKdiuCtf0QLzGpL%2BV3%2BmnEdhb0&dpr=1&cw=738&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c265b2ad3b37b6490ba18353f0462823dbd082816145892b7f7cb075f16f5957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1648309698.633267,VS0,VE1047
accept-ranges: bytes
x-served-by: cache-lga21953-LGA, cache-hhn4059-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 6e060dfdf48791ef4f76981e6913316a
content-encoding: gzip
content-length: 36638
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
944 B 9ms
9ms Image
image/svg+xml 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 26 Mar 2022 15:48:17 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-77-nzt-ray: bPckVU1zoeY
age: 48
x-edge-origin-shield-skipped: 0
x-cache: HIT
x-age: 15246113
content-encoding: br
x-77-nzt: AcO1ryzmnLn/IaPoAA
x-accel-expires: @1658983584
last-modified: Thu, 30 Sep 2021 16:45:19 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache: HIT
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7HZZvePIj9KrPDNiq1mRQizBO4L0n49vWYa8WihUqi48Pz1X2dcUnQ==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
986 B 10ms
10ms Image
image/svg+xml 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 26 Mar 2022 15:48:17 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
x-77-nzt-ray: v/WVSeXWySM
age: 47
x-77-cache: HIT
x-edge-origin-shield-skipped: 0
x-cache: HIT
x-age: 15246114
content-encoding: br
x-77-nzt: AcO1rywskgD/IqPoAA
x-accel-expires: @1658983583
last-modified: Thu, 30 Sep 2021 16:45:19 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=25920000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: M07nhJhbyyD19edIIqjgBybCprTJO48n8oMB1xztGCg1QRdlWdxVlA==

GET
H3 200 container.html Show response
245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E231 6 KB
3 KB 86ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Mar 2022 15:48:17 GMT
expires: Sun, 26 Mar 2023 15:48:17 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6FAF 624 B
733 B 143ms
52ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXboF4X68fVvpTGkm4ouBm9xdhT4wS2IIHrZO7mLCofKxFXXFO50gjC2CwuOlTanuHk-BKf9Oy-p46qj4oDmNGPD37R91WpMaLtwf2DVqG9GVMBAh3oA2bAKVnBhTdxe7HTVWSXAqQn7VHCSW1dGRo27ucLDZ5qK45XbmvXA-9oTEs72xo

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 26 Mar 2022 15:48:18 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E231 27 KB
16 KB 160ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl8udgbPAw514PG0rWBR27fe406_g66qss8ng7tdVs4O4ZbKpq8LkeVkRqtEwPyAdAvDcC27o0T7gienPpKoWM06cxljq-7cYWN2ADHUPiDcsYQ1Ywff09yOlgiNTnAhzki6PQ2-KMeS5Um5i8TYKdiV0pEQ&cry=1&dbm_d=AKAmf-A21iG-APTVAtLzWgoD-As74mWpN1D2Lux7rriuy1sQZhEYhsTNjtw46W0B3v6fw1f-cyCYV_zYmPuIAMJSHAMghNNx9WAkgh7hXymWqnFxX0Oa17wG4KVa7gvA3eIC9nnns6-s3TnYw8GUOqxP1GdpJjAZ421Af4GCEGpa_9JWkbS7s50ZTqP_dSoYOTtnEQ8AhEP4qH8aNq6yRmvRGhBqmYR-3Y3X102Is-UXPNl4HF0rnozjpbevKs_MmzREdUbFk2YIPlZppqyFkjftamb5rLyvit_wHgJ4K5FuBZpRDleTeE1PTTchlFkjc83lnNvBPCjMJL8xiaA5EKXoVwkvcTODLjQZXHwArvj64bdSx9H1OxGBpHtrI-lG1K4fz9ql_V9A5sqEGagURBnctNKQEsnzlu_PgG0hK-rJVQxzHf3OLqtUaLatu4ePlJxEL7Q_Vs_QSKzHozIJcHwNlUvpghRv1m1_gXEWrGCHbxBlxsQBSWkgZdhOe1ghItwMNy_iI1ywEF1xeeE-ETRdMOGD2cdJXujjLkV72Loy1mnycpkht_rDaeNHXkLRmezOJssdhM8lDnbYizvlHmQeYAb4Cntdldan2D4aLOoCxDWy68CAWB6UZ6C43ZnSmjSKTC2CQScwPTJqpH6mSDWGbwZsJb0DYO9nonaGrQdl7Q5sJwYt2-5IwC_UypwwS3-2Pu4w2dQI03FQg4ziCqe0aP82-lSnzmntCXEnfF4AMbs0OuFAeUF_6DpPz4f6ScJBB1nYqZO2JPSFVysVC1IrcAefpGc70aQWhxstXWgcUU8_lCrRz4dsd5GHvb87_FsABZUd9KzqXtYvH4oqss_yil3vaRVMpN_161m0zc1OiVPidNeZ7zwKziSR4vFujc7suN_Ugx6oBRRi8MBYaQtBvW3U0CRpo2MbTdvaxjTezpbX4IexxzpF65IDJaHP8F-Sgu8TrWXM-8B96ALQtdXYkZ6fhKGTlrSqhB3IAIqbhgVYA_PIMPTaU0VBrQYf27wQs6AGTrY1SR_vWNYxh158DIbxCO5jS9JA-VPA1YXpgoA8YmjpSeMCW_BeryDPagw0wITzVC8xJdwmHPK730Xukg3SAS0iVWxsi2TjMRhcWufBOmxBpk9ql73qzxGIjC8beIE_gkP1UWI1fqRJ4KS9j8pK3j6bRPgFwnTvFo_CBCFg7Ml7oJUT0YfGb2ZRbaAEKY6Nelk1xFBLjqpzcqGK-gpvXO2SFkWHv1rWdnAPGuHycWgk0hSQ_WDVw9TM9fiX9xoaVmDNtOTD6PgDjpljTpRqVMlJZrOB6tYq2xw6UehcRRUBEE6MMh2k7iLwycl4wmKs4xXaBkLr-BiFx6DALQTv4lUtdpC1-SveCk8ZtOTa2HF82hyih0nd8WKMclJT6Xr0HmhhIgMjdA-oRQJ2xF4OW8SHYuArbWKevo8VT9Q9KndGARSeAOp-U6zjSx7rxS0m6Y-omQykGNEyrPsMvrmKLjC2mco4vl-H_qeH9SYFNhxzBwKAV8IhbZr82nPLdwfPEAxoGbXPvWJXnCLCdPTOjCkyyoFScnyfFQLUYl1DwGEEOBIwxXSxeSJ0T1iLwELCR2hS5uzpO2-BPlCmC1F_kICAvfEd_catXXm_WaHdpjQLWSW3c3hKDtBTYGe5ZK3FFQaMejuQIVafWmup0YHuRFO-kuBBjx7zeSEcQp4dzW9MWL9gsCaZxdfdzR3qHeLQ2tOCsojrrVgl8_8p0qjUQL3IFJpvHgpNcbKzSDSqfMM5vLXuHBERdS5irTv15HcdwniVWwjPgMUOmpkswrisCL5oHi2Xcd8Tzd2Udx56Y-KEUeR3wAupZlrlRNvfxCtZM6D94xFyuSpuZiBfoEHpbLae6cgMqVK1kkOTS0qE6JtfTKlNqkUukIYf6hWjN4BO96iY0-t4h1S1lolQSIYLpaXE0UNtsW4xrv2NlW34rLNPnNKy2pkNi4e-suWDGubRGWYG7gIpeFku77p1Ff7ZIlgajQXORi_EXdGNtx_5WMSkLKl4L_8h1jPPYL5_u9_MVjhfvDAmpBNA1kf4jYjtPlQj0bH1PjGbQ-dfNKzHGbmaSOayeM2rnxe980KQXV2ArWlihC1Ypo-OQGjCTb6dVattNFMw0BBN4UjAIsRsMHp7n754oXvL5500YZ3d-LSY2ucV7CWEww5qtgNFyWtDUbVCh0aVg4LPeji-1LQOt1ONnk_v6mq-95-tJJTWlr2v2zxWz0J6skCeusSrCdIMY_9wO6UOLMPn9CnDVA1cJxCtGsv0F3RnwgdMp44ATO17VQtwcDV78w6VDTCdQLk5tW0Z58gGAK_-Ohjz6PWjDek0UC80M0jN87W1yPG2z3-iaJvRd2XcQVIIoH7PS1_9mKiXIIdd7kTsh_6VZIRNw49haRgvA7Dufr_Gw9ZRmUymumiLiupXCi9x0WhcbF2ZXYMkclk2dzkI7Gr18Jh-1dESg93TOUeMkOOowFBbfNZW15FojE3APUHdKHQFSjJMBx-5axX19ZqW47JYd6emRedRUjdpKmtAhtgnHOsK2b8L3jZVhe0kFoW92UvYfZMnFzKzwJLj6qyoLDhRo6PFQeW7zcIetfFScL2EfoYJGWjuLgKOmqQDlcL23v-UHTOSE2v2LSRsHWSWaMxLq2sAUfIQcOVD2KjoU0Ywn6a-VZp6yq-McegFoxrpUQwqXfZxyG2cQQJQyfKgVBACPi2BjCsILmv342N-l_2PfTcXcKksyXwy4vi6W7k1h_XYDzSlbzE1Ed0K1C6eqW-UTdS-hBm_Nvb5OmSjC6tmpH_MGwiXR6-NS6DuAYtIrDdMx64o7tRzTUSbqtKqm6z_gUYp11zCPHOPvQJ6c53sDCQusLU84DwQ9RWRdTmfJHtWwBhjoV6DFQvWmeX8sVa0acYwlT8etiISW7vPEL0J345rSmoNk9zepC3Fuc7Ai2oZEmnMnckXa9WniVuIlirxv1eLzsWCCNZWaMEBXG2HaWGY1ghF-zLEnt-_tGPUjs8An_qVrE90-YRHk3Htu2-TKDlkmoloBWR2lGAQLl_DY3_nWc3T8R53l5KrIBPQ-HmBJEoflm78xBRUZthrSkeVl8PxJ6p4uQ5IX5DGriz3oBk3pA1bWH9hdoWlh32GlpErHw311tDG824ZGB1OEafj82sWpqM1WDiPznE5JSlSHkXC3-1cGhVAiFBw2gpEjm3hcA_WiGXw-Y_r8Jj6aP8k31BqdpAIcGVvVGkMwd_eXFrVE1EbX7N5YRYzZtOFm3zJygdHDsqs7l965zEOfmoj8Y57M-b4-Wo85zjqE8GxZhjTXKesqjhz5kIE8YPcoDPMgFsh1ogpoA7GElpctWzRmUD1F2hlHPBd3YH3Oy-Q6CrhsvC1Jg2uI169UCAqPM8fof9hwzWU4zYNruhwM0Axx9QImGvViHO74N30PXjELoppRYQOC_jP2kyv7S5bUTuyF1s4uv-dlm0tvVpgO3SIKE3uKr-W2xvRS40QzsALvgZ7X9l3Loi_0-gG1o1ZU-_rijtDh5K_hZ2yLo8l-37g4IxTVpoyRnpXknDy4d4P1bk1pkGuK9dp20j68eBi_6H_a0N9kgr1QxtZQ6-9h6VDRXHrkc-P8bs&cid=CAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g&rfl=1%2Chttps%253A%252F%252Fwww.heraldnet.com%252F%240

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a603d7555a7e1933527cda0ab5a93224474273d957d55488806b70e7ab72be1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E231 42 B
494 B 164ms
69ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CBe-Dajr9BE3TAPh6z6ERQNsZycW6cQKJoLYbeWBF3rJI0R6ZwcVBuVEPImUTv9zLMweyXcabiYegAS9TyDMScU5adtvNaJBD_0EdPK0b-ncIjwGA

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame E231 2 KB
1 KB 138ms
44ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 15:35:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E231 119 KB
36 KB 111ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 15:48:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame E231 15 KB
7 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 15:40:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E231 0
0 47ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIe4Kq0KDZ4mX5FwW5D8WaqNfXmBOEPQpR5X8pCAOFmsx0hlK-PFbVZQm3ojRLPRfZ6eBqrTuHhx288u8nr9befgW4bQ
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6FAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1

43 B
1014 B

60ms
29ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXboF4X68fVvpTGkm4ouBm9xdhT4wS2IIHrZO7mLCofKxFXXFO50gjC2CwuOlTanuHk-BKf9Oy-p46qj4oDmNGPD37R91WpMaLtwf2DVqG9GVMBAh3oA2bAKVnBhTdxe7HTVWSXAqQn7VHCSW1dGRo27ucLDZ5qK45XbmvXA-9oTEs72xo
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 26 Mar 2022 15:48:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6FAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yj81wkeoHZL2uzih6ELP.gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1&google_hm=2

43 B
894 B

30ms
30ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXboF4X68fVvpTGkm4ouBm9xdhT4wS2IIHrZO7mLCofKxFXXFO50gjC2CwuOlTanuHk-BKf9Oy-p46qj4oDmNGPD37R91WpMaLtwf2DVqG9GVMBAh3oA2bAKVnBhTdxe7HTVWSXAqQn7VHCSW1dGRo27ucLDZ5qK45XbmvXA-9oTEs72xo
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 26 Mar 2022 15:48:18 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCpzQyii8bfiCFF8kZp5e4&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6FAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOKJ8XnkY4Q1uayx-1FewFc&google_cver=1

43 B
1020 B

7ms
7ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOKJ8XnkY4Q1uayx-1FewFc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNXboF4X68fVvpTGkm4ouBm9xdhT4wS2IIHrZO7mLCofKxFXXFO50gjC2CwuOlTanuHk-BKf9Oy-p46qj4oDmNGPD37R91WpMaLtwf2DVqG9GVMBAh3oA2bAKVnBhTdxe7HTVWSXAqQn7VHCSW1dGRo27ucLDZ5qK45XbmvXA-9oTEs72xo

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d38ec1fd-3c4e-4c4b-8a9a-60cf8c05223b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOKJ8XnkY4Q1uayx-1FewFc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6FAF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzc0MzkzOTA3OTI1ODYzOA%3D%3D

170 B
502 B

83ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzc0MzkzOTA3OTI1ODYzOA%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: edab613e-5a54-4df1-8996-e14d38e1a049
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg3Mzc0MzkzOTA3OTI1ODYzOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame E231 25 KB
9 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cl8udgbPAw514PG0rWBR27fe406_g66qss8ng7tdVs4O4ZbKpq8LkeVkRqtEwPyAdAvDcC27o0T7gienPpKoWM06cxljq-7cYWN2ADHUPiDcsYQ1Ywff09yOlgiNTnAhzki6PQ2-KMeS5Um5i8TYKdiV0pEQ&cry=1&dbm_d=AKAmf-A21iG-APTVAtLzWgoD-As74mWpN1D2Lux7rriuy1sQZhEYhsTNjtw46W0B3v6fw1f-cyCYV_zYmPuIAMJSHAMghNNx9WAkgh7hXymWqnFxX0Oa17wG4KVa7gvA3eIC9nnns6-s3TnYw8GUOqxP1GdpJjAZ421Af4GCEGpa_9JWkbS7s50ZTqP_dSoYOTtnEQ8AhEP4qH8aNq6yRmvRGhBqmYR-3Y3X102Is-UXPNl4HF0rnozjpbevKs_MmzREdUbFk2YIPlZppqyFkjftamb5rLyvit_wHgJ4K5FuBZpRDleTeE1PTTchlFkjc83lnNvBPCjMJL8xiaA5EKXoVwkvcTODLjQZXHwArvj64bdSx9H1OxGBpHtrI-lG1K4fz9ql_V9A5sqEGagURBnctNKQEsnzlu_PgG0hK-rJVQxzHf3OLqtUaLatu4ePlJxEL7Q_Vs_QSKzHozIJcHwNlUvpghRv1m1_gXEWrGCHbxBlxsQBSWkgZdhOe1ghItwMNy_iI1ywEF1xeeE-ETRdMOGD2cdJXujjLkV72Loy1mnycpkht_rDaeNHXkLRmezOJssdhM8lDnbYizvlHmQeYAb4Cntdldan2D4aLOoCxDWy68CAWB6UZ6C43ZnSmjSKTC2CQScwPTJqpH6mSDWGbwZsJb0DYO9nonaGrQdl7Q5sJwYt2-5IwC_UypwwS3-2Pu4w2dQI03FQg4ziCqe0aP82-lSnzmntCXEnfF4AMbs0OuFAeUF_6DpPz4f6ScJBB1nYqZO2JPSFVysVC1IrcAefpGc70aQWhxstXWgcUU8_lCrRz4dsd5GHvb87_FsABZUd9KzqXtYvH4oqss_yil3vaRVMpN_161m0zc1OiVPidNeZ7zwKziSR4vFujc7suN_Ugx6oBRRi8MBYaQtBvW3U0CRpo2MbTdvaxjTezpbX4IexxzpF65IDJaHP8F-Sgu8TrWXM-8B96ALQtdXYkZ6fhKGTlrSqhB3IAIqbhgVYA_PIMPTaU0VBrQYf27wQs6AGTrY1SR_vWNYxh158DIbxCO5jS9JA-VPA1YXpgoA8YmjpSeMCW_BeryDPagw0wITzVC8xJdwmHPK730Xukg3SAS0iVWxsi2TjMRhcWufBOmxBpk9ql73qzxGIjC8beIE_gkP1UWI1fqRJ4KS9j8pK3j6bRPgFwnTvFo_CBCFg7Ml7oJUT0YfGb2ZRbaAEKY6Nelk1xFBLjqpzcqGK-gpvXO2SFkWHv1rWdnAPGuHycWgk0hSQ_WDVw9TM9fiX9xoaVmDNtOTD6PgDjpljTpRqVMlJZrOB6tYq2xw6UehcRRUBEE6MMh2k7iLwycl4wmKs4xXaBkLr-BiFx6DALQTv4lUtdpC1-SveCk8ZtOTa2HF82hyih0nd8WKMclJT6Xr0HmhhIgMjdA-oRQJ2xF4OW8SHYuArbWKevo8VT9Q9KndGARSeAOp-U6zjSx7rxS0m6Y-omQykGNEyrPsMvrmKLjC2mco4vl-H_qeH9SYFNhxzBwKAV8IhbZr82nPLdwfPEAxoGbXPvWJXnCLCdPTOjCkyyoFScnyfFQLUYl1DwGEEOBIwxXSxeSJ0T1iLwELCR2hS5uzpO2-BPlCmC1F_kICAvfEd_catXXm_WaHdpjQLWSW3c3hKDtBTYGe5ZK3FFQaMejuQIVafWmup0YHuRFO-kuBBjx7zeSEcQp4dzW9MWL9gsCaZxdfdzR3qHeLQ2tOCsojrrVgl8_8p0qjUQL3IFJpvHgpNcbKzSDSqfMM5vLXuHBERdS5irTv15HcdwniVWwjPgMUOmpkswrisCL5oHi2Xcd8Tzd2Udx56Y-KEUeR3wAupZlrlRNvfxCtZM6D94xFyuSpuZiBfoEHpbLae6cgMqVK1kkOTS0qE6JtfTKlNqkUukIYf6hWjN4BO96iY0-t4h1S1lolQSIYLpaXE0UNtsW4xrv2NlW34rLNPnNKy2pkNi4e-suWDGubRGWYG7gIpeFku77p1Ff7ZIlgajQXORi_EXdGNtx_5WMSkLKl4L_8h1jPPYL5_u9_MVjhfvDAmpBNA1kf4jYjtPlQj0bH1PjGbQ-dfNKzHGbmaSOayeM2rnxe980KQXV2ArWlihC1Ypo-OQGjCTb6dVattNFMw0BBN4UjAIsRsMHp7n754oXvL5500YZ3d-LSY2ucV7CWEww5qtgNFyWtDUbVCh0aVg4LPeji-1LQOt1ONnk_v6mq-95-tJJTWlr2v2zxWz0J6skCeusSrCdIMY_9wO6UOLMPn9CnDVA1cJxCtGsv0F3RnwgdMp44ATO17VQtwcDV78w6VDTCdQLk5tW0Z58gGAK_-Ohjz6PWjDek0UC80M0jN87W1yPG2z3-iaJvRd2XcQVIIoH7PS1_9mKiXIIdd7kTsh_6VZIRNw49haRgvA7Dufr_Gw9ZRmUymumiLiupXCi9x0WhcbF2ZXYMkclk2dzkI7Gr18Jh-1dESg93TOUeMkOOowFBbfNZW15FojE3APUHdKHQFSjJMBx-5axX19ZqW47JYd6emRedRUjdpKmtAhtgnHOsK2b8L3jZVhe0kFoW92UvYfZMnFzKzwJLj6qyoLDhRo6PFQeW7zcIetfFScL2EfoYJGWjuLgKOmqQDlcL23v-UHTOSE2v2LSRsHWSWaMxLq2sAUfIQcOVD2KjoU0Ywn6a-VZp6yq-McegFoxrpUQwqXfZxyG2cQQJQyfKgVBACPi2BjCsILmv342N-l_2PfTcXcKksyXwy4vi6W7k1h_XYDzSlbzE1Ed0K1C6eqW-UTdS-hBm_Nvb5OmSjC6tmpH_MGwiXR6-NS6DuAYtIrDdMx64o7tRzTUSbqtKqm6z_gUYp11zCPHOPvQJ6c53sDCQusLU84DwQ9RWRdTmfJHtWwBhjoV6DFQvWmeX8sVa0acYwlT8etiISW7vPEL0J345rSmoNk9zepC3Fuc7Ai2oZEmnMnckXa9WniVuIlirxv1eLzsWCCNZWaMEBXG2HaWGY1ghF-zLEnt-_tGPUjs8An_qVrE90-YRHk3Htu2-TKDlkmoloBWR2lGAQLl_DY3_nWc3T8R53l5KrIBPQ-HmBJEoflm78xBRUZthrSkeVl8PxJ6p4uQ5IX5DGriz3oBk3pA1bWH9hdoWlh32GlpErHw311tDG824ZGB1OEafj82sWpqM1WDiPznE5JSlSHkXC3-1cGhVAiFBw2gpEjm3hcA_WiGXw-Y_r8Jj6aP8k31BqdpAIcGVvVGkMwd_eXFrVE1EbX7N5YRYzZtOFm3zJygdHDsqs7l965zEOfmoj8Y57M-b4-Wo85zjqE8GxZhjTXKesqjhz5kIE8YPcoDPMgFsh1ogpoA7GElpctWzRmUD1F2hlHPBd3YH3Oy-Q6CrhsvC1Jg2uI169UCAqPM8fof9hwzWU4zYNruhwM0Axx9QImGvViHO74N30PXjELoppRYQOC_jP2kyv7S5bUTuyF1s4uv-dlm0tvVpgO3SIKE3uKr-W2xvRS40QzsALvgZ7X9l3Loi_0-gG1o1ZU-_rijtDh5K_hZ2yLo8l-37g4IxTVpoyRnpXknDy4d4P1bk1pkGuK9dp20j68eBi_6H_a0N9kgr1QxtZQ6-9h6VDRXHrkc-P8bs&cid=CAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g&rfl=1%2Chttps%253A%252F%252Fwww.heraldnet.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Apr 2022 15:41:56 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E231 41 KB
15 KB 93ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame E231 11 KB
4 KB 52ms
12ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 93707aca0fd669f39a84bc8feaadb3eadc37c5f35113b2aee9782333b91a902d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4127
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 32E6 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 195230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame E231
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

92ms
70ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0b782e3e1c9041f83abe4f0b1f10d7da9bd75c6a0860479c345c772a2373e86d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 31447600120403400710616011910015
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1095
Expires: Sat, 26 Mar 2022 15:48:18 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 26 Mar 2022 15:48:18 +0100

GET
H3 200 XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js Show response
pagead2.googlesyndication.com/bg/ Frame 32E6 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XFpjqGQyXlGhrIMtqUZEtOx9ZrcGJnYAFO97-LZexEg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 19:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13744
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 19:56:45 GMT

GET
H3 200 container.html Show response
245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A5D5 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Mar 2022 15:48:17 GMT
expires: Sun, 26 Mar 2023 15:48:17 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A5D5 22 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 14:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Mar 2023 14:30:35 GMT

GET
H2 200 launcher-1.0.0.js Show response
tj6w5.flx10.com/libs/ Frame A5D5 17 KB
6 KB 71ms
6ms Script
application/javascript 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 15:49:42 GMT
server: NetDNA-cache/2.2
etag: W/"621e4096-42ae"
x-cache: HIT
content-type: application/javascript
cache-control: no-cache
expires: Thu, 17 Mar 2022 02:24:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5D5 119 KB
36 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5D5 0
0 75ms
74ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseq8fOk0NcUqu8ordATVS5fk3cVEnsUuDQx77RmRzd0_ei29R2PGJRVvf9D7MG8focQILGDYEqQLlfNsEm99-kKllbw8v4-uBujJPAC2stWKG3XIGLdvLVcCFn9k1rR5gkenTvkXVf2sGGFH_kH_S_5JzrSN04tmNx1M2T_ybPe3pQmu_KI0RBaWAwf0fywdU0Hp1DzNClc1rbxDD76Kksvvs0SfDNttfmVF8z8EJH6MY46Vt7sfEUT6WYh-3lERxVRz_62UBg5hJonVMgH0m8G7tL_KNmIePc7PbioIfNjwX_qCM&sai=AMfl-YRnw2sd0RBoiI8uEetKOrddskPj4-hynd9QpcjI1kUJl0KXPOSzkGoTzz2rnkeA8ug0TSuYQTh9Xfrvn4aiH2VBGojr1L4tE52MRX5XU3Qavh1Ei-DZzQ96lIw5rKcs&sig=Cg0ArKJSzJcUa2fQNDtHEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 15:48:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame B691
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=31447600120403400710616011910015&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31447600120403400710616011910015&actionid=981741&produktid=&dt_url=

0
607 B

117ms
83ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31447600120403400710616011910015&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Hamburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 26 Mar 2022 04:48:18 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sat, 26 Mar 2022 15:48:17 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Sat, 26 Mar 2022 15:48:18 GMT
Content-Type: application/javascript
Content-Length: 0
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31447600120403400710616011910015&actionid=981741&produktid=&dt_url=
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA2:E3B0_91EFC182:01BB_623F35C2_135FF4FC:7DE1
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028

GET
H2 200 / Show response
adv.office-partner.de/ Frame 6711 930 B
931 B 70ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Sat, 26 Mar 2022 15:48:18 GMT
content-type: text/html
content-length: 552
x-accel-version: 0.01
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16b3be00-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Sat, 02 Apr 2022 15:48:18 GMT
cache-control: max-age=604800
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H2

200

htlp Show response
futalis.de/ Frame AF84
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=31447600120403400710616011910015&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1292636162

350 B
409 B

71ms
17ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1292636162
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: Apache
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1292636162
content-length: 0
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame E231 1 KB
2 KB 229ms
128ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=31447600120403400710616011910015&nw=1
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 69b9fd9fdcd402efd3a04b16e0c48c2a3520a52c20ab9089aadab457380c4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
Last-Modified: Sat, 26 Mar 2022 15:48:18 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1231
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame C5BE 7 KB
2 KB 33ms
11ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=01b38746bf&subid=&uid=b1ef76066233bb5d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZUL_wTU_YvSMIeyK7_UP2sOOuAG1zfmDV8zeuavlDPAuEAEg16-dc2CV4pCCoAfIAQmpAo1gQwYnbbI-qAMBqgSTAk_Qb_uCvMRACGRVO4Wq5NrNTkd_8zLqojldDEJ4dLIE8_sRRUGPxsm9AySPDevyKOCgcCS8NE2ROz6w6jAhZYZjHSMZiZwJIZMWvjFkMagQ3rxknu_pasTK0VNlKQhConMROeAhT0w-bTonAq4ZC_-qe1RI620wigN3aYiM8R7AHirm0GS94dyCEcxSV21IHXUzccH8RTqrnsUoHcPJ9KKKcn5SoCOyaFQNwSDAohFBNKh9i5ecvF4QjUf8yJYJz2FaMIBowhr1fLTslOsFLFrDcKuUp33J16wSv2r7xPibzDBZhY2wxoJh00IHdNiFMxYezQUoVhJPRfadyRzKscEBJg0E8qhly6Z7ST4a4wzMoyrnwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxNzc1MjM4MjQ1ODAxNzWACgOYCwHICwGADAGwE9yZ6w3QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoxpRSVfIBwI-hdUJe4GPOt92qUJgz6UvHWpwHtQcHBNsO8g%26sig%3DAOD64_3l8v4aM5hQkIfBbR-u7GxL1PodsA%26client%3Dca-pub-8648432769746717%26dbm_c%3DAKAmf-CpgKkt22ezeNSt1LJMDBKPd9ZK5ApmBD23KxTNJPnfFjSdphohWQeKr3BLQx7862J65HnJcHAKTlWRrZoMP7-4zGoPYxflal_8nt4WfjGvzIfAOGwJszseq6tNQfl-a7Qyj_mAsmrJjT3ns6UUVjh0YhHh3Q%26cry%3D1%26dbm_d%3DAKAmf-C8JEU8tGy91agx18rl7zQKnZfynwJFAZ70bRpInZX7zixkAoqoKX_JYz-uArTS5GXFz87yYX1wHg_GUNfbyRA0d1YKwhxBbrW5Qr0xI-Kbf7k-CSxMc5QYYifLClj_9S68ooxc6skyY-HeWj_eeRiFJI3yhQf_6Fw3SsLUbABgJR0Z22lpDePR9vosMDhO1sThc8uP9tGrrTpQBQ78u2Ux1AGVY450XjBuH1GTcKnrdH7NI_n_Es9Wt9TK3KTMp0SXcPYahwIBWDafSjhkZjjoQVYMBmv5b9MNdX-O50vKWafvJsOuQyc79wH0XlKMHMFnWGeRQxW0ysYjBfHbPJedVCRrOCE8Hrh0b_LKUDPBdSGWaM_1d0rgNYXmmNe-kAx1n452oMxfPLr6N77zfbRCDMf0qhxxtFZaWl00o_r2GmPTRlOW2l5Yq1x2bHUkYAyidPFzT555oU04RGSP7_DAuKK_Ce7s32pEOddIrp7HHzdTgiDwpkZE_tAkMQYqWnDU-INkHn89zkS8NBK1n3JpzE4q8MSv3Z3l_piZ513R7SbE9xPVcUtrnaKvgTZ8gDy8fbttrEdwJNcSDjbjqJhiVH8Jyw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.heraldnet.com%2F&ancestorOrigins=https%3A%2F%2Fwww.heraldnet.com&random=1877956032219&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5b34224e4f12e389b7d930230e30ce33a62fc27c6744a0677aca919a5ef0c2d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

Date: Sat, 26 Mar 2022 15:48:18 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 26 Mar 2022 15:48:18 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2047
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame E231
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=31447600120403400710616011910015
https://ad-server.eu/wm/pb/native.png

68 B
312 B

164ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:53:47 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sat, 26 Mar 2022 15:48:18 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA2:E3B2_91EFC182:01BB_623F35C2_135E2531:7DE2
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7362 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 26 Mar 2022 05:53:44 GMT
expires: Sun, 27 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 35674
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E231 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 147c3f11ad20a78f1aab28ace726457f75c2e43f09c4902c78a2ab9d83be4bbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame C5BE 4 KB
649 B 90ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 15:48:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C5BE 16 KB
16 KB 34ms
12ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: b1a6a7997551d617d417096c50bbfad234009376fb563132103dfe95c1d6c683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16464
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C5BE 16 KB
16 KB 36ms
12ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 29538458bfbfd7a7af07dda0eb37c2da8b1309c43825e7a802e0ecf2c2e645d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame C5BE 13 KB
13 KB 36ms
12ms Image
image/png 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 77df02596fd1112575c1216e4fcf85b08279a2b049f330625216deb1636e8218

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:18 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12988
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 6711 85 KB
33 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e3b76f1dc7aa8974b0a4625e59d82cb5decc2375db86bdf19504dc65429278b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33351
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
DATA 200
OK truncated
/ Frame A5D5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5231de80b5bd6da2a6403b9064c32125caac4857751eefb06d86355eff9aa3f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/ Frame 5BD6 88 KB
22 KB 8ms
8ms Document
text/html 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Requested by: Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1018ec3b2b783b7f33981b053bef66cef58bfe711159f2cf274339f5fa338fbe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-type: text/html
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
expires: Sat Apr 02 2022 07:43:02 GMT+0000 (Coordinated Universal Time)
vary: Accept-Encoding
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5D5 0
0 121ms
74ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4mjSxMsd6ki3HVbZ8MgnBRZJv2YmKlGckG-VrsKqerFJUN2SnT_7tMKrefk8yWaowhIi2JFlTgjMoayuwYXH4QXui8tg1E58JbOMP44CS6D4rZXu_9ZwgRXM4i-z7mO-KQY0YAJgqQVGcj7hyKGcMbDfS6XKCalCJoWMBvCnEHvlMBwPDyS3HumFDce9YOUa7Fh9Adv5TK0teTBPG5oAnnZQ2r52ABi1mvg4H7y-aYElUL711O3wArI7J4CJxiaZnU_wvMEpjv_hu-zhxY5Jmf5bol6-tyFUkLc-XeE8Xt1ah-0kn9A&sai=AMfl-YQelV9IxibTOl-x8GBYSlft8ptZOGgauOyQpkxOis_-ySxm8b6BM9IN7mqFlHb7bKUbw7qnkkN9PjEuBPqd0VPWYI21Q1GlJ7rgeT3QkfnAsrAgccoYX4nHlOgnW83r&sig=Cg0ArKJSzLKGqfc-RCI_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Mar 2022 15:48:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7362
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAaL9-yktmOhqoFXKszGyEI&google_cver=1&google_push=AYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlb...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAaL9-yktmOhqoFXKszGyEI&google_cver=1&google_push=AYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQ...

43 B
447 B

198ms
189ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAaL9-yktmOhqoFXKszGyEI&google_cver=1&google_push=AYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:19 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f2107a24b3c9a23-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 8488
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f2107a0585a9a23-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAaL9-yktmOhqoFXKszGyEI&google_cver=1&google_push=AYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl5cqiRvyMP4KGwbLQOYhp-ElRvdFN0hRmWwR8GVphsJBomZ3FSsz7ZXEyt5iFy1e4sR-2XPSkXjIKHmD5p394mC9A4BQlbw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7362 0
191 B 83ms
19ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHUlZ0x1Wjmmm5V02tlHhQE&google_cver=1&google_push=AYg5qPIlgE0Daj3epOeTeGhliTbk9-c9vPSybdZoQw3BKiC5oDqrDGjADWomzi21a9HSrinZmZnDqx19pY-Wo1sqTOG-DbM-D5NxUQ
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:17 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 7362 43 B
577 B 145ms
47ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBjwPhZL3oJ_E6IJh84YuWs&google_cver=1&google_push=AYg5qPK8Beao1oZdit8WX7_NbGkiFiDs3htaE8lb1SOUmKqNQEzM1Tq3laYP0xCWPjJWmKNyj_-lnxSN9h-vwOUW5JU_75jZgVvqEA

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 15:48:18 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7362
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEELnYRqZjUg62CWPuBjY__g&google_cver=1&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0GIIyIh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEELnYRqZjUg62CWPuBjY__g&google_cver=1&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0G...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ3NjEwMTc2NTIzNTI1OTM5NQ&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0GIIy...

170 B
188 B

49ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ3NjEwMTc2NTIzNTI1OTM5NQ&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0GIIyIhK3bRiveYazLvbDAy_e7uAA

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQ3NjEwMTc2NTIzNTI1OTM5NQ&google_push=AYg5qPKXJn72fITfp--Udnnj9sNN5Z8OwjpaZ3dZNXGumYBhocxHgDBmc__vPW-qGUr3N5_ET0GIIyIhK3bRiveYazLvbDAy_e7uAA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7362
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2VyBT2SgSFCqy_IfYBuNuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
50ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2VyBT2SgSFCqy_IfYBuNuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbVjIGH33FJi-YsrU-jVOE0XDJtzfA6-R3pPI4EfCYNLNDS7LdlUPn4pCe0DoQoMb-R9IRa3OxY6_CY1-LyCl6LzZjvrkA

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2VyBT2SgSFCqy_IfYBuNuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbVjIGH33FJi-YsrU-jVOE0XDJtzfA6-R3pPI4EfCYNLNDS7LdlUPn4pCe0DoQoMb-R9IRa3OxY6_CY1-LyCl6LzZjvrkA
date: Sat, 26 Mar 2022 15:48:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 7362
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD5...

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 7362 0
75 B 141ms
16ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFlIN78vjs17moCv1q12AoY&google_cver=1&google_push=AYg5qPLxUWNNNjfD5Y073a8hyGXQzGoxSvehll0tLSTLl1WrufkJyP-_bdrHyDlskn-Yok6MEOv8RNO6wyqACSvKivhFp_S3fzvYnQ
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7362 0
12 B 48ms
48ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVsSzcEajRklAKA8C8Q6QkCaCr7XNaWizREWiFUohJdSgZQ5D4rLohqS31fw-hUPb04sif

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32E6 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpsUAwjU_Yv21AauN7_UP0ayYYAAAAAA4AeAEAg&bg=!3N-l35vNAAbzJazn0yU7ACkAdvg8WlT5haE9NpwV6Hi-KTus0UPuXzAvedXrh8cN3ZpcytvUDak9PgIAAADJUgAAAAJoAQeZAzOvz7gZzCx9wNC9OJSq3PUGN7It7rtfO0XQooTUykTCneQtt5UeaYn86MRFt9cSukJ_UFQxDxialHZVE91dmClvjExKcd6RJqvU4GJaQv4rhQZHPUVuA1FO5cDk5N8C8qQ0tRWxZw_IucIFQcO6VdeOBqzs6aBslbonGRWtEzQySTxxrfiAS2gapEWdHuTlwDFHv3mU1aFMvTfQba6QN8sj9SKSJp4bM-3vF19u8J256nUqr4D7HViYXfd9kYTGGE7bbdGbTWViq96IMjNEgkOOY5Ex6diww7gRJAfdFXDWJQEJN0fVZYHqi1Zc4cMExk50Ck5kmzfUPLusVdaAsraJP8hYeQRstEw01DppSOUv9DCATGoDCwMPnGItrWX4qoEM-9ZSplSLWd76H8HvI3ZthLoszoHndiTXpkY5D7TSso9ptOryLCtmXqSDHIefNbqUNz91g2c6Fs8yVRtEDhpSx-aZ0gur9HlLtV9pADiTqO8o1bjmoGaep9fOSg1ifdoK0JILSrDV0vhbz9v1xbXAgixOPC9PF6QHsH_u8Ktn4zd7UAwKPzVmPLQQsQAFmZpnm90DjyPkMA-DBTcip1aA8ZdZ-hpRxbjFQmTNqkZIKlEXpnj59Bo93lgFw3QabBnsDwQx0f1jnT7cLAJNUdXeUZDpB6i5JweEqBbPx1bNz0NmOgpqPL6nOX79E04qkG0Rrhu83wmjp8YNHGNJd9KFagxaN02qwzxx3KOdasAh--r3dyyl32P7cxBpn-WbQg6EYcLjK3Qwe0Igh2o43zY4ysDCQhgE7Pk6RiandBb5sBJ-q_jxY25oJEd_JBZKYCu3mHxxAMHrKSiEmGsZ384FftgOytUgW9HjVhzVIAD5H46Bc8Rw1n_DlT2RVv9lrYRxaGbL-1da_J5SekGd0JpXjrtnRyC5-VtNVSv9diwwj7jqV-f1OBC_qowt5odVvhzpb_Cv9a0T6Pwpa2aLjWUtk8efcX0K-Q0WJPaMGHXRBP4DSicP_Naj502myadGeeKhl9MbxZAr12fKcbzkgQBD7eT60h8VxcND-n5dKmXNvybGB1dpGmXXbUZIOdyU8jBkmtY

Requested by

Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame AF84 5 KB
5 KB 11ms
11ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1292636162
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H3 200 css
fonts.googleapis.com/ Frame 5BD6 273 B
288 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:italic&text=Located%20lshnmiwfI%2D5Ex19vru%2EPg%2C%240pkqWb%E2%80%8B

Requested by

Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35ede826e79511d4161e0f1e572c5b0d67d7f0b8d816fdf6bbbddf3a95fb1ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:48:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 15:48:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5BD6 280 B
291 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700&text=6410%2023rdAveNETulaip%2CW987HbCtn%2EogMchSDRUIKG%3APV5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd44506e0d5301c4d6605c5817a8df3a0e074b5ba6ca400004ffd6601973d146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:48:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 15:48:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5BD6 234 B
254 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:800&text=CALENDR%20OFVTS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db252d5dd422d1195830b4356642b05a1894ca3e3058342d6351e4a02c9279a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:48:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 15:48:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5BD6 274 B
288 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:regular&text=Join%20AlePkhamr%2E%28Nzc%29sxptwdug%2Cfyb%24105qvjW%E2%80%8B

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b14f4c886cf44fcf1c37c8bec13fea1eb825347df872e8661fb184ec5877d57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:48:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 15:48:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5BD6 236 B
256 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:600&text=Alen%20PikhamJr%2E

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

924ab92f51981a9555e89a6977fcda8e5f8d4cc1f262a30a0dbe9ecfdfe27094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 15:48:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Mar 2022 15:48:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Mar 2022 15:48:18 GMT

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame C5BE 0
150 B 35ms
12ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=31447600120403400710616011910015&a=94127b03&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=31447600120403400710616011910015&a=0d257e47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame C5BE 13 KB
13 KB 107ms
60ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 251049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:37:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:04:09 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame C5BE 13 KB
13 KB 88ms
42ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 251088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:03:30 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 5BD6 8 KB
8 KB 77ms
52ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaooCKLJ8fAR907eCVUBQGyk9Yi-n0FxDp-XxoegKIdueFTJ6VfEdMoU9m_ByIEv_k&skey=30a27f2564731c64&v=v26

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:regular&text=Join%20AlePkhamr%2E%28Nzc%29sxptwdug%2Cfyb%24105qvjW%E2%80%8B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c653bd43d2530e7785eb38d448556ace8e75435ea5cb510adb897ae4a4eaa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tj6w5.flx10.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 08:02:05 GMT
x-content-type-options: nosniff
age: 27973
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8512
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 19:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:02:05 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E231 51 KB
51 KB 73ms
8ms Script
application/javascript 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=31447600120403400710616011910015&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 15355
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 26 Mar 2022 11:32:24 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 52083
x-amz-cf-id: SnxaveWTp9TISDxST2W932-M4XShzLpzGx8-F02L4IykABv_Vhhc5w==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame E231 85 B
541 B 69ms
25ms Image
image/gif 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=38209900127442500710618011910028&wglinkid=498343
Requested by: Host: 245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
URL: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Mar 2022 15:48:18 GMT
Last-Modified: Sat, 26 Mar 2022 15:48:18 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/gif
Content-Length: 85
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 reel.js Show response
widgets.outbrain.com/nanoWidget/2000645/module/ 25 KB
9 KB 8ms
7ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000645/module/reel.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3bd64c7ec86814a8ebc88cb9effee19292e315bee76ca266451a96ef18dc96fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:30 GMT
server: AkamaiNetStorage
etag: "61d5917960e4049b8603fc22023997d0:1648020500.368171"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 8382
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000645/module/ 503 B
811 B 9ms
9ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000645/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b6f9377931c12b8ff45ab3b6d758ea8fe5eccb9509b1b07288e0e9a5056a0518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
last-modified: Wed, 23 Mar 2022 06:36:30 GMT
server: AkamaiNetStorage
etag: "d2185e8dc3da077c0d9937069737771b:1648020503.326032"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 53f79fb2ad511df47bbd706dd94f837a88.jpg
zem.outbrainimg.com/p/srv/sha/05/b9/e9/ 71 KB
71 KB 60ms
8ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/05/b9/e9/53f79fb2ad511df47bbd706dd94f837a88.jpg?w=800&h=532&fit=crop&crop=faces&fm=jpg

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

38337065d2ba83c49659bef8761fe006f6a69deaad68c1b42fbd0ea64ab95980

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 502698
x-cache: HIT, MISS, HIT
x-imgix-id: 36e5a6e04b25e00d578cbb84ca876efaa1a7f846
content-length: 72290
x-served-by: cache-sjc10038-SJC, cache-hhn4028-HHN, cache-hhn4036-HHN
last-modified: Sun, 20 Mar 2022 20:10:00 GMT
server: imgix
x-timer: S1648309699.759958,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H2 200 disclosure.png
widgets.outbrain.com/external/vendors/ 476 B
776 B 8ms
7ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/external/vendors/disclosure.png
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
last-modified: Wed, 16 Feb 2022 08:29:06 GMT
server: AkamaiNetStorage
etag: "4d39e26ad7c27bebbc022d353bf4bbb6:1645014623.324673"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 476
expires: Mon, 25 Apr 2022 15:48:18 GMT

GET
H2 200 1965c8e2a273bc633d9f413fd3e45d35b2.jpg
zem.outbrainimg.com/p/srv/sha/18/ef/4a/ 90 KB
91 KB 67ms
15ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/18/ef/4a/1965c8e2a273bc633d9f413fd3e45d35b2.jpg?w=800&h=532&fit=crop&crop=center&fm=jpg

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

94e5dfb7f555617998a574800130c6c189133eb5fdb5e6d3d4da8282d0259d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 505346
x-cache: HIT, MISS, HIT
x-imgix-id: 98673f90384fdf1333e064bbefc34a61fa0d5686
content-length: 92634
x-served-by: cache-sjc10037-SJC, cache-hhn4069-HHN, cache-hhn4036-HHN
last-modified: Sun, 20 Mar 2022 19:25:52 GMT
server: imgix
x-timer: S1648309699.760069,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H2 200 3841257aa13274f23e09809b1a18d7ef45.jpg
zem.outbrainimg.com/p/srv/sha/22/2e/2f/ 61 KB
61 KB 58ms
7ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/22/2e/2f/3841257aa13274f23e09809b1a18d7ef45.jpg?w=800&h=532&fit=crop&crop=faces&fm=jpg

Requested by

Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b890bbb674791ad5da6dfdc3eef0a614c116e862704a0c2358125c545e1bfa9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
fastly-original-body-size: 62198
age: 418048
x-cache: HIT, HIT, HIT
x-imgix-id: 370cfed4c3400951fc4923032bdccd92fee2927c
content-length: 62198
x-served-by: cache-sjc10070-SJC, cache-hhn4026-HHN, cache-hhn4036-HHN
last-modified: Mon, 21 Mar 2022 19:40:50 GMT
server: imgix
x-timer: S1648309699.760141,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 88ms
87ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=9a03fdd913d6add5a40889202e585b14_39028_1648309697798&tm=2044&eT=0&widgetWidth=738&widgetHeight=492&widgetX=431&widgetY=7877&wRV=2000645&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1084&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
X-TraceId: 7ee06d76e287275449a11136d2d9b31c
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 173ms
86ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=756b22e1791e749f4c7e8daee083c700_39028_1648309698146&tm=2056&eT=0&widgetWidth=738&widgetHeight=240&widgetX=431&widgetY=8404&wRV=2000645&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1084&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
X-TraceId: 530eeca8e7e8e4a529c3e9cc4611dc12
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame D8D4 0
0 7ms
7ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CBC0 0
0 8ms
8ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2CA4 0
0 8ms
8ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2E18 0
0 7ms
7ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8E31 0
0 8ms
8ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2E7A 0
0 9ms
7ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 250ms
86ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c1e71e07e057b824da8804facc0d7fcf_39028_1648309698378&tm=2065&eT=0&widgetWidth=738&widgetHeight=549&widgetX=431&widgetY=8668&wRV=2000645&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1084&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
X-TraceId: b21aa132e6e52e8f4a5b26036481d027
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 328ms
86ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c16b499eae67cb352e6ab3c955122baf_39028_1648309698418&tm=2067&eT=0&widgetWidth=738&widgetHeight=295&widgetX=431&widgetY=9242&wRV=2000645&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1084&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 26 Mar 2022 15:48:19 GMT
content-encoding: gzip
X-TraceId: e1cf40690225448e5401d66ad72fb15a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 335ms
86ms Fetch
text/plain 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=67f9445dd8fcd2e43e8666044381908e_39028_1648309698539&tm=2068&eT=0&widgetWidth=738&widgetHeight=549&widgetX=431&widgetY=9561&wRV=2000645&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1084&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 26 Mar 2022 15:48:19 GMT
content-encoding: gzip
X-TraceId: f2ff4f2cc772ac1b4caa915078afa7f9
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame ABD2 0
0 10ms
7ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame D633 0
0

GET obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4292 0
0

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7AC0 361 B
654 B 23ms
23ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8611 361 B
654 B 22ms
21ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2697 361 B
654 B 22ms
22ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EFD2 361 B
654 B 23ms
23ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3F48 361 B
654 B 22ms
22ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 769B 361 B
654 B 23ms
22ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 6924 361 B
654 B 22ms
22ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CEEA 361 B
654 B 23ms
22ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4097 361 B
654 B 23ms
22ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000645/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 26 Mar 2022 19:48:18 GMT
date: Sat, 26 Mar 2022 15:48:18 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H3 200 font
fonts.gstatic.com/l/ Frame 5BD6 8 KB
8 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4WjMPrENDRd57eOLURByuURBkNjBFRbv-35mdACKceaGTYGUf0ZLoExn8x0QcPQ&skey=bf44ee29381a37b0&v=v26

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:italic&text=Located%20lshnmiwfI%2D5Ex19vru%2EPg%2C%240pkqWb%E2%80%8B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31ae1079c810d14cf1983ea459ea06311e05202dcca4b5694b86dc97a7d76f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tj6w5.flx10.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 08:02:07 GMT
x-content-type-options: nosniff
age: 27971
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 19:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:02:07 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 5BD6 4 KB
4 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapYCKLLkfZHQZhIjpL24V01Ve&skey=30a27f2564731c64&v=v26

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:800&text=CALENDR%20OFVTS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7909343e290ff05c89a7a7f6aa6ca0887ccc87fc814a9768683d45380eb31b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tj6w5.flx10.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 08:02:07 GMT
x-content-type-options: nosniff
age: 27971
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4428
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 19:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:02:07 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 5BD6 10 KB
10 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pYCKLJsfCRlt8PyWVRRxtzkx5snVMDHL11JLXiazSNm_drizb1ZbsFx27AyenhAfhJsSyg&skey=30a27f2564731c64&v=v26

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700&text=6410%2023rdAveNETulaip%2CW987HbCtn%2EogMchSDRUIKG%3APV5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2caa35c003cace3afb0040b3693a875b6a33d46790ea26c5e2e05c4015b77cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tj6w5.flx10.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 08:02:07 GMT
x-content-type-options: nosniff
age: 27971
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10020
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 19:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:02:07 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame 5BD6 5 KB
5 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpYCKLLofC3YXka_ACUgs7Gxmrg&skey=30a27f2564731c64&v=v26

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:600&text=Alen%20PikhamJr%2E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a62f6f0bdff1d6fe9d1d2590d7a916307fb83f80c82332015369835e2c62580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tj6w5.flx10.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 08:02:07 GMT
x-content-type-options: nosniff
age: 27971
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4624
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 19:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:02:07 GMT

GET
H2 200 chTj9kruNhmvpTQ2y5RAA59DiPquEakA.png
k3vzn.flx10.com/ Frame 5BD6 16 KB
16 KB 77ms
12ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/chTj9kruNhmvpTQ2y5RAA59DiPquEakA.png?width=239&focusX=50&focusY=50&zoom=100
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9a792dc8a0b0a4d05cf7908260e5ea80dea450f5ff0ea1df914512357ccded92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 QGT1bcBN062aLuSxelBykKRpIjfO1bXq.png
k3vzn.flx10.com/ Frame 5BD6 830 B
1 KB 77ms
12ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/QGT1bcBN062aLuSxelBykKRpIjfO1bXq.png?width=97&focusX=50&focusY=50&zoom=100
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 085cad78e1746c5971d947197077e32dbf8a3c1f8c43d34c500f4ba829ac7808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 gzOiaL0g3LoLZ3UVdMpvolDby7rxeOFN.jpg
k3vzn.flx10.com/ Frame 5BD6 21 KB
21 KB 77ms
13ms Image
image/jpeg 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/gzOiaL0g3LoLZ3UVdMpvolDby7rxeOFN.jpg?width=203&focusX=50.47&focusY=54.33&zoom=100
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ea00948f5f91b35cbb5a9489c9c7dff8a252522a272e4efba6e388f4f86f3e4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/jpeg
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 dSS5M9Kd8X2h46PuIORKIa8LOXVtOoeD.png
k3vzn.flx10.com/ Frame 5BD6 3 KB
3 KB 82ms
18ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/dSS5M9Kd8X2h46PuIORKIa8LOXVtOoeD.png?width=78&focusX=50&focusY=50&zoom=100
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1eedecfa196954a7a91b50a7af86b71fd09691b24d821aed2225c00f051efa7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 kCxpzBe8yTdH7LkkWWJtBjYiWoEgR2Ln.png
k3vzn.flx10.com/ Frame 5BD6 64 KB
64 KB 82ms
18ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/kCxpzBe8yTdH7LkkWWJtBjYiWoEgR2Ln.png?width=113&height=250&focusX=73.09&focusY=0&zoom=100
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4c1a91c73a5ce32a7a11a30d18a0ad8e84acfea9987c2660de96293890f659ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 UGRA6t3gDBj0WyShTUJBQOisl6fNb7Hz.jpg
k3vzn.flx10.com/ Frame 5BD6 35 KB
35 KB 88ms
24ms Image
image/jpeg 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/UGRA6t3gDBj0WyShTUJBQOisl6fNb7Hz.jpg?width=970&height=250&focusX=50&focusY=50&zoom=100
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e6b87be55eb9b248100cff3b96e683bdb21c01b63883593413550e1c750aa4cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/jpeg
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7AC0 2 KB
1 KB 12ms
11ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2697 2 KB
1 KB 13ms
13ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8611 2 KB
1 KB 12ms
12ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EFD2 2 KB
1 KB 15ms
15ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3F48 2 KB
1 KB 18ms
18ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 769B 2 KB
1 KB 15ms
15ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 6924 2 KB
1 KB 18ms
18ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CEEA 2 KB
1 KB 20ms
19ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4097 2 KB
1 KB 19ms
19ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 06:36:29 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1648020597.502771"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 26 Mar 2022 19:48:18 GMT

GET
H2 200 chTj9kruNhmvpTQ2y5RAA59DiPquEakA.png
k3vzn.flx10.com/ Frame 5BD6 16 KB
16 KB 9ms
6ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/chTj9kruNhmvpTQ2y5RAA59DiPquEakA.png?width=239&focusX=50&focusY=50&zoom=100
Requested by: Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9a792dc8a0b0a4d05cf7908260e5ea80dea450f5ff0ea1df914512357ccded92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 QGT1bcBN062aLuSxelBykKRpIjfO1bXq.png
k3vzn.flx10.com/ Frame 5BD6 830 B
1 KB 8ms
6ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/QGT1bcBN062aLuSxelBykKRpIjfO1bXq.png?width=97&focusX=50&focusY=50&zoom=100
Requested by: Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 085cad78e1746c5971d947197077e32dbf8a3c1f8c43d34c500f4ba829ac7808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 gzOiaL0g3LoLZ3UVdMpvolDby7rxeOFN.jpg
k3vzn.flx10.com/ Frame 5BD6 21 KB
21 KB 8ms
7ms Image
image/jpeg 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/gzOiaL0g3LoLZ3UVdMpvolDby7rxeOFN.jpg?width=203&focusX=50.47&focusY=54.33&zoom=100
Requested by: Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ea00948f5f91b35cbb5a9489c9c7dff8a252522a272e4efba6e388f4f86f3e4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/jpeg
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 dSS5M9Kd8X2h46PuIORKIa8LOXVtOoeD.png
k3vzn.flx10.com/ Frame 5BD6 3 KB
3 KB 9ms
8ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/dSS5M9Kd8X2h46PuIORKIa8LOXVtOoeD.png?width=78&focusX=50&focusY=50&zoom=100
Requested by: Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 1eedecfa196954a7a91b50a7af86b71fd09691b24d821aed2225c00f051efa7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 kCxpzBe8yTdH7LkkWWJtBjYiWoEgR2Ln.png
k3vzn.flx10.com/ Frame 5BD6 64 KB
64 KB 10ms
9ms Image
image/png 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/kCxpzBe8yTdH7LkkWWJtBjYiWoEgR2Ln.png?width=113&height=250&focusX=73.09&focusY=0&zoom=100
Requested by: Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4c1a91c73a5ce32a7a11a30d18a0ad8e84acfea9987c2660de96293890f659ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/png
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H2 200 UGRA6t3gDBj0WyShTUJBQOisl6fNb7Hz.jpg
k3vzn.flx10.com/ Frame 5BD6 35 KB
35 KB 13ms
12ms Image
image/jpeg 94.31.29.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k3vzn.flx10.com/UGRA6t3gDBj0WyShTUJBQOisl6fNb7Hz.jpg?width=970&height=250&focusX=50&focusY=50&zoom=100
Requested by: Host: tj6w5.flx10.com
URL: https://tj6w5.flx10.com/v2/X9yKr7deK3x/-/breakpoint/970x250/?cacheBuster=476023608&clickTracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvTwBWTwLc3Lpu3OEEDFQ5S3sSLs2lDQtWKMKU5rMfqiVt2-lVCaKqYYkgzD_8XJNzNuFBVZCwZm2Ino0x7qaURdWCw12Oiyvux8Z23tGkW9CP8Xp5Bl15wigDteDri8Jni4mIWAr2nYF38foyF4hVmbGcBRcxdjaRBOEaeTOE4HiE2ThGzWWDlyuukO3FNTQ3FqkF0eS7F7jJi50pbxwa_lCcJEWfmu0ri7H7s6NTmyXskL_oQWfxJTeKcdA5wUmvk5ozuY5ArysysgLmJoh6hxYFa-6ojJhuD7a6r9eR6Zo%26sai%3DAMfl-YS3eoNaKHGQXAcqJ0Au8hFfmzH0NgRZtJej5e6bq74bygRoT1OuyJ7tBeDga3ng6CmiP4OpEyYEOucpvIss4SizrH-wCmzowYNajhbtOHJdAXY5WLJxruGNt9F0Yj83%26sig%3DCg0ArKJSzB6uWvgilLmGEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.29 Maida Vale, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.29.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e6b87be55eb9b248100cff3b96e683bdb21c01b63883593413550e1c750aa4cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tj6w5.flx10.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:18 GMT
server: NetDNA-cache/2.2
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
content-type: image/jpeg
cache-control: public, max-age=864000
access-control-allow-credentials: true
x-cache: HIT
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept, X-Auth-Token
expires: Sat Apr 02 2022 07:12:47 GMT+0000 (Coordinated Universal Time)

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 7AC0 43 B
256 B 361ms
85ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-Vwqvnls4iFSYRYRwi5G9A3uSaP4Wcjs4WW-L41FMBHq60Ldb0c1AXhpfvnE92A4bXFofUiP0FP1JdfV_KjYn3TW9D7XO-Oy7_WpUPPzKcZhDKAyHHfLc_WVGZcJPRXY7f_Eh1mE4JJ7SM1Zc6Xz6n_ze1Z5sam72dcCr3jPbSQ_odwBzGjK-Q4tTxvm-nsbQ6dH0JlmWSMmOjEX4GTOw6ROtGIajFfijUffmQO4UfMAeSXx_UtkllgE2PgvyDgZ2V7JfdeyeDOsY4SR72g_viaXdcnPxs0G1A4eVGrzV0l5L18bQCBeQdDF5kPt-uVjY3JrGgZ6UEWE5uunvsbgqmnu7zwYMo2SEi6J56ozYg16QjgsO6JYfttdLzGEy2dNerdgUXjLG_weIHvf95w0UItvYKX77MaojOMbGHJ53OvBW3qbk_6m_hzMvptno297zm5rcI9fg7f9lO4fcgUjGpwik0-B03tBSMRqDBLPrK4iVsiUxMhHIwYTiRCbibIhkaOKl7nv1gv8FkTy5DQZHGWiiGD91h4mLq7wpAMMwgaVTPEh1TlWxRuyCekPpz-w9ZMUA1TxdWCof8DtJZ-gA7nPwX4E8DFVgmAC0KgewPrNqMYG1Ba3BDaU4JX-K9Mpy8kAtv1_KoxtZnCv8AnbM0wq3nMA-zTyv0T4xxo1d8jD0v21VjkrMIXHsmNJckvif0oujnIV3L04BOHqt7QXy-l1E4YPzwyNMKb5tLzD0zqYH1kqKt61-UeHDP2fYb3ue7-lBwXh4oafXGPNDc6HyKUI-1sdqCCTjL_GirpDLUytqDIul8lGHNXF47tdxsLd6NLa-kn_39au58lepVvvmGuI15Qko273dVoZ_Szoc4cyGQUAA_L2-W0pWBP-B7oJg09NwqGV5rtJwj6hsOVZa4Ddpu3MoysefyfUMSAffd0jDZ-gL_AZdrQ2FdSWOI_Fyq39DTtciD7Ty9HRxhfv-acq1liMmDIATiswqkygCjsB3DxFPQ073hoDJh3vaSwhZbIgXEjUjE2K0Yb6YhoF0RdsJKFPFll7v7hjHnU4FPSJDIYnIBS3SxWRSS8K5RvWbyRfoZ52U7F7vxs0v7AYlGCuEpipvS7qi2slZZjIs1jQ4haY5qCQ6oiXNUGdbZdl19ayvu4pJ5vHLYalfZyv48c7_kVgSnjbJcWXo5Ujd6NWTpl2xkiW9S7SBVUsAhoMVcJC84Qwsu7wA9b2TpGqgV_Qfp6Ea-wAlCHTyC5-iv7IQah4LuP24mtf9u32KusCDBuGpGGxB2ZfCbgqT9N5HfF5sJUGUk58fvzb1q05nSHtwWIrlRIqx0uZhFe-zl8HgCBZL-XOY6ZC8SdiHPvFaQDyYafOGIvR57qdjPd7-N_cIHbixOMaJD9q7--Bl3Q7kRYiSqnCWOehQW0lscHuRKnDhlBR4is4K_7PoaLnYuH2EhmV8VSZ6S_JzuGS4eiP2Qo7Cg5Pprl974Aq3FOgEeP5xwwDdsMfdKh6GJHQQcGySq0zn3n3jHBFuE1J9QyFSmAQlON33k75cOXW7FvfpQKHvcFb3seR2nXwGrGGWEXC6ZpX4znNLfLtw8QOsx4_ucNvesbqg_avvVp7XZhbHkcp306ahXh4iJISs2rT56CdnTxHxGHB9uBzS4bLZV2_5TTo_FdyAw_OeYwHeu6fIlwKZ9Mr99NvpENmtRJI_Yus6EtD3QTuc4ni2fu3YsyfPdCPzQLxRC8BuaCF_r7WWBwx86okDM4dJ5sR82d6qhwKSNk9zSO8VvKgzOkKb7qutMQ&c=45a987c0&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Cache-Control: no-cache
X-TraceId: 52b7421d4cfbe59ae94d18ceebb7812d
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/27d276e2-ad1c-11ec-b820-7621b353135d/0.048517/SBIHLWF46TQNNKJCFVEKTQ4MBK7A75F3LIB636CES6T5Y6GY5NZ4EWRWM7IWV46ISZKSZCX5MVSXJKUIZNKSRH5H5FAUVW7YBMHPQID5VZP... Frame 8611 26 B
127 B 351ms
84ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/27d276e2-ad1c-11ec-b820-7621b353135d/0.048517/SBIHLWF46TQNNKJCFVEKTQ4MBK7A75F3LIB636CES6T5Y6GY5NZ4EWRWM7IWV46ISZKSZCX5MVSXJKUIZNKSRH5H5FAUVW7YBMHPQID5VZPXWTGRSIZDKEFQCMN5NL2UOAHF6Q72GZYHVPZOX6QMQDNUNLTY7KRQFDX6MZNN56PHZMR6VBWNLNMABW3SRIKWB2322NK4LW2RNNENYEH57IBBFXN7TCV6R5V2OTGMUS6ESRMP5NXFNMXVSSWCMEUHUA7RQZAJNJWQUOQ7AERVWX2J2Y47TNSNGRHCIR7S2PD4WIQQGMGAURETI7TSQX4SU34U6OCTNLTJIRBB5IAX53NBCK7FC2HDEJLT7WYPEGASGFA2MNPDPU5ZJS4SF267O4CAGK34CHDTPOAFCJASHADPP2NATJZVRKIW2FCI5NWPV434OYR2G6MIAEMEM6ZSIM36U4PZ3ZYFGOBM6NXEMYLC6ZLRB5HUGCPI5LY/?wpos=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/5DD7U5OD2TKDQ7XJERJWXSJ65KBMV3LNZPUSJRL6YBP2536ED5TCTL7T7N2VWS3IHSNGJEYJ6X2WLURXR4Q55M5EKK7ULMPKYOBRTIDFXSL2QLTXXOXR7IJFVZK2FE3YBYYGWSH73NGD742RAO26ZXYVUHABG4... Frame 2697 26 B
127 B 349ms
84ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/5DD7U5OD2TKDQ7XJERJWXSJ65KBMV3LNZPUSJRL6YBP2536ED5TCTL7T7N2VWS3IHSNGJEYJ6X2WLURXR4Q55M5EKK7ULMPKYOBRTIDFXSL2QLTXXOXR7IJFVZK2FE3YBYYGWSH73NGD742RAO26ZXYVUHABG4BG6HI6DB36MD53BOA3QLMVFQ4HKNN77J3LEGBHJUH64D26B7YCNYMLLWNHXBNTMYXQQNXJANHBAPRSXTT5IB54G32J4RZVZ6VYKITGJPOFIDGMBIGABLGWVBWWSW6QPC4VU33IYOZGG3QUO6XVHSRF7KAUARJ6KLY5GC6R5JVTNHUDRSIFG64HDXNFNXKUDPI7CMCMPBI/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame EFD2 43 B
256 B 360ms
85ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-Vwqvnls4iFSYRYRwi5G9A3uSaP4Wcjs4WW-L41FMBHq60Ldb0c1AXhpfvnE92A4bXFofUiP0FP1JdfV_KjYn3TW9D7XO-Oy7_WpUPPzKcZhDKAyHHfLc_WVGZcJPRXY7f_Eh1mE4JJ7SM1Zc6Xz6n_ze1Z5sam72dcCr3jPbSQ_oB9i-iQS_dq2M2e5jfsVX-qNP9deOPFjZuZ5spwhpio77my5Yr4-yAGPuN_teazX-6TFkCV-jdCsiGlYx4Z-ELsu1KNjYZ7Lyd_5aQN0XlF0oVhXDOSJlC3dcFzT1vrNIBoxTof9yitkeGrZTvsd5GF9cf_ZVOjUf7ITc2QiNUByGyVts9jOenb9VP0Jy3K2XlGi3bW2FDsJB-Rmsz2inrHgleP0D5eC6C9s8dWZ_qKNOa5v_QOFOnBxuU4YKExZsRmC1nzXnXICSMulgztywpMR5ccpMo3bHz8OR2ecyslR-oIuP9Lc54BF6urlyvGHXOC55IbVRfDB7hXUHFGi32JbXbs60olGBuPznE72I6JJF34eiQyye9NFTDnnp5yuOMiUc7zA9-32BJ8JRpInFS8vj3TapE3BZnyv-AzifWmZgc4HbhvkGmOXT5LMNbRC4lAyBWJibMgIE7HWmMg0377QSMYs2-jrZxJx32zlMZhEleUHtptvxwdQFGrx28dhLlufxLd1lydXY8Dy4MwHiRlSSuo8Fj_a_ecekM42gZ9x-HJzrG8_yRsB4d2WXIQ4sVqAa8B4MPtdqVv16qRn9Gxd1xUtVQa8hv0VA_RSdEWEL4rxKhcxtNiNjTs7VfLo1foepXig1Ssj5-DOyadn_riCpCRx0GTPLKzWt6K2wVdLHnba2JRqhsKyR78vypYuknYVd5gR7peKPpoEEoi_htUhIfaQVKvp9cxfbS7zLxuFYh0ckZVLi4TzKHwQLKhmZ5rdpPAhghGHftOwL0YCGRsptA8otFn1yZkXT4nr-dqpcx_UVxfLk1oAWQUIXp6tNV-LhfhsSttNloMXRAz9HjcMc4QcogTZjo2gDXNONY5s-GWy8Wqdf-1DWcYQzTvU2H_acPgvdKRBFCW0Db-JOGL5QyFcmBCTclST6mCmzptVXkurtgOX6jMLR8gG0qO5nQ9HYlqqnP3K5I5ksBLe2iHdQmeFOj3ipJXhD5chqt5F102VSZMVUENV3C2kaYrNFrvpfhk2JhXf9EKlvyZfPdssmrsc6jOXMOFr5K2sSq73Rd-ofanMoNqRemJTycIL4czOxhxSDJ1SCQCB7fXd3NWZMui7YuR33NTGvIPXwFG97cXAVTM1FCtzKe7xyCEmDQ1wobDq-UR4yb-rLJohifP71IhdYoo1Ia0JF_LD35ScR1jXJ7pZRiU10l_rtjxGPtu-UzhJ2Av0h3UcFWVI1H-cX-69eCJpvf3FXTLzO04ES-_-82Xh8XT1QL1ftyBIgokLbexLEP2BmJh7P40KEpIaW_Istr1Gpy0PGbuTAnGSS3I7L7lsUBW0NbDMoWFudZ92FT07A37jQvwpe1HphycXeY7RntM-UkwydEt0mdAYpa4I9zcyZS18eVaYO1cGhbCU87VOiT6n7yUw1ZKfQyItC8HGek9tGBybgXmeGuD-91lPXz9_qElDVDGH4ai0meAfdGZlK87L2FDOXNxYVyRwPYIkOtWljcEiIIBq73fvPVKAbpdRCs5RmIlL-QfLs1ChfSMmdX_NnYDcYrHFWcF5yNknfRKZTgrkqaX4c9NsEhkgHZKA-sVrjpSCtCSzN7Eq_YbghvH0wM9CgtN2D_g&c=597c049b&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Cache-Control: no-cache
X-TraceId: af1eb57ecadc477395baf28375b5fae4
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/27d276e2-ad1c-11ec-b820-c8995226a95d/0.038968/SBIHLWF46TQNNKJCFVEKTQ4MBK7A75F3LIB636CES6T5Y6GY5NZ4EWRWM7IWV46ISZKSZCX5MVSXJKUIZNKSRH5H5FAUVW7YBMHPQID5VZP... Frame 3F48 26 B
127 B 348ms
85ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/27d276e2-ad1c-11ec-b820-c8995226a95d/0.038968/SBIHLWF46TQNNKJCFVEKTQ4MBK7A75F3LIB636CES6T5Y6GY5NZ4EWRWM7IWV46ISZKSZCX5MVSXJKUIZNKSRH5H5FAUVW7YBMHPQID5VZPXWTGRSIZOI2DDFKNWWT4S3TGAYY2OKLDTZOFHXKAS4HULSM3USQ2XHIFC3FVNZK7WQWBQVHZNLNMABW3SRIKWVTSJKDG4P4OYLNENYEH57IBBFWUFVEV24FHB6LIRF7VCGJFBIEXARSJWUQQMRDDOUA7RQZAJNJWQUOQ7AERVWX2J2Y47TNSNGRHCIR7S2PD4WIQQGMGAURETI7TSQX4SU34U6OCTNLTJIRBB5IAX53NBCK7FC2HDEJLT7WYPEGASGFA2MNPDPU5ZJS4SF267O4CAGK34CHDTPINFMGC6Z3IEQ4LIQB37J5GNUV3WR3AH7KZZJ6U2G6MIAEMEM6ZSIM36U4PZ3ZYFGOBM6NXEMYLC6ZLRB5HUGCPI5LY/?wpos=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/5DD7U5OD2TKDQ7XJERJWXSJ65KBMV3LNZPUSJRL6YBP2536ED5TCTL7T7N2VWS3IHSNGJEYJ6X2WLURXR4Q55M5EKK7ULMPKYOBRTIDFXSL2QLTXXOXSVIUMVS4J2UHC2BDBCN6GKR36J42RAO26ZXYVUHABG4... Frame 769B 26 B
127 B 362ms
89ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/5DD7U5OD2TKDQ7XJERJWXSJ65KBMV3LNZPUSJRL6YBP2536ED5TCTL7T7N2VWS3IHSNGJEYJ6X2WLURXR4Q55M5EKK7ULMPKYOBRTIDFXSL2QLTXXOXSVIUMVS4J2UHC2BDBCN6GKR36J42RAO26ZXYVUHABG4BG6HI6DBZUU5QNPMCA37NNGQPMPHACPCDT54B4TRUQLFFPBUFTNYRDF2VZMBSKK3B277FKVXTL2QMWCSBVJTN4G32J4RZVZ6VYKITGJPOFIDGMBIGABLGWVBWWSVOX6HQOK6FDT2KJHSOVR75ZWSDF7KAUARJ6KLY5GC6R5JVTNHUDRSIFG64HDXNFNXKUDPI7CMCMPBI/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 6924 43 B
256 B 368ms
89ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-Vwqvnls4iFSYRYRwi5G9A3uSaP4Wcjs4WW-L41FMBHq6HjFwWBu4ZcRXHJNe-zT9oNnW-m6y4kr6d7MvZHukV-tDofu-LuT28whJRuiBh8W8ucYQdcLjc3w79O3DIRZZ1CKDJGaY3Le6sQrk_qetSOKcffSMPi_BpQzPb8Tr7mlafZVjIxz2uAlhvVXCUnhFFHJ-Mr0ebqSdixJqofoJhHuxwM9wtCNZXrL_6iMayZ9fl4alaqOZMWmFRNrkH5NxDn8qcAqxro9zByCC0brtro7QLr030rThb4ZSJEsZxTb3lV_tg279mdbSnBJYuWf4097UFWpD-cnoizSzSYm0b4vuQvonj6xw5gT4XzIpRj3Oljh-K8Jjn5RnzaogRtdGg3dydXLi9J3IUCHQeOWI5ptHbEiV_iIvYDojjaqmtUJWS8Trk_i938D4aciORCjOMb4yUj7D9SKXXoKe-x-GRMnp_cyC6SxPTMZaX3gHRi46VmHNx8KImj3W4WRH29-d75c758zAkrXw9swAqFCxKdNF9JNcRIlF3nT3OYI2GS0tcvcUwhRkJfZLTDpzuoExpQObTjdp7NY0RcVnsEI33pOY01UjMx2DOBXIKxUVM7ZEDvQavr2Hy6MrjZI7XDQq1a1NII1BAULJG-XBsfIc7oGVINNwJuPoRqkzW6mIX2nAkpXfT9CtDuOSaspsWXNl86PAijOOPpN_JbJCtMHpaqKDI700oTYqWMsBSYVNqHS4Ie2zzabm4lU-VRLFnMWb3Jc-q6wA4aVr4zjodMrwaDwHD-icltuKd05gbvRjxUG0HF2ZhaB06aC_Fddz7o97ywTsdiN5bD-JEvPUoZRJZtRLhDrUEq5gmc4m0Z9Z2BOEbRaA_jSEJHJatL9h2BqY5imCC-HqNrCMcqoT-uq8xXXXkTeElpjuetCYPhqeDl-IKPepVuWHAzk6NXT4yKKSqLYVpQbceuD-h4skhZEcnbdXQyyRqpwC5MJNJHLByd_VyuMNr5NE1OcgKT1_Cd4AHJM0Sryqp5K_j2BVa8B8jDuBOehL-7oy0jXiTtAgaYminHXKMRZeSH-cnaN9l7GBODgXaAqpBNWYNmEUcKh-mMxzUip-MxSFIVPG0HQ8Li5VTPPsnLWbq-q9fr-NefpE0CQuR9piN5NFwG0BZnvuKThSyKQom-FmA9Xc1OC0OHlZUHngFvvaG5Kq91QRHzuG1Hoj7p3O9SkQ8J9IscY9m2TBste2OLRyISl9WFbL0ILzH-C801raZzurNEUJ2qpNZ9fkhXCZ47EKB8Uzt-gYZuQAL6a1cBwWnX34Prb9HSZlZR8pTiTYVmKnVuEatfPXQMJjeacwWW8lKWcBo7ez8Cw70Irb-Qn5xVipqefHjXNbMd8zNB4ZfI_rSlJE6wKHgq79o3FxQyHIxHkvfg9uuogyZ1TP_yiSc2Alicdznv8ywxmXkP1n94cAitS-NviEgdCaE8XNbDWuJ7qaANKjEGZ8IJC9j8yrnGjKAdiS1Xf4Fr2V4Y7H16-GnT7aFcV6NMIQoID7hxAIveMPAfJJ4ti3m6fwnDV1_5JlRiMdIipx4hWXKQOKaAoVby0NyKqD5YClatWeniuH9SWc9gPiOgL-AMRMuv_9rIsElICIU0Lce-t_24LKP6zKwathHPlvTGqbW8HxFq8mKw7K7_gtPClLantPiVyqARCZOs9SpikwYg3pG2hb6MDcsNDb25VZiHJPcT4om0eG6GG7Af0gmfG8XKL7NaXSWro9nCTQg6BbyqtbcJcahl0t6ha-DMf92w&c=9e009a30&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Cache-Control: no-cache
X-TraceId: 1aae96ac2c53b94ef792ee8801387794
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/280efc7e-ad1c-11ec-a784-4dd6c20b130f/0.083895/NXKNLRQ4WMQABOF55NLPP7PRBS7A75F3LIB636FNRANFKZXMN2B2QSUIOLRSHTZYD4CW62QKOU3YVTUHSFVDLRIT6QBRFPMUTIWHNN5T3FF... Frame CEEA 26 B
127 B 369ms
92ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/280efc7e-ad1c-11ec-a784-4dd6c20b130f/0.083895/NXKNLRQ4WMQABOF55NLPP7PRBS7A75F3LIB636FNRANFKZXMN2B2QSUIOLRSHTZYD4CW62QKOU3YVTUHSFVDLRIT6QBRFPMUTIWHNN5T3FFBQXGAP4MJNY4JMLW4RTGMCBVGO2I3ZQMRJK6JE3W5WTKCJ4TXCW7YSJOGZZWE42KUX5E5RBDZOFU2G5FEYODPRWN7NVSLF3NAPNENYEH57IBBFXKDWBKZYXQOGUZSDKB5JM3LQ4YTJTVIJQQS6DVAUA7RQZAJNJWQUOQ7AERVWX2J2Y47TNSNGRHCIR7S2PD4WIQQGMGAURETI7TSQX4SU34U6OCTNLTJIRBB5IAX53NBCK7FC2HDEJLT7WYPEGASGFA2MNPDPU5ZJS4SF267O4CAGK34CHDTPE7RDF5Z3VCJTYLIQB37J5GNUV3WR3AH7KZZJ6U2G6MIAEMEM6ZSIM36U4PZ3ZYFGOBM6NXEMYLC6ZLRB5HUGCPI5LY/?wpos=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/HATEEBRKE6KXE57PVIUAOIUJKWBMV3LNZPUSJRMMRUXAR3ELG62QQYC5G54QMDINGVNF2RUTJ42NESBQ7MBOEGF7D6QLMGWUHVOK3JUM3LYQNNEEWP46H4L2PIENX3ABH5O45ATNCWGP542RAO26ZXYVUHABG4... Frame 4097 26 B
127 B 370ms
91ms Image
image/gif 64.202.112.223
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/HATEEBRKE6KXE57PVIUAOIUJKWBMV3LNZPUSJRMMRUXAR3ELG62QQYC5G54QMDINGVNF2RUTJ42NESBQ7MBOEGF7D6QLMGWUHVOK3JUM3LYQNNEEWP46H4L2PIENX3ABH5O45ATNCWGP542RAO26ZXYVUHABG4BG6HI6DB2Z6RWSX6JMJ3D426EVO3ZCAECL54B4TRUQLFFPABNVTPPODG7SY7KHL3SMLLWX72MZPVMDDID7WC6MG32J4RZVZ6VYKITGJPOFIDGMBIGABLGWVBWWSVOX6HQOK6FDT2KJHSOVR75ZWSDF7KAUARJ6KLY5GC6R5JVTNHUDRSIFG64HDXNFNXKUDPI7CMCMPBI/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:19 GMT
Content-Length: 26
Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5D5 42 B
64 B 116ms
72ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtGiu0OSb-RbxGWoQoa0hancE9a6BB0n2mbdpLfJ_ClSsoMMzg26s5rvt2f1IgQUi7kU8QGzBF6EG9IFa1yhbvq8Ej9KX-V6f6B239sXCAq55V1cC3&sig=Cg0ArKJSzGZ8OfWIHJitEAE&id=lidar2&mcvt=1110&p=114,315,364,1285&mtos=1110,1110,1110,1110,1110&tos=1110,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=406828873&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648309697634&rpt=275&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Mar 2022 15:48:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E231 16 B
232 B 81ms
80ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 26 Mar 2022 15:48:19 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 136ms
30ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 26 Mar 2022 15:48:19 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F/DESKTOP/WIDGET_OFF/ 77 B
417 B 171ms
170ms Fetch
application/json 52.25.128.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-03-26/widget_app_base_1648306702464.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.128.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-128-56.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 15:48:22 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 3000
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-0edcbeaa
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 103ms
101ms Image
image/gif 34.196.36.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=2&f_privb=0&tid=858a44ec-7db5-4625-9559-9400379fb982&pid=3779c487-88a2-47d6-81f8-f7478ec95656&dtm=1648309706102&qnm=_matherq&visible=1&tabid=2bd4a021-93a6-4a51-a450-40e154e98f06&url=https%3A%2F%2Fwww.heraldnet.com%2Fnational-marketplace%2Fking-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works%2F&vp=1600x1200&ds=1600x10509&tofa=1648309696&vid=1&lvidt=1648309696&duid=634a955f3c947650&fp=540708920&cid=ma13246&mrk=715673500&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0ODMwOTY5Mzc4NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNS4ybWIiLCJoZWFwVCI6IjE3LjFtYiIsImZzdFBhaW50IjoiMjA0MyIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiIxMDYiLCJjb25uUyI6IjEwNiIsImNvbm5FIjoiNDQ0Iiwic3NsUyI6IjIxOCIsInJlcXVTIjoiNDQ0IiwicmVzcFMiOiIxMjg1IiwicmVzcEUiOiIxMzkyIiwiZG9tTG9hZCI6IjEyOTAiLCJkb21JbnRlciI6IjIwNDIiLCJkb21Mb2FkUyI6IjIwNDYiLCJkb21Mb2FkRSI6IjIxMTcifX0
Requested by: Host: www.heraldnet.com
URL: https://www.heraldnet.com/national-marketplace/king-cobra-gummies-reviews-scam-or-legit-pros-cons-side-effects-and-how-it-works/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.36.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-36-29.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.heraldnet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 26 Mar 2022 15:48:26 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 65ms
19ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/56ebce8b-a783-45fc-a4b6-d0a00c8687f0/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Mar 2022 15:48:27 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
signal-metrics-collector-beta.s-onetag.com/ 0
72 B 26ms
19ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.heraldnet.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Mar 2022 15:48:28 GMT
content-length: 0
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: everettweb.newzware.com
URL: https://everettweb.newzware.com/newzlib/js/jquery/jquery-ui-themes-1.8.18/themes/base/jquery.ui.all.css

Domain: everettweb.newzware.com
URL: https://everettweb.newzware.com/ss70v2/common/nwpagetrac.jsp?nwpagetrac=King%20Cobra%20Gummies%20Reviews%20(Scam%20or%20Legit)%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com---National%20Marketplace

Domain: everett.newzware.com
URL: https://everett.newzware.com/newzlib/images/milky-icons/48/80.png

Domain: everett.newzware.com
URL: https://everett.newzware.com/newzlib/images/milky-icons/48/23.png

Domain: everett.newzware.com
URL: https://everett.newzware.com/newzlib/images/milky-icons/48/84.png

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4

Domain: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Domain: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Verdicts & Comments Add Verdict or Comment

511 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
soundpublishing.blueconic.net/DG/DEFAULT	1970-01-20 10:37:25	Name: BCSessionID Value: 6601c81d-eba7-447f-9913-4b77be8dfd1c
www.heraldnet.com/	1970-01-20 01:53:16	Name: spi-adslots Value: %5B%22f4e5f220-2efc-45a1-869f-0b293f8aec73%22%2C%201036994%2C%20%5B%5B2%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B3%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%20%5B320%2C%2050%5D%22%5D%2C%20%5B4%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B5%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B6%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B7%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B8%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B9%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B10%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B11%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B12%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%2C%20%5B13%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B14%2C%20%22%5B300%2C%20600%5D%2C%20%5B300%2C%20250%5D%22%5D%5D%5D
www.heraldnet.com/	1970-01-20 01:53:16	Name: spi-check Value: 0
www.heraldnet.com/	1970-01-20 02:35:01	Name: nwssmcookie Value: ssm
.heraldnet.com/	1970-01-20 10:37:25	Name: bc_tstgrp Value: 2
www.heraldnet.com/	1970-01-30 01:50:23	Name: nwcompname Value: 6xPKSzaa
www.heraldnet.com/	1970-01-20 01:59:01	Name: nwpagetrac Value: King%20Cobra%20Gummies%20Reviews%20%28Scam%20or%20Legit%29%20-%20Pros%2C%20Cons%2C%20Side%20effects%20and%20How%20It%20works%20%7C%20HeraldNet.com---National%20Marketplace
.heraldnet.com/	1970-01-20 01:53:16	Name: _gid Value: GA1.2.772993816.1648309696
.heraldnet.com/	1970-01-20 01:51:49	Name: _gat_gtag_UA_52608_71 Value: 1
.heraldnet.com/	1970-01-20 01:51:51	Name: _ml_ses Value: *
.heraldnet.com/	1970-01-20 01:51:49	Name: _dc_gtm_UA-52608-71 Value: 1
.heraldnet.com/	1970-01-20 01:51:49	Name: _dc_gtm_UA-52608-48 Value: 1
.heraldnet.com/	1970-01-20 01:51:49	Name: _gat_UA-52608-71 Value: 1
.heraldnet.com/	1970-01-20 04:01:25	Name: _fbp Value: fb.1.1648309696157.591913107
.heraldnet.com/	1970-01-20 19:23:01	Name: _ga_2WM1N458VT Value: GS1.1.1648309696.1.0.1648309696.0
.heraldnet.com/	1970-01-20 19:23:01	Name: _ga Value: GA1.1.1978181241.1648309696
.heraldnet.com/	1970-01-20 19:23:01	Name: _ga_BHJYZD7VVN Value: GS1.1.1648309696.1.0.1648309696.0
.heraldnet.com/	1970-01-20 10:37:25	Name: BCSessionID Value: 6601c81d-eba7-447f-9913-4b77be8dfd1c
soundpublishing.blueconic.net/	1970-01-20 02:01:54	Name: AWSALBCORS Value: a52XpCWwkYN5wNSLbVKD6gUFeP/cCxGnLLFWeQzDV7QPWk2FFf27GpGyQogCXsqSVz7eE29y59gIalKVnxYPhqSk4GghbPlLBVZ4yFxE3u8UXRTFgn5NgIm+3S3S
.lijit.com/	1970-01-20 02:35:01	Name: ctag Value:
.doubleclick.net/	1970-01-20 11:13:25	Name: IDE Value: AHWqTUnfazqtEychieWHXlHeaSoRSxnlewoZfax3He2DYdKwsdS10t1bsLSYUM9gFaA
.adnxs.com/	1970-01-20 04:01:25	Name: uuid2 Value: 3873743939079258638
.casalemedia.com/	1970-01-20 10:37:25	Name: CMID Value: Yj81wkeoHZL2uzih6ELP.gAA
.casalemedia.com/	1970-01-20 04:01:25	Name: CMPS Value: 3267
.adnxs.com/	1970-01-20 04:01:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaNwXD[5!@wnfH8K6pQK`!5=E<L5?%M>l[Phg33DX0i)/D6_=r3n2`fDhAqD_r8<5bvbpRzqF1`b_sK*9W]y
.casalemedia.com/	1970-01-20 04:01:25	Name: CMPRO Value: 1106
.casalemedia.com/	1970-01-20 01:53:16	Name: CMST Value: Yj81wmI-NcIA
.doubleclick.net/	1970-01-20 01:51:50	Name: test_cookie Value: CheckForPermission
.heraldnet.com/	1970-01-20 11:13:25	Name: __gads Value: ID=98bef1ca991bb0f3-22351bd365cd0075:T=1648309697:S=ALNI_MbSRSUFPuMrEq0a8VF6aLSIJprRMg
.casalemedia.com/	1970-01-20 10:37:25	Name: CMRUM3 Value: 2d623f35c22760CAESEFCpzQyii8bfiCFF8kZp5e4
.redintelligence.net/	1970-01-20 04:01:25	Name: 8lcfmzhxc8d6_uid Value: 4d097e029d7c53ef
.retailads.net/	1970-01-20 02:35:01	Name: ppb2172 Value: 1292636162
.futalis.de/	1970-01-20 03:18:13	Name: raSIDb Value: 1292636162
.office-partner.de/	1970-01-21 01:51:49	Name: source Value: {"webgains_webgains":{"timestamp":1648309697962,"clickCookie":false}}
.adform.net/	1970-01-20 02:36:28	Name: C Value: 1
.adform.net/	1970-01-20 03:18:13	Name: uid Value: 3476101765235259395
pb.media01.eu/	1970-01-20 19:24:28	Name: DTU Value: C1A7C17E6418F5F9D9EDAF2A6884583E
.tribalfusion.com/	1970-01-20 04:01:25	Name: ANON_ID Value: aVnsIHpyXagbqiVREF6mDGfC7YteELGedg0GywfcZcirxrFvH5QtdfZaZbft4r6Kxf39WfZdHdVVfRlP3g8Srw7ZdsSK3
.pubmatic.com/	1970-01-20 01:53:16	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:01:25	Name: KADUSERCOOKIE Value: D95C814F-64A0-4850-AACB-F21F601B8DBB
.heraldnet.com/	1970-01-20 19:23:01	Name: _ml_id Value: 634a955f3c947650.1648309696.1.1648309706.1648309696

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://tj6w5.flx10.com/libs/launcher-1.0.0.js Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yj81wkeoHZL2uzih6ELP-gAABFIAAAIB&google_push=AYg5qPLguDghtXKRXisWh5NyfgZfaOmQXUDMKrn1XVJuLZtTxa3WBvPDhYae5KAelGkerzJVRtiedkx7-BxFQO2bD55iifXF5VqKEA&google_cver=1&google_gid=CAESEG3NQV7f1WJLiulRfyYbYA4 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

245370e652734410e6b6ebe2baf954ab.safeframe.googlesyndication.com
2qibqm39xjt6q46gf1rwo2g1-wpengine.netdna-ssl.com
a.tribalfusion.com
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
amplify-imp.outbrain.com
analytics.webgains.io
ap.lijit.com
api.userway.org
api.webgains.io
b1-nydc1.zemanta.com
b1t-nydc1.zemanta.com
b2cdn.automatad.com
c.amazon-adsystem.com
c1.adform.net
cdn.blueconic.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.retailads.net
cdn.userway.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
dsum-sec.casalemedia.com
everett-tpweb.newsengin.com
everett.newzware.com
everettweb.newzware.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
get.s-onetag.com
go.automatad.com
googleads.g.doubleclick.net
gslbeacon.lijit.com
hal9000.redintelligence.net
hal900015.redintelligence.net
ib.adnxs.com
image6.pubmatic.com
js.matheranalytics.com
k3vzn.flx10.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pb.media01.eu
pixel-sync.sitescout.com
pv.medialead.de
pxdrop.lijit.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
soundpublishing.blueconic.net
ssbsync.smartadserver.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tj6w5.flx10.com
tpc.googlesyndication.com
track.webgains.com
vap7ams1.lijit.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.accuweather.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.heraldnet.com
www.i.matheranalytics.com
zem.outbrainimg.com
cm.g.doubleclick.net
everett.newzware.com
everettweb.newzware.com
widgets.outbrain.com
104.111.214.80
104.198.41.198
104.90.148.43
107.178.250.234
108.157.4.127
108.161.188.228
13.250.84.106
138.201.135.164
142.250.181.226
142.250.184.194
143.204.95.188
143.204.98.117
143.204.98.122
143.204.98.127
143.204.98.53
143.204.98.68
145.239.193.130
151.101.114.132
185.86.137.108
185.93.2.243
2.18.234.190
2.22.34.3
216.52.2.39
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:225a:7200:1:a3fa:7cc0:93a1
2606:4700::6810:135e
2606:4700::6812:d05
2606:4700::6812:e234
2a00:1450:4001:801::200a
2a00:1450:4001:803::2003
2a00:1450:4001:803::2008
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9c
2a01:4f8:d0a:2321::2
2a02:6ea0:c700::1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a0b:4d07:101::1
3.234.170.180
34.192.73.232
34.196.36.29
37.157.6.247
37.252.172.36
46.236.13.147
46.4.10.49
49.12.16.151
52.25.128.56
54.72.0.164
54.76.176.197
64.202.112.223
66.155.71.25
72.251.249.14
8.28.7.81
88.198.250.30
92.122.147.230
94.31.29.29
99.83.181.31
02346ed14a17e5637ba289c1d943b8bd69a806cefd896b255b21ccc71eaa5f60
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da
0498512a69bfa3f071a9693410eaf239abffad22455ce40a76e2127cf5af4358
050ac56af5956ba98f655f5928f353ecd9e91f88dad34566266142c81587f372
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ddbded318b776a7225b9a9841c6a3614d22273524c505679852ba7e22acb4b
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
085cad78e1746c5971d947197077e32dbf8a3c1f8c43d34c500f4ba829ac7808
0b782e3e1c9041f83abe4f0b1f10d7da9bd75c6a0860479c345c772a2373e86d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3
0e6758fd59ce0b800d1ad9c0be911b62b945655f897e7edc01e2b8c74dea43c8
1018ec3b2b783b7f33981b053bef66cef58bfe711159f2cf274339f5fa338fbe
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147c3f11ad20a78f1aab28ace726457f75c2e43f09c4902c78a2ab9d83be4bbb
1767b25e798fb33f366623bf4b57dba5a3e3e1200a8ef80a3327790b1d2b6fb7
180c24bfd6f8bcf76d8dc91881034d116599fe2d95d07337d46ee38b9a0c6571
1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c
1b0e4dde65e1477fecf4e8f8e86133194652d7f773da8bfad5f7f219a998b5c6
1b0fb9fa09f426abbe7e5d50761008a3a45b7489b8137620eb45153dbfb1fef8
1bd5372b56a82f9cd4a0a4533f4a37ff11ce7952f051ae035fd5cbecf45094b8
1cd0dc6c99599dcf4386cdff332f787691af8a83476aaaf6491a048770306017
1e04869623e7d55cea9b9c5708ad71f3578cc21c7ce8173ef9555eb0def6dae7
1ecb3bc08c83c9843ac1f2d087850e435e90b774f4150b06662b315012b57b30
1eedecfa196954a7a91b50a7af86b71fd09691b24d821aed2225c00f051efa7f
20ba629d938b494afcc23b5b4eef49fcbeea07e1ac3627723bcdbe65b2275ae0
22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd
241120e717fa04aad472010465c2e396531bedbcb50b3e0955a55720d1639f74
2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
29538458bfbfd7a7af07dda0eb37c2da8b1309c43825e7a802e0ecf2c2e645d0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8
2c653bd43d2530e7785eb38d448556ace8e75435ea5cb510adb897ae4a4eaa55
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
31ae1079c810d14cf1983ea459ea06311e05202dcca4b5694b86dc97a7d76f3f
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35d3560abefdd86f4994b166ac3ba59f4ebf264b78310a63c7faf4c0e2d1c824
35ede826e79511d4161e0f1e572c5b0d67d7f0b8d816fdf6bbbddf3a95fb1ed5
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
38337065d2ba83c49659bef8761fe006f6a69deaad68c1b42fbd0ea64ab95980
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
39ac6dc839328f0af21a1f7b474f346d5603a9754007ac8732f71aabf39cf1e3
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bd64c7ec86814a8ebc88cb9effee19292e315bee76ca266451a96ef18dc96fe
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e3b76f1dc7aa8974b0a4625e59d82cb5decc2375db86bdf19504dc65429278b
3e65bc436e35cb24f4020abe8a71906ea53ca284df84095d6824e27f55883f90
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
40e0b1381eb74784690a674838c4139c0006221c5d2d0d8be4563a33f55ccbc5
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
43625e257a720becbb8c961a70c1423b110698f9ddd9c95a843f4c5e3ec7ad17
43692b59e1346e121cf086854acbda4788a27b1262e1dd87cb3e0d62fafc3b53
443eb58bb9fc1db1cdf7aa009b8df3a5bc6c833966bb684fc046b91fbd26d22e
469842e8b5a16750bfe4c51325641d947f4ae57c5e9a3aa3ca928bd3389791a7
48481acfa017729107a1f39beea68ed8b2486ccc3735608e19d3b0d714f28c71
48f61ffc80d0ed351d4f020f7a675c5dc8e1dbf0d7fbd1fe9922a6e8abcb888b
491ee20092ce969e6785601ae4595748d4ac5ee4df19012b19b77de6c9dfd357
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1a91c73a5ce32a7a11a30d18a0ad8e84acfea9987c2660de96293890f659ca
4ed55f464aa6a905c3dc6939c5629f1f323d447483590e754141ddec2e4e2208
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c405ed49b86d5366bfd0e71cc09f7b94c5ca0abb6d61ff513aebfd983447cf
5231de80b5bd6da2a6403b9064c32125caac4857751eefb06d86355eff9aa3f5
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c
532eb57ee3560da06005582dd96412961bfaaa86eacb07b327e8830e627b372a
5377b85929b89e53828ca9b7489ea8a9c4a112bd7384c8eadb38b8dea5df6983
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5b34224e4f12e389b7d930230e30ce33a62fc27c6744a0677aca919a5ef0c2d0
5c06b132c1ef6e46355586f7c837c1faf71776a9f7310aa208a8d962fd32f76a
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c5a63a864325e51a1ac832da94644b4ec7d66b70626760014ef7bf8b65ec448
5da32ead21ee2f8124a0e0a6884c9a0b4cf31cdaecd23fde4e527a7cc01b187d
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64694e17360f0d3cfb8b1c878db18070088cea291dcb891aa2cb6c5bde408af0
667ca4cb7cc0c21ac218c29d41366c4d0e168ad65e3f3d2193ada22788bc7eb1
67d508a44c5c2487c4541453fcfcc42e691d2dba2a28e4dea0390509287a2f70
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69b9fd9fdcd402efd3a04b16e0c48c2a3520a52c20ab9089aadab457380c4a5e
6a62f6f0bdff1d6fe9d1d2590d7a916307fb83f80c82332015369835e2c62580
6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
701f4c61adddc1617886e55ef3ca523dc72fedb697fc5e694b2c2508668eadfb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7505468536f0cc99279960b2e9380a1da3b766dbe27440f3562be6e974512e32
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
77df02596fd1112575c1216e4fcf85b08279a2b049f330625216deb1636e8218
7909343e290ff05c89a7a7f6aa6ca0887ccc87fc814a9768683d45380eb31b3b
79e645f1f8b17b090636f01ba6be1f67e490339cbad62e9db1197dad4e19f489
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
8792edce8bc57c9da1fe3788a0c68a3c7911ab01c24685142b9c4a40040273a2
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89f563a025cc8dfb46d317823ebda92ea606c32492e414ab46869754e4ec63de
8a813f5974c5c804073c051334b88bbbb33050be5442a75ef9e4c3abd6bdcc57
8c0300dabffb1ba133a3157fb33960c5793dd2ac46f3dc8a899fa312f909a337
8ce867bf45277a86a76bcd7aa27cf0746fbc97ad272f1f89ed396304ce9d28b2
8d94d035ee059c3587c97f407f2a48710b7b6f344e3afa6692c6533dd1ce7b91
9202a11aa05cd2ff82889ec9e2bad185930db44a17c18acfc1c238b0897d49d7
924ab92f51981a9555e89a6977fcda8e5f8d4cc1f262a30a0dbe9ecfdfe27094
9310328a2452fb4b9e16e3d9d93ea6c7cb9dc794372c30cad57e71ae2dcae031
93707aca0fd669f39a84bc8feaadb3eadc37c5f35113b2aee9782333b91a902d
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94e5dfb7f555617998a574800130c6c189133eb5fdb5e6d3d4da8282d0259d2f
97efeda8567c33ed3cd7eb616868f1282f50e8ca9ec1ebe3ab632b0913dbdc26
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a792dc8a0b0a4d05cf7908260e5ea80dea450f5ff0ea1df914512357ccded92
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf
9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535
9c48e1fc353b1cce9268a3878d9e6f6974b4b55be1d5ff5780e52d1535653208
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1659fa9643badfeb288ce6e5e39f8e4001c18818c5940a59a2d72ccb0c72be7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24c905619988e3cb9b56c51b3cd6597a6f5757624afa14e893fe44d6821ae17
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a603d7555a7e1933527cda0ab5a93224474273d957d55488806b70e7ab72be1b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad94ea1bc50aaf3b69323cbcc73629348c0abf5796d15ed15238ac4e01b81680
aea6e8c7e4689d4c1b4ef0745977ce004089c64d209b06a46bd92d88ed4e4e41
aff48fe7764c9635cc445bdcee90991586b072211a7dca611266849b5388f568
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14f4c886cf44fcf1c37c8bec13fea1eb825347df872e8661fb184ec5877d57c
b1a6a7997551d617d417096c50bbfad234009376fb563132103dfe95c1d6c683
b246a53f18c2f935ef32ebe685c439e9025821055bfdaa878de13f867640d111
b31e191ed9af0cd3bd9091e16cb7d5d542a658c7f1f3d8e17a1923c4b8509f1e
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6f9377931c12b8ff45ab3b6d758ea8fe5eccb9509b1b07288e0e9a5056a0518
b890bbb674791ad5da6dfdc3eef0a614c116e862704a0c2358125c545e1bfa9e
bb94ed1868039e4fc746ddbf710ea089b2bdef6c3a533395815285ceb00233fa
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1ec22ba6579e94254a4121e4f357ea5ba75b8dedc88417a07bd9fba626d77ef
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c265b2ad3b37b6490ba18353f0462823dbd082816145892b7f7cb075f16f5957
c2caa35c003cace3afb0040b3693a875b6a33d46790ea26c5e2e05c4015b77cb
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c4561b08958a46dc3feec476ca41390964583b28686fcd11a6f268b8272941ab
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd44506e0d5301c4d6605c5817a8df3a0e074b5ba6ca400004ffd6601973d146
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d4288b629693138397d02dc91a13d316624f3644cc678a5ef2ff6b04350707db
d63d6ec0c95bc07426b698ad3d6d02a85bd98b265808abf6fe6a5c1664c0ba87
d6897fd0ec8a97d5d9acc1ff5b94eb98d1ccc1641d0446e52b80246fd40024fb
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d83858231e5c1aed4e645c0e3168d312e106136741342c8289642b652bc06cc1
db252d5dd422d1195830b4356642b05a1894ca3e3058342d6351e4a02c9279a2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e453c5b4e6aa1d59a153e0e3dba7a2fd7f650af717505adc848f8da64f9ba89d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e64f9b7378c58ff4f389bf8a0eb21aaa297d72cc4ba64ddb044976b0bafb2b0f
e6b87be55eb9b248100cff3b96e683bdb21c01b63883593413550e1c750aa4cd
ea00948f5f91b35cbb5a9489c9c7dff8a252522a272e4efba6e388f4f86f3e4f
eac56592bcbf66d0da592c536e16330288fb0d47cead2fc5350589ab1cfd006c
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ecd9c33951693d45521124e3665ebe0d553dc14480240c9ef5984282007e4123
ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6
eef3ecfd98946a83434a3b7f21198b9ac78de0cfa45d82e6e686797250f1dc15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08ec3ed6fd0ebe53f6f4f9015acfb7443f1221ed76d9d575d2757d9db760a6b
f1c91af6c538d12340c0cae717a55e26e68e3e079cb768f86e9f0c3495107c62
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f759d83fbcd36613d335ed0caebdfeaf3228cccd28fbd8749a3edef80e4346a7
fbd7d5de5e7a55ea07ecf232b58b99732dee1f0900e59e4e8374ebab8ad52c43
fd8c8c291c39fcd494d4680a4262d84d62b0df9b79dc22e44c422a0f25d69fa2
fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7

www.heraldnet.com Open in urlscan Pro 104.198.41.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

285 Requests

93 %HTTPS

38 %IPv6

48 Domains

81 Subdomains

65 IPs

11 Countries

3319 kBTransfer

8806 kBSize

41 Cookies

18 Outgoing links

Redirected requests

285 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heraldnet.com Open in urlscan Pro
104.198.41.198 Public Scan

Screenshot
Live screenshot

Full Image

285
Requests

93 %
HTTPS

38 %
IPv6

48
Domains

81
Subdomains

65
IPs

11
Countries

3319 kB
Transfer

8806 kB
Size

41
Cookies

285 HTTP transactions
4 data transactions